SlideShare a Scribd company logo

13.the use of api's in software, avoiding doublechecking tricks hangul

โ€ข
โ€ข
R
re4lfl0w

13.the use of api's in software, avoiding doublechecking tricks hangul

Software
1 of 18
Download to read offline
13.The use of API's in software, avoiding doublechecking tricks 2012 ๋…„ 2 ์›” 4 ์ผ ํ† ์š”์ผ ์˜ค์ ‚ 9:30 Hello everybody. ๋ชจ๋‘๋“ค ์•ˆ๋…•. Welcome to this Part 13 in my series about reversing for newbies/beginners. ๋‚˜์˜ ์ดˆ๋ณด์ž reversing series Part 13 ์— ์˜จ ๊ฒƒ์„ ํ™–์˜ํ•ด. This "saga" is intended for complete starters in reversing, also for those without any programming experience at all. ์ด "saga"๋Š” ์™„๋ฒฝํžˆ reversing ์ดˆ๋ณด์ž๋ฅผ ๋งž์ถฐ์„œ ๋งŒ๋“ค์–ด์กŒ๋‹ค. ๋˜ํ•œ ์–ด๋– ํ•œ programming ๊ฒฝํ—˜์ด ์—†์–ด๋„ ๋œ๋‹ค. Lena151 (2006) Set your screen resolution to 1152*864 and press F11 to see the movie full screen !!! Again, I have made this movie interactive. You screen ํ•ด์ƒ๋„๋ฅผ 1152*864 ๋กœ ์„ค์ •ํ•ด ๊ทธ๋ฆฌ๊ณ  full screen ์œผ๋กœ movie ๋ฅผ ๋ณด๊ธฐ ์œ„ํ•ด F11 ๋ฅผ ๋ˆŒ๋Ÿฌ So, if you are a fast reader and you want to continue to the next screen, just click here on this invisible hotspot. You don't see it, but it IS there on text screens. ๊ทธ๋ž˜์„œ, ๋„ค๊ฐ€ ์ด๊ฒƒ์„ ๋นจ๋ฆฌ ์ฝ๊ณ  ๋‹ค์Œ screen ์„ ๋ณด๊ณ  ์‹ถ๋‹ค๋ฉด, ๋ณด์ด๋Š” hotspot ์—ฌ๊ธฐ๋ฅผ ๋ˆŒ๋Ÿฌ. ๋ณด๊ณ  ์‹ถ์ง€ ์•Š์„ ๋•Œ๋Š” ์—ฌ๊ธฐ์— ๋‘์ง€๋งˆ. Then the movie will skip the text and continue with the next screen. Movie ๋Š” text ์™€ ๋‹ค์Œ screen ์„ skip ํ•  ์ˆ˜ ์žˆ๋‹ค. If something is not clear or goes too fast, you can always use the control buttons and the slider below on this screen. ๋ฌด์–ธ๊ฐ€ ๋ช…ํ™•ํ•˜์ง€ ์•Š๊ฑฐ๋‚˜ ๋นจ๋ฆฌ ๋„˜๊ธฐ๊ณ ์ž ํ•  ๋•Œ, ํ•ญ์ƒ control button ๊ณผ ์ด screen ๋ฐ‘์— ์žˆ๋Š” slider ๋ฐ”๋ฅผ ์‚ฌ์šฉํ•ด. He, try it out and click on the hotspot to skip this text and to go to the next screen now!!! ๋„์ ‚ํ•ด๋ด. ๊ทธ๋ฆฌ๊ณ  ์ด text ์™€ ๋‹ค์Œ screen ์„ ๋ณด๊ธฐ ์œ„ํ•ด hotspot ์„ click ํ•ด. 1. Abstract In Part12, we found a case where simply patching the reg scheme sufficed to also effectively register the program.
์ด๋ฒˆ Part12 ์—์„œ, ์šฐ๋ฆฌ๋Š” program ์„ ํšจ๊ณผ์ ์œผ๋กœ ๋“ฑ๋กํ•˜๊ธฐ ์œ„ํ•˜์—ฌ ๊ฐ„๋‹จํžˆ reg scheme ์„ patching ํ•˜๋Š” ์‚ฌ๊ฑด์„ ์ฐพ์•˜๋‹ค. However in this Part 13, we will reverse a "real" application to learn something about defenses to trick the reverser, in the case doublechecks. ์ด๋ฒˆ Part13 ์—์„œ, ์šฐ๋ฆฌ๋Š” doublecheck case ์—์„œ reverser ๋ฅผ ์†์ด๋Š” ๊ฒƒ์„ ๋ฐฉ์–ดํ•˜๊ณ  ๋ฐฐ์šฐ๊ธฐ ์œ„ํ•ด "real" application ์„ reverse ํ•  ๊ฒƒ์ด๋‹ค. For better comprehension and if you are a newbie, I advise you to first see the previous parts in s this series before seeing this movie. ์ข€ ๋” ์ดํ•ด๋ ฅ์„ ๋†’์ด๊ณ  ๋„ค๊ฐ€ ์ดˆ๋ณด์ž๋ผ๋ฉด, ๋‚˜๋Š” ์ด movie ๋ฅผ ๋ณด๊ธฐ ์ ‚์— ์ด series ์˜ ์ด์ ‚ parts ๋ฅผ ๋จผ์ € ๋ณด๋ผ๊ณ  ์กฐ์–ธ์„ ํ•œ๋‹ค. The goal of this tutorial is to teach you something about a program's behaviour. ์ด tutorial ์˜ ๋ชฉํ‘œ๋Š” ๋„ˆ์—๊ฒŒ program's behaviour ์— ๋Œ€ํ•˜์—ฌ ๊ฐ€๋ฅด์น˜๊ธฐ ์œ„ํ•œ ๊ฒƒ์ด๋‹ค. In my search not to harm somebody, I found an old version of Xoftspy(version 4.13.88) which is no longer available for download. ๋‚˜์˜ ์—ฐ๊ตฌ๋Š” ๋ˆ„๊ตฌ์—๊ฒŒ๋„ ํ•ด๊ฐ€ ๋˜์ง€ ์•Š๋Š”๋‹ค, ๋‚˜๋Š” Xoftspy(version 4.13.88)์˜ old version ์„ ์ฐพ์•˜๋‹ค. ๊ทธ๊ฒƒ์€ ๋” ์ด์ƒ download ๊ฐ€ ๊ฐ€๋Šฅํ•˜์ง€ ์•Š๋‹ค. Taking a look in the specialized media, I also found this application to be "cracked" already. ํŠนํ™”๋œ media ๋ฅผ ๋ด, ๋‚˜๋Š” ์ด๋ฏธ "cracked"๋œ application ์„ ์ฐพ์•˜๋‹ค. Here, this applications is only chosen because it is ideal for this tutorial in reversing and it is targeted for educational purposes only. ์—ฌ๊ธฐ, ์ด applications ์€ ์˜ค์ง ์„ ํƒ๋๋‹ค. ์™œ๋ƒํ•˜๋ฉด ์ด๊ฒƒ์€ reversing tutorial ์— ์ด์ƒ์ ์ด๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ด target ๋œ ๊ฒƒ์€ ์˜ค์ง ๊ต์œก์ ์ธ ๋ชฉ์ ์ด๋‹ค. I hope you will exploit your newly acquired knowledge in a positive way. ๋„ค๊ฐ€ ์–ป์€ ์ƒˆ๋กœ์šด ์ง€์‹์„ ๊ธ์ •์ ์ธ ๋ฐฉํ–ฅ์œผ๋กœ ์ด์šฉํ•˜๊ธธ ๋ฐ”๋ž€๋‹ค. In this matter, I also want to refer to Part 1. ๋ฌธ์ œ๊ฐ€ ์žˆ์œผ๋ฉด, Part 1 ๋ฅผ ์ฐธ์กฐํ•˜๊ธฐ ๋ฐ”๋ž€๋‹ค. 2. Tools and Target ์ด๊ฒƒ๋„ ๋˜‘๊ฐ™์Œ The tools for today are : Ollydebug andโ€ฆ your brain. ์˜ค๋Š˜์˜ tools ์€ : Ollydebug ์™€ ๋„ˆ์˜ ๋‘๋‡Œ๋‹ค. The first can be obtained for free at ์ฒซ๋ฒˆ์งธ๋กœ ๋ฌด๋ฃŒ๋กœ ์–ป์„ ์ˆ˜ ์žˆ๋‹ค. http://www.ollydbg.de Todays target is Xoftspy 4.13.88 Because it can no longer be downloaded, ์˜ค๋Š˜ target ์€ Xoftspy 4.13.88 ์ด๋‹ค. ์™œ๋ƒํ•˜๋ฉด ์ด๊ฒƒ์€ ๋” ์ด์ƒ download ๊ฐ€ ์•ˆ๋œ๋‹ค.
