C++ Console Application
 

Hello.
I was wondering how can i get password which is compeared as
passEntered[1]=='t'
OR something in that style.
There is no strcmp

How can i break on something like this, or find it in string references,.

Could be difficult as is, inside the apps would probably be
something like cmp reg,'t', which could be quite hard to
locate as long as you are not supposed to know the 't' part...

So, instead of focusing on what you can't locate easily, why not
starting your trace at the point where the program retrieve the
password ? (using functions such as getchar, or fget.. ?)

etherlord

What you wrote,is not an strcmp,because one of operands is only a char.
This compare can be simply written in assembly like this:

lea al,byte ptr [passEntered + 1]
cmp al,74h
jne IsNotEqual

sincerely yours

You cant break at all but you need to check HEX bytes in your disasmbler like IDA.I dont see anything hard about this

passEntered[0]=='???'
passEntered[1]=='t'
passEntered[..]=='???'


its all there just chech how long password is and which chars does it uses :)


Bye

well tracing from the point of entrance....i know that it uses std::cin to enter the password, i am not sure how to find that in either IDA w3dasm or olly.
any ideas?

Maybe you should look for the ReadConsole call ...

Kerstin

ReadConsole is not in IAT.
the inpute is done using std::cin function.
The IDE is devcpp 5.
does anyone know how i can locate the std::cin function?

Use IDA. It may recognize standart ?and C++ functions by signatures.
In Name window (after analizyng) you will see std::cin and will may look for
all calls to it.

String equality is often checked with REP CMPSB (or more likely (len>>2) * CMPSD + (len & 3) *CMPSB), then JNZ @mismatch.

Maybe using hardware breakpoints on Read or Write Access could help.