OllyDBG - VERY simple bypass

Lets get down to business on ASM, reverse engineering, product activation, and what it's really all about. [ THERE ARE NO WAREZ HERE ]

OllyDBG - VERY simple bypass

Postby undream » Thu Jul 02, 2009 7:57 am

hi all.

I'm trying to bypass a personal gam client registration screen. The logis is like that:

The client is personal. So it just lets the creator's accounts to log in.

There is a hardcoded "usarname" list in the exe file. The clients checks the username you write (to login) if it is in the username list.

If the name is in the list, it runs perfectly. If not, it just crashes.



How can I bypass a situation like that ? I know the username that works for the client. Tried to change it with hex editing, but was unabl because I was changing the "length" of the name and so that the file size was changing.

I tried to locate the adress that "crashes" the client (after the unsucessfull name check) and I tried to bypass the crash, but I guess it checks the name in many points so when I bypass one crash, other crashes occur.

What can I do in a condition like this ? Waiting for some professional supprt ^^


Thanks for reading.
undream
n00b
 
Posts: 2
Joined: Thu Jul 02, 2009 7:50 am

Re: OllyDBG - VERY simple bypass

Postby IceDane » Thu Jul 02, 2009 12:43 pm

hi all.

I'm trying to bypass a personal gam client registration screen. The logis is like that:

The client is personal. So it just lets the creator's accounts to log in.

There is a hardcoded "usarname" list in the exe file. The clients checks the username you write (to login) if it is in the username list.

If the name is in the list, it runs perfectly. If not, it just crashes.



How can I bypass a situation like that ? I know the username that works for the client. Tried to change it with hex editing, but was unabl because I was changing the "length" of the name and so that the file size was changing.

I tried to locate the adress that "crashes" the client (after the unsucessfull name check) and I tried to bypass the crash, but I guess it checks the name in many points so when I bypass one crash, other crashes occur.

What can I do in a condition like this ? Waiting for some professional supprt ^^


Thanks for reading.
You can easily change the name, just pad the rest with 0 bytes. E.g., if you have a name that's 3 characters shorter than the username in the file, you can simply write your name, then three 0 bytes.
User avatar
IceDane
Because I Can
 
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Re: OllyDBG - VERY simple bypass

Postby ev66 » Sun Oct 04, 2009 4:49 am

Good advice. Thanks
User avatar
ev66
n00b
 
Posts: 2
Joined: Sat Oct 03, 2009 3:03 am


Return to ā€œ%sā€ Apps & RE

Who is online

Users browsing this forum: No registered users and 0 guests

cron