I have included it in this package for research. ์—ฐ๊ตฌ๋ฅผ ์œ„ํ•ด ์ด package ์— ์ด๊ฒƒ์„ ์ฒจ๋ถ€ํ–ˆ๋‹ค. 3. Behaviour of the program Because you know meanwhile about the importance of decent study of your target and because you've seen how to do it in the previous Parts in this series, ์™œ๋ƒํ•˜๋ฉด ๋„ˆ๋„ ๊ทธ ๋™์•ˆ ๋„ˆ์˜ target ์ ์ ƒํ•œ ๊ณต๋ถ€๋Š” ์ค‘์š”ํ•˜๋‹ค๋Š” ๊ฒƒ์„ ์•ˆ๋‹ค. ์™œ๋ƒํ•˜๋ฉด ๋„ˆ๋Š” ์ด series ์˜ ์ด์ ‚ part ์—์„œ ์–ด๋–ป๊ฒŒ ํ•˜๋Š”์ง€ ๋ดค๋‹ค. I will only show you the things we will need to take care of whilst searching for the patches. Patche ๋ฅผ ์ฐพ๋Š” ๋™์•ˆ ๊ทธ๊ฒƒ์„ ๋Œ๋ณด๋Š” ๊ฒŒ ํ•„์š”ํ•  ๋•Œ ๋ณด์—ฌ์ค„ ๊ฒƒ์ด๋‹ค. Please do some preliminary study of the target on your own. Target ์˜ ์˜ˆ๋น„ ๊ณต๋ถ€๋ฅผ ํ•˜์ž. INFO : I already told you about packers/protectors, throwing exceptions at Olly though Olly isn't good with those. ์ด๋ฏธ ๋„ˆ์—๊ฒŒ Olly ์—์„œ Packers/protectors ์— ๋Œ€ํ•˜์—ฌ, ์˜ˆ์™ธ๋ฅผ ๋˜์ง€๋Š” ๊ฒƒ์„ ๋งํ–ˆ๋‹ค. Olly ๋Š” ์ข‹์€ ๊ฒƒ๊ณผ ํ•จ๊ป˜ ์žˆ์ง€ ์•Š๋‹ค. Olly has a means of passing the exceptions to the program though which can deal with them using the Structured Exception Handler(SEH). Not only packers/protectors can do this of course. And here with Xoftspy, we have such a program. Remember that we usually add a range of exceptions 00000000-FFFFFFFF for Olly to pass to the program so that we have no problems with this. So, let me show you how to pass one distinct exception. But first โ€ฆ The program was opened in PEiD And shows us this And this So, give it a go(or F9 of course) Now, pay attention : the program runs and then โ€ฆ Hop, there it happens already See this exception here ??? Well, if you leave this too long unattended, Olly crashes each time Set that Olly has paused the program but will crash anyway after short time
(Well at least, that's what happened on my system) So, hurry and hit the Shift+F9 keys โ€ฆ to pass the exception to the program All right, the soft is running Because I pressed the Shift-F9 keys meanwhile ! Now to avoid this for the future Just add the exception to the list like this โ€ฆ :) :) Olly automatically find the last occurred exception :) And adds it to the list of exceptions to ignore for the future (== exceptions that will be passed to the program) INFO : This is not necessary if you have added a range of exceptions that includes this one of course. See also the previous Parts in this series about it. (Adding a range). :) If you want to return to the code of the program, you can do it like this Doubleclick the main exe We are not yet in the main exe, so โ€ฆ once more INFO : We land here in the code from the main program. We are not at the EP of course but at the first line of code from the main program.(First line after PE Header) Now, let's study the program ;) Mmmmmm ;) Don't ok yet All right. We know enough to find what we need to patch. But return to Olly 4. Finding the patches
INFO : Windows programs use API's to interact with the kernel. Hence, also finding input from users in a registration window for example is done with API's A technique to find info on and to land in the registration scheme, is to use the API's to our advantage. The API's that are important for this are : INFO : DialogBoxes: DialogBoxParamA GetDlgItem GetDlgItemInt GetDlgItemTextA GetWindowTextA GetWindowWord INFO : MessageBoxes: MessageBeep MessageBoxA MessageBoxEXA SendMessageA SendDlgItemMessageA INFO : Registry Access: RegCreateKeyA RegDeleteKeyA RegQueryValueA RegQueryValueExA RegCloseKeyA RegOpenKeyA INFO : Reading/Writing files:
ReadFile WriteFile CreateFileA INFO : Reading data from INI file: GetPrivateProfileStringA GetPrivateProfileIntA WritePrivateProfileStringA INFO : Reading data(other) LoadStringA lstcmpA MultiByteToWideChar WideCharToMultiByte wsprintfA INFO : Time And Date: GetFileTime GetLocalTime GetSystemTime GetSystemTimeAsFileTime SetTimer SystemTimeToFileTime INFO : Createing a NAG-window: CreateWindowExA ShowWindow UpdateWindow INFO : Find messageboxtext
SendDlgItemMessageA SendMessageA SetDlgItemTextA SetWindowTextA For a registration scheme, I usually place a breakpoint in one(or all) of the next API calls : GetdlgItemTextA GetWindowTextA lstrcmpA GetPrivateProfileStringA GetPrivateProfileIntA RegQueryValueExA WritePrivateProfileStringA WritePrivateProfileIntA INFO : This list is far from, complete! There are a lot more, but I'm only giving you a guide here. INFO : Do you really have no idea what API to break on or have you tried "every" API but you don't succeed? Solution: ---> rightclick ---> search for ---> all intermodular calls ---> rightclick ---> set breakpoint on every command ---> click "ok" button from registration or whatever you need to do ---> you will definitely break somewhere !!! REMARK : If you break too soon, even before you can click the "ok" button, then this(these) breakpoint(s) is(are) useless and may be removed till the program lets you click the required button ;) So, for a registration scheme, I usually start breakpointing in one (or all) of these API calls GetdlgItemTextA GetWindowTextA lstrcmpA GetPrivateProfileStringA GetPrivateProfileIntA RegQueryValueExA
