Tulisan Dasar Cracking
Selamat Datang................. Cracker..........
Tutorial Cracking :

iCal v2.2

Target  : iCal v2.2
Tool     : SoftIce v4.05

Protection program ini cukup lumayan menurut gue, cukuplah untuk membuat newbie teler seketika :) Tapi inget walau elu newbie, elu bukan newbie forever, skills elu akan meningkat seiring dengan makin rajinnya elu berlatih.

Jalankan iCal, klik di idle server dulu, lalu di about isikan sembarang Username, dan sembarang Serial, lalu sebelum tekan start pasang breakpoint di hmemcpy, lalu bolehlah kamu sekarang teken start ! Kamu akan break , trace sampai kamu masuk ke dalam kode berikut :

:00485C88 8945EC MOV [EBP-14],EAX
:00485C8B 8D45F0 LEA EAX,[EBP-10]
:00485C8E 50 PUSH EAX
:00485C8F 8D4DF4 LEA ECX,[EBP-0C]
:00485C92 8B55F8 MOV EDX,[EBP-08]
:00485C95 8B45FC MOV EAX,[EBP-04]
:00485C98 E8F76BFDFF CALL 0045C894 -->> Rutin Serial !
:00485C9D 8BD8 MOV EBX,EAX
:00485C9F 84DB TEST BL,BL
:00485CA1 7518 JNZ 00485CBB -->> kalau cocok, lompat !

Kalau kamu belum mengerti bagaimana sehingga bisa masuk ke kode tsb, silahkan baca tutorial yang lain, berarti dengan sangat menyesal, level kamu belum cocok disini :)

Trace ke dalam rutin serial :

