|
|
|
|
#1
10-08-2022, 23:09
|
|||
|
|||
|
Hi Zeocrack
I've analyzed your code, the culprit looks like comes from ripped code it is the assembly instruction mov ebp, temp which is overwriting value of register ebp (which is used when you call any WinAPI + passing some local variable eg in your case - after you damaged correct ebp value you are calling afterwards this: invoke SetDlgItemText,hWnd,ID_OUTPUT,addr buffer and it translates to the following asm code: CPU Disasm Address Hex dump Command Comments 004012DE |. 68 1E314000 PUSH OFFSET 0040311E ; /Text = "Z-K25494-2549" 004012E3 |. 6A 65 PUSH 65 ; |ControlID = 101. 004012E5 |. FF75 08 PUSH DWORD PTR SS:[EBP+8] ; |hDialog 004012E8 |. E8 AB000000 CALL and the crash is on the line which is trying to use the (damaged) value of EBP register... usually app should not use EBP as data register, so either do not use it (use another one), or if you need to use it - do the push ebp ... change ebp + math ...pop ebp 
|
 |
| Tags |
| keygening |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Keygenme (Easy?) | dila | Source Code | 8 | 07-25-2015 20:43 |
| new KeyGenMe | sezar21m | General Discussion | 18 | 10-16-2013 01:19 |
| ripping some data from upx packed file | macpiter | General Discussion | 4 | 11-09-2005 20:41 |
Hybrid Mode
