Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Help-Inline Patching ASPACK 2.12(System Mechanic 4.0h)
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 04-02-2004, 12:01
ferrari
 
Posts: n/a
Help-Inline Patching ASPACK 2.12(System Mechanic 4.0h)
Target: System Mechanic Personal Edition Version 4.0h (As on 30/03/2004)
Download Target: h**p://www.iolo.com/sm/4/download.cfm

Protection: ASPACK 2.12 and Serial. . Here what u do to beat this proggie.
Thanks SatyricOn for your lesson no. 2 : Find one place where the "IsSystemMech4Registered" & "IsRegistrationKeyValid" is located and patch it. Gee..i found it the kiddie way

Quote:
004D6423 0F84 80000000 JE SysMech4.004D64A9

Change to

004D6423 |. 0F84 7C000000 JE SysMech4.004D64A5
I tested it and found no bug.

I tried inline Patching ASPACK'd System Mechanic but it will not allow me to copy the changes to executable. Can u guys tell me why? Temporary injection of my own code and running in Olly, the software will run registered killing all nags. But it will not allow to make changes permanent.

This is how i inject my code and it works. The app runs registered
00C704FE 68 E4666900 PUSH SysMech4.006966E4 (Signature bytes)

006966E4 C605 25644D00 >MOV BYTE PTR DS:[4D6425],7C
006966EB 68 C4666900 PUSH 006966C4 ( Real OEP)
006966F0 C3 RETN

Now if i try to make the changes permanent it will tell me that the data not found in the executable and will disable the "Copy" & "Copy All" button.
I'm using Olly v1.10 Step 2
How can i do it in Olly if i don't want to use Hiew
Someone plz explain
Regards,
Last edited by ferrari; 04-02-2004 at 12:17.
Reply With Quote
  #2  
Old 04-02-2004, 13:59
MrAnonymous
 
Posts: n/a
Seems to me like your trying to patch it after its already started its unpacking procedure, meaning those address's dont actually exist in the executable so OllyDBG is unable to write the changes, my best guess anyway.
Reply With Quote
  #3  
Old 04-02-2004, 15:55
SvensK
 
Posts: n/a
Just change the 00C704F4 75 08 JNZ SHORT SysMech4.00C704FE
to jump to your custom code then, jump back when it's executed.


Edit: Here's my solution.

00C704F4 E9 073E0100 JMP SysMech4.00C84300
00C704F9 90 NOP
00C704FA 90 NOP

00C84300 C605 25644D00 7C MOV BYTE PTR DS:[4D6425],7C
00C84307 ^E9 F2C1FEFF JMP SysMech4.00C704FE
Last edited by SvensK; 04-02-2004 at 16:39.
Reply With Quote
  #4  
Old 04-02-2004, 17:05
ferrari
 
Posts: n/a
Thank you both Mr.Anonymous and SvensK for ur help

Svensk i'l try ur solution and hopefully it will work

Regards,
Reply With Quote
  #5  
Old 04-02-2004, 17:10
SvensK
 
Posts: n/a
It's even easier to serial fish this baby. Took a few minutes.

Name: SvensK [pH]
Serial#: 74758-S4565-4654558635

Now you don't have to patch the exe at all. Enjoy
Last edited by SvensK; 04-02-2004 at 17:14.
Reply With Quote
  #6  
Old 04-02-2004, 17:14
ferrari
 
Posts: n/a
Hi,
It seems u use the point-H method but i when i used the same method it didn't show me the real serial only shows me the fake serial i enter..strange. So thats why i opted to patch it. Anywayz i did learn how to inline patch ASPACK
Thanks

Regards,
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Aspack 2.11c- Inline Problem ferrari General Discussion 6 04-27-2004 21:51
Inline Patching MaRKuS-DJM General Discussion 1 01-24-2004 23:03
Inline patching a packed dll drasd_20002 General Discussion 20 05-23-2003 15:11


All times are GMT +8. The time now is 16:35.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )