Using ollydbg hack software

well, nonsense not much to say, the tutorial begins.
We first check the shell, is the shell of Aspark, for this shell, we should be very familiar with.
<ignore_js_op>
I've taken off the shell and checked the shell, it's dephi.
<ignore_js_op>
<ignore_js_op>
Let's use the software first to learn more about
<ignore_js_op>
<ignore_js_op>
It is clear that unregistered versions cannot use features such as "Single Challenge", "Network Challenge", and so on, so that these features can be used.

Okay, we'll load the software with ollydbg.
<ignore_js_op>
Directly let the software run, and click on the "Single Challenge", arbitrarily select the level, pop "unregistered"

Let the software pause and click "View"-"Call stack" to pop up the stack window,
<ignore_js_op>
Select the last line, right-click, select Show Call, come to the pop-up window
<ignore_js_op>
Analysis, obviously 00569a7f is the key to jump. There are friends to say, not the line of "jnz" to "Je" on it? Yes, it does, but because there are a lot of features that are not available for unregistered versions, if you change it here, other features (such as network challenges) have to be modified in such a way. Isn't that annoying? So we're going to find the key that makes this jump jump to unregistered
<ignore_js_op>
We F2 breakpoints at the beginning of this code, re-run the software, click on the "single-player Challenge", arbitrarily select the level, the program immediately paused, ollydbg prompt has a breakpoint. Then step by step analysis, found 00569a7c code seems to be the key to determine whether to register. Single-step operation to 00569a7c,cpu below the small window display ds[005731e4]=00, it is obvious, as long as DS[005731E4]=01, then the program is registered. We right click on this prompt and select "Follow Address in Data Window",
<ignore_js_op>
, change 005731E4 of data to 01

 

 

The next step is to generate the cracked file, right-click on the Data window, select "Copy to Executable", right click on the popup window, select "Save File"
<ignore_js_op>

<ignore_js_op>
We try to crack the file after it is ready, there is no limit
<ignore_js_op>
Here, the tutorial is over, everybody go down and practice well. I modified the interface of the software,
<ignore_js_op>

<ignore_js_op>
attach the address of the software http://u.115.com/file/f3af9dca33 Happy Knowledge Quiz. zip
One of the Kxqa.exe is the original program, shelled. EXE is the file after shelling, cracked. exe is a cracked file, Happy knowledge Quiz. exe is the file after I modify the software interface

Using ollydbg hack software