:0045C8DF E8F075FAFF CALL 00403ED4
:0045C8E4 8B45E8 MOV EAX,[EBP-18] -->> 1st char of S.N
:0045C8E7 BAE0CA4500 MOV EDX,0045CAE0 -->> Const = "C"
:0045C8EC E8EF74FAFF CALL 00403DE0 -->> Bandingkan !
:0045C8F1 750D JNZ 0045C900 -->> Ngak sama, cabut !
:0045C8F3 8B45F8 MOV EAX,[EBP-08]
:0045C8F6 E8D573FAFF CALL 00403CD0 -->> Hitung panjang serial ?
:0045C8FB 83F808 CMP EAX,08 -->> 8 karakter ?
:0045C8FE 7410 JZ 0045C910 -->> Ya, lanjutkan !
:0045C900 8B45F4 MOV EAX,[EBP-0C]
:0045C903 C700FFFFFFFF MOV DWORD PTR [EAX],FFFFFFFF
:0045C909 33DB XOR EBX,EBX
:0045C90B E98F010000 JMP 0045CA9F
:0045C910 8B45F8 MOV EAX,[EBP-08]
:0045C913 E8B873FAFF CALL 00403CD0
:0045C918 48 DEC EAX
:0045C919 85C0 TEST EAX,EAX
:0045C91B 7E36 JLE 0045C953
:0045C91D BA01000000 MOV EDX,00000001
-------------- Rutin Pengecek S.N dari karakter 20h = " " dan 2Dh = "-" dimulai ---------
:0045C922 8B4DF8 MOV ECX,[EBP-08]
:0045C925 0FB60C11 MOVZX ECX,BYTE PTR [EDX+ECX]
:0045C929 83F920 CMP ECX,20
:0045C92C 7C11 JL 0045C93F
:0045C92E 81F9C8000000 CMP ECX,000000C8
:0045C934 7F09 JG 0045C93F
:0045C936 8B4DF8 MOV ECX,[EBP-08]
:0045C939 803C112D CMP BYTE PTR [EDX+ECX],2D
:0045C93D 7510 JNZ 0045C94F
:0045C93F 8B45F4 MOV EAX,[EBP-0C]
:0045C942 C700FFFFFFFF MOV DWORD PTR [EAX],FFFFFFFF
:0045C948 33DB XOR EBX,EBX
:0045C94A E950010000 JMP 0045CA9F
:0045C94F 42 INC EDX
:0045C950 48 DEC EAX
:0045C951 75CF JNZ 0045CA22
-------------- Akhir dari Rutin pengecek -----------------
:0045C953 8D45E8 LEA EAX,[EBP-18]
:0045C956 50 PUSH EAX
:0045C957 B903000000 MOV ECX,00000003
:0045C95C BA02000000 MOV EDX,00000002
:0045C961 8B45F8 MOV EAX,[EBP-08]
:0045C964 E86B75FAFF CALL 00403ED4
:0045C969 8B45E8 MOV EAX,[EBP-18]-->> 3 karakter sesudah "C" = "234"
:0045C96C E8DFA9FAFF CALL 00407350 -->> Ubah ke integer !
:0045C971 8BD8 MOV EBX,EAX -->> ebx=eax=integer dari "234"
:0045C973 8D45E8 LEA EAX,[EBP-18]
:0045C976 50 PUSH EAX
:0045C977 B904000000 MOV ECX,00000004
:0045C97C BA05000000 MOV EDX,00000005
:0045C981 8B45F8 MOV EAX,[EBP-08]
:0045C984 E84B75FAFF CALL 00403ED4
:0045C989 8B45E8 MOV EAX,[EBP-18] -->> karakter ke 5 sampai akhir = "5432"
:0045C98C E8BFA9FAFF CALL 00407350 -->> Ubah ke integer !
:0045C991 8BF0 MOV ESI,EAX -->> esi=eax=integer "5432"
:0045C993 2BF3 SUB ESI,EBX -->> esi=5432-234
:0045C995 8BC3 MOV EAX,EBX -->> eax=234
:0045C997 03C0 ADD EAX,EAX -->> eax=eax*2
:0045C999 8D0480 LEA EAX,[EAX*4+EAX] -->> eax=eax*5
:0045C99C 2BF0 SUB ESI,EAX -->> esi=esi-eax
:0045C99E 85F6 TEST ESI,ESI -->> nilai esi negatif ?
:0045C9A0 7D06 JGE 0045C9A8
:0045C9A2 81C610270000 ADD ESI,00002710 -->> jika ya, maka tambah dengan 2710h
:0045C9A8 8D55F0 LEA EDX,[EBP-10]
:0045C9AB 8BC6 MOV EAX,ESI -->> eax=esi
:0045C9AD E86EA9FAFF CALL 00407320 -->> ubah kembali eax ke string
:0045C9B2 EB10 JMP 0045C9C4
:0045C9B4 8D45F0 LEA EAX,[EBP-10]
:0045C9B7 8B4DF0 MOV ECX,[EBP-10]
:0045C9BA BAECCA4500 MOV EDX,0045CAEC
:0045C9BF E85873FAFF CALL 00403D1C
:0045C9C4 8B45F0 MOV EAX,[EBP-10] -->> eax = string esi tadi
:0045C9C7 E80473FAFF CALL 00403CD0
:0045C9CC 83F804 CMP EAX,04
:0045C9CF 7CE3 JL 0045CAB4
:0045C9D1 8D45E8 LEA EAX,[EBP-18]
:0045C9D4 8B55F0 MOV EDX,[EBP-10] -->> edx = string esi -->> Magic#1