WritePrivateProfileStringA WritePrivateProfileIntA For your convenience, I included a file with all before noted down for future reference. Question is how now how to find where and which of these API's is used. Well, it's often trial and error but decent study of your target can significantly improve your skills in this. You can set BP's on API's in different ways. One way is to use the command bar. Just press BP -space- followed by the API's name and press enter. Example : BP GetWindowTextA BTW, Olly comes with the commandline plugin which is basically the same. Or find the commandbar plugin at http://www.tuts4you.com Or you can also set BP's on API's like this โ€ฆ. Just follow along. Push Ctrl+N to bring up the Names And find GetWindowTextA INFO : One of the other ways is to type the API's name in the Goto box and breakpoint where you land in the dll See previous tuts :) Let's start with this one. :) 3 BPs set And let's continue registration Mmmm, we break here โ€ฆ already before displaying the window So this is probably a useless API Or better said, a useless BP :)
Because we didn't click the OK button yet So let's remove it Doubleclick opcode or F2 And continue And register Right Indeed, let's take a look in Win32.hlp what exactly this API does and why I suspected this API to participate in the registration process The API name explains a lot already, and I think the rest is clear by now too. So, let's see what the API exactly does in our case โ€ฆ GetWindowTextA reads 13h(19d) bytes in the text box And puts them in a buffer at 00EE4C30 INFO : Reading the code like this reveals that the name is only read for 19d chars, more input is useless ! INFO : There are three textboxes for our data on the registration window. Hence, we need to click another 2 times to retrieve all the data. I did that but removed it from this movie to reduce its size till we land โ€ฆ. โ€ฆ here Now, I always take a fast overview By stepping over the code(F8) till I see something interesting Now I skipped some of the film to reduce its size(not much though) Just by stepping F8(some returns too !) Until we land here So step F8 till here Mmmm Length of the name Aha
:) Mmmmm, "Is something entered" in both boxes First the length of our name And continue stepping F8 Then the length of the key INFO : All this is not so important of course. But it really helps to be able to read the code this way. It also helps in "When do I need to expect the good things to arrive ? :) Now, pay attention to conditional jumps We need to find where we jump to the BadBoy RESUME : But let me resume so far first. Using the API GetWindowTextA, I managed to land in the registration scheme. First, the program verifies if we effectively made all necessary data input. After this, we can expect the verification of the input(serial). So, continue stepping F8 โ€ฆ Scroll down to see what this is Huh??? BadBoy โ€ฆ And GoodBoy Scroll a little up again to see all the conditional jumps And study the code better here. See this, twice the same routine with the same calls and jumps!!! So this is definitely doublechecking registering Both jumps go past the BadBoy But eventually, let's make the first JNZ jump always to avoid doublechecking
So it's clear that the important stuff Is in this call !!! Or perhaps here ??? Let's first try the last call(most probable the good one) That means that we can skip all the โ€ฆ Previous lines by placing a BP here so we can run till here next time Important : note that we DON't want AL to be zero when retuning from this call Remember that. Because, if AL == 0 --> Badboy ! And here too, just in case โ€ฆ. Now step over till call (F8) And step in call(F7) now Once more : when returning here, AL must be different from zero! And so we land here Now always take an overview first and scroll down Mmmmm, quite a big routine โ€ฆ. Indeed, here is a return Aha, and here too Yep, I hope you understand this leads to the BadBoy Scroll up again Aha, and this leads to the GoodBoy INFO : In a clear scheme like this one, we can immediately choose the right path to follow and choose to end (with the right cond jumps) up in the Goodboy scheme, already from the start. So, this means not to jump this place ;) Scroll up again Mmmm, the jumps that will decide it all And all to the same place :) โ€ฆ the place we don't want to jump too
Let's step over and see what goes on Look at jump taken or not each time you land on a jump As we do not want to jump past the GoodBoy Ok Ok Loop, no problem INFO : It is in loops like this that a program reads the buffer with data and copies it in a register(here EDX and ESI respectively) so it can "work" with the data. If you look closer, you will notice that the program reads the double serial. :) :) Not far, so no problem Place a BP after the loops and press F9 to avoid turning in circles like a squirrel LOL Run till BP Remove BP(F2) And step over(F8) Mmmm, here are the jumps that need our attention Scroll down BadBoy Let's make sure we go to the GoodBoy to see what goodies that brings us Look here And see where the jump would take us by scrolling down Mmmm, past the good return โ€ฆ.. Remember this is not where we want to arrive Remember that we want to return here After AL has been set to 1 !
