API tools faq
paste
LuciferAviSonicX

Untitled

LuciferAviSonicX
Nov 9th, 2017
114
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.77 KB | None | 0 0
raw download clone embed print report
  1. Engineering
  2. -----------
  3. To plan and design
  4. ------> A product, mechanical product, software, hardware product
  5.  
  6. 1. Forward Engineering
  7. We have a raw material and we build or engineer a full fledged product.
  8. We know how to code, we know what the users want and we know what to make ---> Software
  9. tyres + engine + suspension + frame + chasis = car
  10.  
  11. 2. Reverse Engineering
  12. We have a full flegde product, and we reconstruct it. We have a car and we open it... hing by hing. I will again construct it. So that i can modify and make it of much more use.
  13.  
  14. Finding bugs, flaws, and errors in the product.
  15.  
  16.  
  17. 3 softwares
  18. -----------
  19. 1. BPK Keylogger Detector
  20. 2. SMAC
  21. 3. Power ISO
  22.  
  23. ****Lena Reverse Me --> Legalised platform where we perform reverse engineering
  24. https://tuts4you.com/download.php?list.17
  25.  
  26. Requirements:
  27. 1. Windows 7 / XP*
  28. 2. Ollydbg ---> Debugging tool --> http://www.ollydbg.de/download.htm
  29. 3. Softwares upon which we will perform reverse engineering
  30.  
  31. 1. BPK Keylogger Detector
  32. -------------------------
  33. Download it from --> http://www.blazingtools.com/downloads.html#antispy
  34.  
  35. Right click ollydbg and click on extract all
  36.  
  37.  
  38. Step 1 - Install Keylogger Detector
  39. Step 2 - Open Keylogger Detector
  40. Step 3 - Click on the "register" tab --> Registration Keys
  41. Step 4 - Enter username and keys --> click on register
  42. Step 5 - It will show you a dialogue box. Copy the error message
  43. Step 6 - Open ollydbg ---> Right click ---> Run as administrator
  44. Step 7 - File --> Open --> "C:\Program Files\Keylogger Detector\antispy.exe"
  45. Step 8 - Click On play button ---> to run the program
  46. Step 9 - Click on "View" --> Executable Modules
  47. Step 10 - Double click .exe file from the list
  48. Step 11 - Click on play button again
  49. Step 12 - Right Click in the string column ----> Search for ---> All referenced Text String
  50. Step 13 - Right Click --> search for text
  51. Step 14 - In the appeared Dialogue box, paste the error message which we copied. Uncheck the "case sensitive" and tick the "entire scope"
  52. Step 15 - Double click the got pointer message
  53. Step 16 - Nevigate to the starting of the block in which the error message is displayed
  54. Step 17 - Put a break point in the starting of the block, by double clicking the reference row
  55. Step 18 - click on the close button which is on the left of play button
  56. Step 19 - Repeat Step number 7,8,9,10,11
  57. Step 20 - Click on register, enter registration code and click on register
  58. My OllyDBG will open automatically at the place where I have provided the break point.
  59. Step 21 - Click on the enter key, which is at 2nd position from the play button
  60. Step 22 - start clicking the next key from the enter key until you get the values.
  61. Step 23 - Stop when you receive the keys. Close all the stuf and open BPK Keylogger Detector. Enter the same username but this time you need to enter the obtained Seriel keys.
  62. Abra Ka Dabra ------
  63.  
  64. ---------------------------
  65. Registration error
  66. ---------------------------
  67. Registration code or user name is invalid. Please check all fields and try again!
  68. ---------------------------
  69. OK
  70. ---------------------------
  71.  
  72.  
  73.  
  74.  