:0045C9D7 8A12 MOV DL,[EDX]-->> dl = karakter pertama dari EDX
:0045C9D9 E81A72FAFF CALL 00403BF8
:0045C9DE 8B45E8 MOV EAX,[EBP-18]
:0045C9E1 E86AA9FAFF CALL 00407350 -->> ubah ke integer
:0045C9E6 8B5508 MOV EDX,[EBP+08]
:0045C9E9 8902 MOV [EDX],EAX
:0045C9EB 8B45FC MOV EAX,[EBP-04]-->> User Name
:0045C9EE E8DD72FAFF CALL 00403CD0 -->> Hitung length !
:0045C9F3 33DB XOR EBX,EBX -->> EBX = 0
:0045C9F5 85C0 TEST EAX,EAX
:0045C9F7 7E13 JLE 0045CA0C
:0045C9F9 BA01000000 MOV EDX,00000001 -->> EDX=1 -->> Counter !
-------------- Rutin penjumlahan semua karakter dari UserName Dimulai -------------
:0045C9FE 8B4DFC MOV ECX,[EBP-04]
:0045CA01 0FB64C11FF MOVZX ECX,BYTE PTR [EDX+ECX-01]
:0045CA06 03D9 ADD EBX,ECX
:0045CA08 42 INC EDX
:0045CA09 48 DEC EAX
:0045CA0A 75F2 JNZ 0045CAFE
-------------- End Rutin -->> ebx = jumlah dari semua karakter di User Name -------
:0045CA0C 8D55EC LEA EDX,[EBP-14]
:0045CA0F 8BC3 MOV EAX,EBX
:0045CA11 E80AA9FAFF CALL 00407320 -->> EAX to string
:0045CA16 8B45EC MOV EAX,[EBP-14] -->> D EAX !
:0045CA19 E8B272FAFF CALL 00403CD0
:0045CA1E 8B55EC MOV EDX,[EBP-14]
:0045CA21 8A5402FF MOV DL,[EAX+EDX-01] -->> Karakter terakhir dari EDX ! (M#2)
:0045CA25 8D45E8 LEA EAX,[EBP-18]
:0045CA28 E8CB71FAFF CALL 00403BF8
:0045CA2D 8B45E8 MOV EAX,[EBP-18]
:0045CA30 E81BA9FAFF CALL 00407350
:0045CA35 8BD8 MOV EBX,EAX
:0045CA37 8D45E8 LEA EAX,[EBP-18]
:0045CA3A 8B55F0 MOV EDX,[EBP-10]
:0045CA3D 8A5201 MOV DL,[EDX+01]-->> Karakter kedua dari Magic#1
:0045CA40 E8B371FAFF CALL 00403BF8 -->> Ubah ke integer !
:0045CA45 8B45E8 MOV EAX,[EBP-18]
:0045CA48 E803A9FAFF CALL 00407350
:0045CA4D 3BC3 CMP EAX,EBX -->> Bandingkan karakter kedua Magic#1 - M#2 !
:0045CA4F 740D JZ 0045CA5E
:0045CA51 8B45F4 MOV EAX,[EBP-0C]
:0045CA54 C700FFFFFFFF MOV DWORD PTR [EAX],FFFFFFFF
:0045CA5A 33DB XOR EBX,EBX
:0045CA5C EB41 JMP 0045CA9F
:0045CA5E 8D45E8 LEA EAX,[EBP-18]
:0045CA61 50 PUSH EAX
:0045CA62 B902000000 MOV ECX,00000002
:0045CA67 BA03000000 MOV EDX,00000003
:0045CA6C 8B45F0 MOV EAX,[EBP-10]
:0045CA6F E86074FAFF CALL 00403ED4
:0045CA74 8B45E8 MOV EAX,[EBP-18]
:0045CA77 E8D4A8FAFF CALL 00407350
:0045CA7C 8B55F4 MOV EDX,[EBP-0C]
:0045CA7F 8902 MOV [EDX],EAX
:0045CA81 8B45F4 MOV EAX,[EBP-0C]
:0045CA84 833832 CMP DWORD PTR [EAX],32
:0045CA87 7D0B JGE 0045CA94
:0045CA89 8B45F4 MOV EAX,[EBP-0C]
:0045CA8C 8100D0070000 ADD DWORD PTR [EAX],000007D0
:0045CA92 EB09 JMP 0045CA9D
:0045CA94 8B45F4 MOV EAX,[EBP-0C]
:0045CA97 81006C070000 ADD DWORD PTR [EAX],0000076C
:0045CA9D B301 MOV BL,01
:0045CA9F 33C0 XOR EAX,EAX
:0045CAA1 5A POP EDX
:0045CAA2 59 POP ECX
:0045CAA3 59 POP ECX
:0045CAA4 648910 MOV FS:[EAX],EDX
:0045CAA7 68CECA4500 PUSH 0045CACE
:0045CAAC 8D45E8 LEA EAX,[EBP-18]
:0045CAAF BA03000000 MOV EDX,00000003
:0045CAB4 E8BF6FFAFF CALL 00403A78
:0045CAB9 8D45F8 LEA EAX,[EBP-08]
:0045CABC BA02000000 MOV EDX,00000002
:0045CAC1 E8B26FFAFF CALL 00403A78
:0045CAC6 C3 RET

Gimana ? Dengan level medium elu, mustinya elu udah mengerti gimana cara mereverse algoritma diatas :)

WebMaster
Terus      Kembali
Komentar dan Mailing List
Crack One Software Every Day Make You The Real Cracker