  75. EAX 0018EB1C ASCII "TBRKDIEOABNGCKVA"
  76. ECX 0018EB2B
  77. EDX 00000041
  78. EBX 00000001
  79. ESP 0018EB08
  80. EBP 0018EB78
  81. ESI 76A22B7A kernel32.lstrcatA
  82. EDI 00090250
  83. EIP 00404A04 antispy.00404A04
  84. C 0 ES 002B 32bit 0(FFFFFFFF)
  85. P 1 CS 0023 32bit 0(FFFFFFFF)
  86. A 0 SS 002B 32bit 0(FFFFFFFF)
  87. Z 1 DS 002B 32bit 0(FFFFFFFF)
  88. S 0 FS 0053 32bit 7EFDD000(FFF)
  89. T 0 GS 002B 32bit 0(FFFFFFFF)
  90. D 0
  91. O 0 LastErr ERROR_SUCCESS (00000000)
  92. EFL 00000246 (NO,NB,E,BE,NS,PE,GE,LE)
  93. ST0 empty -??? FFFF 00000066 00660066
  94. ST1 empty -??? FFFF 00000000 00083600
  95. ST2 empty -??? FFFF 00000000 00010000
  96. ST3 empty 1285.9999712556600570
  97. ST4 empty 1.0000000000000000000
  98. ST5 empty 1.0000000000000000000
  99. ST6 empty 16.000000000000000000
  100. ST7 empty 16.000000000000000000
  101. 3 2 1 0 E S P U O Z D I
  102. FST 4020 Cond 1 0 0 0 Err 0 0 1 0 0 0 0 0 (EQ)
  103. FCW 027F Prec NEAR,53 Mask 1 1 1 1 1 1
  104.  
  105.  
  106.  
  107. 2. SMAC
  108. -------
  109.  
  110. Step 1 - Install SMAC
  111. Step 2 - Open SMAC by right click ---> Run as Administrator
  112. Step 3 - Enter Registration Keys
  113. Step 4 - click on register
  114. Step 5 - It will show you a dialogue box. Copy the error message
  115. Step 6 - Open ollydbg ---> Right click ---> Run as administrator
  116. Step 7 - File --> Open --> "C:\Program Files(x86)\KLC\SMAC\SMAC.exe"
  117. Step 8 - Click On play button ---> to run the program
  118. Step 9 - Click on "View" --> Executable Modules
  119. Step 10 - Double click .exe file from the list
  120. Step 11 - Click on play button again
  121. Step 12 - Right Click in the string column ----> Search for ---> All referenced Text String
  122. Step 13 - Right Click --> search for text
  123. Step 14 - In the appeared Dialogue box, paste the error message which we copied. Uncheck the "case sensitive" and tick the "entire scope"
  124.  
  125.  
  126.  
  127.  
  128. ---------------------------
  129. SMAC 2.0
  130. ---------------------------
  131. Invalid Registration ID.
  132. ---------------------------
  133. OK
  134. ---------------------------
  135.  
  136.  
  137.  
  138. Text strings referenced in SMAC:.text, item 5103
  139. Address=0048BCF6
  140. Disassembly=PUSH SMAC.00438AB8
  141. Text string=UNICODE "-375M-3932-563F-4967"
  142.  
  143.  
  144.  
  145.  
  146. Text strings referenced in SMAC:.text, item 5102
  147. Address=0048BCF1
  148. Disassembly=PUSH SMAC.0043222C
  149. Text string=UNICODE "SMC2U"
  150.  
  151.  
  152. SMC2U-375M-3932-563F-4967
  153.  
  154.  
  155.  
  156.  
  157.  
  158. ---------------------------
  159. SMAC 2.0
  160. ---------------------------
  161. Invalid Registration ID entered.
  162. ---------------------------
  163. OK
  164. ---------------------------
  165.  
  166.  
  167.  
  168.  
  169.  
  170. 004874EF . C785 58FFFFFF >MOV DWORD PTR SS:[EBP-A8],SMAC.00438A48 ; UNICODE "This product has been successfully registered."
  171.  
  172. JMP 004874EF
  173.  
  174.  
  175.  
  176.  
  177.  
  178. ---------------------------
  179. SMAC 2.0
  180. ---------------------------
  181. This product has been modified and will shutdown.
  182. ---------------------------
  183. OK
  184. ------------------------
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!