All right. Scroll back up Yep, change the flag so we do NOT jump I trust you know this well by now? Doubleclick to change the flag and See change Ok. Step over jump See here And again Step over jump :( :) Step over jump Remember though that we will have to give these conditional jumps a treatment afterwards INFO : I will already tell you we won't need to change them after all ;) Just continue to see what surprises the program has for us :( Jumps also to the badboy, Hence โ€ฆ. But scroll down first :) :) Scroll down and continue stepping So, this way, I forced the program to think I entered the right serial :)
We will return AL == 1 Scroll up to remember where we are AL = 1 And that's what we want !!! Now jump (F8) This is where we wanted to land, past the Badboy And execute the GoodBoy F8 And BAM ! The program pops up, telling us that we successfully registered! So, did you understands? We have to NOP all the JNZ We changed the flag for However, the program ahs still a surprise for us โ€ฆ ;) Olly pauses the soft when coming back So, press F9 Mmmm, I forgot to remove the BPs And so, Olly breaks in them when pressing F9 Remove the BP now F2 And run INFO : To avoid all confusion : I have not restarted the program, only pressed F9 after running the registration scheme successfully ! Huh ????? Let's think โ€ฆ. So the program either doublechecks or runs another routine to verify
If it was effectively the right serial that was entered Let's see this in the code and โ€ฆ Go back to Olly :) I planned to look for some strings but โ€ฆ look what is here !!!! This is exactly what I was going to search for !!! That is the string we need !!! Let's see, doubleclick to go there And we land here RESUME : I successfully registered and then โ€ฆ. The program says it is not registered !!! Searching for these last strings however, we land here in another routine that also seems to deal with registering. Will this be another doublechecking ??? Let's see better here and scroll up And study the code here Mmmmm I suppose you begin to get the hang of it ??? Meaning that AL will decide about goodboy or BadBoy here And it's all decided in (one of) this (these) last call(s) Doubleclick opcode To set a breakpoint Scroll up to also set a BP in the beginning of this routine. And let's restart to see what happens โ€ฆ And run ;)
BAM ! We break in the breakpoint we just set !! Now, think with me. When clicking the About box button โ€ฆ we land here in the verification of the registration. This is not abnormal of course : in the about box is displayed if we are registered or not. However, when registering by the registration routine, then here is a doublechecking done. That also means that this routine is the main "registered or not". Hence, if we patch here, then there is a relatively big chance registration will be permanent. Let's try itโ€ฆ First, let's study the code here. Scroll down. Mmmm, ok. There are no jumps till here, so press run (F9) to land on the BP And we land here on the call I suspect it's all happening in Step in the call (F7) But first remark that we need to return AL >< 0 to be registered !!!! We land in the call And let's see what's all happening here INFO : It's never a bad idea when going through registration schemes to set a BP and restart and run. If you do that here, you will see that this routine is ran at startup(breaking in BP here), meaning that indeed here is decided about registered or not at startup. Scroll down Run till here Remove BP And step F8 from here Ok Mmmm, ok, no harm done BTW, note the data we want the program to register us with No harm done
INFO : I have deliberately removed some of the last steps to eb able to reconstruct with you what has happened. But it is rather simple in fact : we must return AL > 0 And we see that this depends on BL We are not registered at this time, so, we will jump here passed the good news : MOV BL, 1 And because AL is zero โ€ฆ we have not jumped here Thus setting BL to zero ---> unregistered And we will jump the setting of BL to 1 ( ---> registered) And so, we jump the good news landing here now Do you understand that this is the place to patch ???? Now, do you understand that IN ADDITION and for extra surety, I could also have patched โ€ฆ.. This JNZ to JMP ????? But of course, this needs always to be patched !!! For complete certainty Now, let's make changes permanent 5. Patching, Saving and testing ;) Save under a different name ;) :) All fine ! 6. Conclusion In this part 13, the primary goal was to make you learn to "think reverser" and not give right up if a program acts otherwise then expected. Give it another try, and finally, you will succeed.
So, in this Part13, we studied what to do if not simply patching the reg scheme effectively registers the program. I hope you understood everything fine and I also hope someone somewhere learned something from this. See me back in part 14 ;) The other parts in this series are available at http://tinyurl.com/27dzdn (tuts4you) http://tinyurl.com/r89zq (SnD FileZ) http://tinyurl.com/l6srv (fixdown) Regards to all and especially to you for taking the time to look at this tutorial. Lena151 (2006, updated 2007)

Recommended

Php myths
Php mythsPhp myths
Php mythsKapil Sharma
ย 
Construir Aplicaรงรตes Silverlight para Windows Phone 7
Construir Aplicaรงรตes Silverlight para Windows Phone 7Construir Aplicaรงรตes Silverlight para Windows Phone 7
Construir Aplicaรงรตes Silverlight para Windows Phone 7Comunidade NetPonto
ย 
Handling error & exception in php
Handling error & exception in phpHandling error & exception in php
Handling error & exception in phpPravasini Sahoo
ย 
How, When, and Why to Patch a Module
How, When, and Why to Patch a Module How, When, and Why to Patch a Module
How, When, and Why to Patch a Module Phase2
ย 
B_C_Shelton Resume_updated-2015
B_C_Shelton Resume_updated-2015B_C_Shelton Resume_updated-2015
B_C_Shelton Resume_updated-2015BrandiC Shelton
ย 
2. theory of international trade
2. theory of international trade2. theory of international trade
2. theory of international tradePratap Tirkey
ย 
Mood for Food -- Burger Snapshot Spring 2015
Mood for Food -- Burger Snapshot Spring 2015Mood for Food -- Burger Snapshot Spring 2015
Mood for Food -- Burger Snapshot Spring 2015Mood for Food Brand Group (Gina Galvan and Associates)
ย 
Shot types
Shot typesShot types
Shot types10woodre
ย 

Recommended

Php myths
Php mythsPhp myths
Php mythsKapil Sharma
ย 
Construir Aplicaรงรตes Silverlight para Windows Phone 7
Construir Aplicaรงรตes Silverlight para Windows Phone 7Construir Aplicaรงรตes Silverlight para Windows Phone 7
Construir Aplicaรงรตes Silverlight para Windows Phone 7Comunidade NetPonto
ย 
Handling error & exception in php
Handling error & exception in phpHandling error & exception in php
Handling error & exception in phpPravasini Sahoo
ย 
How, When, and Why to Patch a Module
How, When, and Why to Patch a Module How, When, and Why to Patch a Module
How, When, and Why to Patch a Module Phase2
ย 
B_C_Shelton Resume_updated-2015
B_C_Shelton Resume_updated-2015B_C_Shelton Resume_updated-2015
B_C_Shelton Resume_updated-2015BrandiC Shelton
ย 
2. theory of international trade
2. theory of international trade2. theory of international trade
2. theory of international tradePratap Tirkey
ย 
Mood for Food -- Burger Snapshot Spring 2015
Mood for Food -- Burger Snapshot Spring 2015Mood for Food -- Burger Snapshot Spring 2015
Mood for Food -- Burger Snapshot Spring 2015Mood for Food Brand Group (Gina Galvan and Associates)
ย 
Shot types
Shot typesShot types
Shot types10woodre
ย 
ะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒ
ะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒ
ะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒAzat Hollywood
ย 
Trust Models PM Leadership Cars T Wright revc 2015
Trust Models PM Leadership Cars T Wright revc 2015Trust Models PM Leadership Cars T Wright revc 2015
Trust Models PM Leadership Cars T Wright revc 2015Thomas G. Wright PMP, LSSBB
ย 
LTHP 2015 Fall Newsletter
LTHP 2015 Fall NewsletterLTHP 2015 Fall Newsletter
LTHP 2015 Fall Newsletterlthporg_ss
ย 
LinkedIn for New Grads
LinkedIn for New GradsLinkedIn for New Grads
LinkedIn for New Gradsaboelckesm
ย 
09.explaining the visual basic concept, introduction to smart check and confi...
09.explaining the visual basic concept, introduction to smart check and confi...09.explaining the visual basic concept, introduction to smart check and confi...
09.explaining the visual basic concept, introduction to smart check and confi...re4lfl0w
ย 
CV Kevin O Regan September 2015 Word docx
CV Kevin O Regan September 2015 Word docxCV Kevin O Regan September 2015 Word docx
CV Kevin O Regan September 2015 Word docxKevin O' Regan
ย 
Mapping Hilton
Mapping HiltonMapping Hilton
Mapping HiltonShiloh Barnat Goodman
ย 
Describe what makes Utilize Consulting and Management Service -Det CEO MAG
Describe what makes Utilize Consulting and Management Service -Det CEO MAGDescribe what makes Utilize Consulting and Management Service -Det CEO MAG
Describe what makes Utilize Consulting and Management Service -Det CEO MAGBrandiC Shelton
ย 
Portfolio Analysis with BondEdge Solutions - Final
Portfolio Analysis with BondEdge Solutions - FinalPortfolio Analysis with BondEdge Solutions - Final
Portfolio Analysis with BondEdge Solutions - FinalMichael R. Finley
ย 
RTI Symp. Cancer causes control 2015
RTI Symp. Cancer causes control 2015RTI Symp. Cancer causes control 2015
RTI Symp. Cancer causes control 2015Ravi Mehrotra MD,PhD, FRCPath, FAMS
ย 
B2 book 23 - karine lacerda - A world without inequality
B2 book 23 - karine lacerda - A world without inequalityB2 book 23 - karine lacerda - A world without inequality
B2 book 23 - karine lacerda - A world without inequalityGerson Moura
ย 
Fh.shahin CV
Fh.shahin CVFh.shahin CV
Fh.shahin CVfiras shahin
ย 
Aix en Provence
Aix en Provence Aix en Provence
Aix en Provence Jean-Philippe Alfonsi
ย 
Project - Civics Hybrid Rubric : Essay, 3D and Presentation
Project - Civics Hybrid Rubric : Essay, 3D and PresentationProject - Civics Hybrid Rubric : Essay, 3D and Presentation
Project - Civics Hybrid Rubric : Essay, 3D and PresentationMariske Myeke Tampi
ย 
Studium-Generale-27Juni-FTW
Studium-Generale-27Juni-FTWStudium-Generale-27Juni-FTW
Studium-Generale-27Juni-FTWSteven Debipersad
ย 
The New Leaders Council Institute Trains Young Professionals
The New Leaders Council Institute Trains Young ProfessionalsThe New Leaders Council Institute Trains Young Professionals
The New Leaders Council Institute Trains Young ProfessionalsGillian Smith City Year
ย 
SoMachine 4.1 quickstart
SoMachine 4.1 quickstartSoMachine 4.1 quickstart
SoMachine 4.1 quickstartJulien Dubois
ย 
Hacking Tutorial for Apps
Hacking Tutorial for AppsHacking Tutorial for Apps
Hacking Tutorial for AppsGrant Eaton
ย 
War of the Machines: PVS-Studio vs. TensorFlow
War of the Machines: PVS-Studio vs. TensorFlowWar of the Machines: PVS-Studio vs. TensorFlow
War of the Machines: PVS-Studio vs. TensorFlowPVS-Studio
ย 
Pimp my Plone
Pimp my PlonePimp my Plone
Pimp my PlonePhilip Bauer
ย 
You shouldneverdo
You shouldneverdoYou shouldneverdo
You shouldneverdodaniil3
ย 
Application development with Python - Desktop application
Application development with Python - Desktop applicationApplication development with Python - Desktop application
Application development with Python - Desktop applicationBao Long Nguyen Dang
ย 

More Related Content

Viewers also liked

ะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒ
ะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒ
ะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒAzat Hollywood
ย 
Trust Models PM Leadership Cars T Wright revc 2015
Trust Models PM Leadership Cars T Wright revc 2015Trust Models PM Leadership Cars T Wright revc 2015
Trust Models PM Leadership Cars T Wright revc 2015Thomas G. Wright PMP, LSSBB
ย 
LTHP 2015 Fall Newsletter
LTHP 2015 Fall NewsletterLTHP 2015 Fall Newsletter
LTHP 2015 Fall Newsletterlthporg_ss
ย 
LinkedIn for New Grads
LinkedIn for New GradsLinkedIn for New Grads
LinkedIn for New Gradsaboelckesm
ย 
09.explaining the visual basic concept, introduction to smart check and confi...
09.explaining the visual basic concept, introduction to smart check and confi...09.explaining the visual basic concept, introduction to smart check and confi...
09.explaining the visual basic concept, introduction to smart check and confi...re4lfl0w
ย 
CV Kevin O Regan September 2015 Word docx
CV Kevin O Regan September 2015 Word docxCV Kevin O Regan September 2015 Word docx
CV Kevin O Regan September 2015 Word docxKevin O' Regan
ย 
Describe what makes Utilize Consulting and Management Service -Det CEO MAG
Describe what makes Utilize Consulting and Management Service -Det CEO MAGDescribe what makes Utilize Consulting and Management Service -Det CEO MAG
Describe what makes Utilize Consulting and Management Service -Det CEO MAGBrandiC Shelton
ย 
Portfolio Analysis with BondEdge Solutions - Final
Portfolio Analysis with BondEdge Solutions - FinalPortfolio Analysis with BondEdge Solutions - Final
Portfolio Analysis with BondEdge Solutions - FinalMichael R. Finley
ย 
B2 book 23 - karine lacerda - A world without inequality
B2 book 23 - karine lacerda - A world without inequalityB2 book 23 - karine lacerda - A world without inequality
B2 book 23 - karine lacerda - A world without inequalityGerson Moura
ย 
Fh.shahin CV
Fh.shahin CVFh.shahin CV
Fh.shahin CVfiras shahin
ย 
Project - Civics Hybrid Rubric : Essay, 3D and Presentation
Project - Civics Hybrid Rubric : Essay, 3D and PresentationProject - Civics Hybrid Rubric : Essay, 3D and Presentation
Project - Civics Hybrid Rubric : Essay, 3D and PresentationMariske Myeke Tampi
ย 
Studium-Generale-27Juni-FTW
Studium-Generale-27Juni-FTWStudium-Generale-27Juni-FTW
Studium-Generale-27Juni-FTWSteven Debipersad
ย 
The New Leaders Council Institute Trains Young Professionals
The New Leaders Council Institute Trains Young ProfessionalsThe New Leaders Council Institute Trains Young Professionals
The New Leaders Council Institute Trains Young ProfessionalsGillian Smith City Year
ย 

Viewers also liked (16)

ะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒ
ะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒ
ะ˜ัั‚ะพั€ะธั 5 ะบะปะฐัั ะœะฐะนะบะพะฒ
ย 
Trust Models PM Leadership Cars T Wright revc 2015
Trust Models PM Leadership Cars T Wright revc 2015Trust Models PM Leadership Cars T Wright revc 2015
Trust Models PM Leadership Cars T Wright revc 2015
ย 
LTHP 2015 Fall Newsletter
LTHP 2015 Fall NewsletterLTHP 2015 Fall Newsletter
LTHP 2015 Fall Newsletter
ย 
LinkedIn for New Grads
LinkedIn for New GradsLinkedIn for New Grads
LinkedIn for New Grads
ย 
09.explaining the visual basic concept, introduction to smart check and confi...
09.explaining the visual basic concept, introduction to smart check and confi...09.explaining the visual basic concept, introduction to smart check and confi...
09.explaining the visual basic concept, introduction to smart check and confi...
ย 
CV Kevin O Regan September 2015 Word docx
CV Kevin O Regan September 2015 Word docxCV Kevin O Regan September 2015 Word docx
CV Kevin O Regan September 2015 Word docx
ย 
Mapping Hilton
Mapping HiltonMapping Hilton
Mapping Hilton
ย 
Describe what makes Utilize Consulting and Management Service -Det CEO MAG
Describe what makes Utilize Consulting and Management Service -Det CEO MAGDescribe what makes Utilize Consulting and Management Service -Det CEO MAG
Describe what makes Utilize Consulting and Management Service -Det CEO MAG
ย 
Portfolio Analysis with BondEdge Solutions - Final
Portfolio Analysis with BondEdge Solutions - FinalPortfolio Analysis with BondEdge Solutions - Final
Portfolio Analysis with BondEdge Solutions - Final
ย 
RTI Symp. Cancer causes control 2015
RTI Symp. Cancer causes control 2015RTI Symp. Cancer causes control 2015
RTI Symp. Cancer causes control 2015
ย 
B2 book 23 - karine lacerda - A world without inequality
B2 book 23 - karine lacerda - A world without inequalityB2 book 23 - karine lacerda - A world without inequality
B2 book 23 - karine lacerda - A world without inequality
ย 
Fh.shahin CV
Fh.shahin CVFh.shahin CV
Fh.shahin CV
ย 
Aix en Provence
Aix en Provence Aix en Provence
Aix en Provence
ย 
Project - Civics Hybrid Rubric : Essay, 3D and Presentation
Project - Civics Hybrid Rubric : Essay, 3D and PresentationProject - Civics Hybrid Rubric : Essay, 3D and Presentation
Project - Civics Hybrid Rubric : Essay, 3D and Presentation
ย 
Studium-Generale-27Juni-FTW
Studium-Generale-27Juni-FTWStudium-Generale-27Juni-FTW
Studium-Generale-27Juni-FTW
ย 
The New Leaders Council Institute Trains Young Professionals
The New Leaders Council Institute Trains Young ProfessionalsThe New Leaders Council Institute Trains Young Professionals
The New Leaders Council Institute Trains Young Professionals
ย 

Similar to 13.the use of api's in software, avoiding doublechecking tricks hangul

SoMachine 4.1 quickstart
SoMachine 4.1 quickstartSoMachine 4.1 quickstart
SoMachine 4.1 quickstartJulien Dubois
ย 
Hacking Tutorial for Apps
Hacking Tutorial for AppsHacking Tutorial for Apps
Hacking Tutorial for AppsGrant Eaton
ย 
War of the Machines: PVS-Studio vs. TensorFlow
War of the Machines: PVS-Studio vs. TensorFlowWar of the Machines: PVS-Studio vs. TensorFlow
War of the Machines: PVS-Studio vs. TensorFlowPVS-Studio
ย 
Pimp my Plone
Pimp my PlonePimp my Plone
Pimp my PlonePhilip Bauer
ย 
You shouldneverdo
You shouldneverdoYou shouldneverdo
You shouldneverdodaniil3
ย 
Application development with Python - Desktop application
Application development with Python - Desktop applicationApplication development with Python - Desktop application
Application development with Python - Desktop applicationBao Long Nguyen Dang
ย 
Getting big without getting fat, in perl
Getting big without getting fat, in perlGetting big without getting fat, in perl
Getting big without getting fat, in perlDean Hamstead
ย 
How java works
How java worksHow java works
How java worksthiruvenkatz
ย 
Python setup for dummies
Python setup for dummiesPython setup for dummies
Python setup for dummiesRajesh Rajamani
ย 
Project: Intrusion Detection
Project: Intrusion DetectionProject: Intrusion Detection
Project: Intrusion DetectionJay Schulman
ย 
Pair Programming Presentation
Pair Programming PresentationPair Programming Presentation
Pair Programming PresentationThoughtWorks
ย 
PLC Class project Lab Brett Bloomberg
PLC Class project Lab Brett BloombergPLC Class project Lab Brett Bloomberg
PLC Class project Lab Brett BloombergBrett Bloomberg
ย 
Preparing for the WebGeek DevCup
Preparing for the WebGeek DevCupPreparing for the WebGeek DevCup
Preparing for the WebGeek DevCupbryanbibat
ย 
Mobile Warsaw - Efficient Localization for iOS Apps
Mobile Warsaw - Efficient Localization for iOS AppsMobile Warsaw - Efficient Localization for iOS Apps
Mobile Warsaw - Efficient Localization for iOS AppsEdgar Figueiredo
ย 
Introducing Small Basic.pdf
Introducing Small Basic.pdfIntroducing Small Basic.pdf
Introducing Small Basic.pdfSnehlata Parashar
ย 
Introducing small basic
Introducing small basicIntroducing small basic
Introducing small basicSara Samol
ย 
Learning Joomla! in a weekend (for developers)
Learning Joomla! in a weekend (for developers)Learning Joomla! in a weekend (for developers)
Learning Joomla! in a weekend (for developers)Valentin Despa
ย 
lecture2-PerlProgramming
lecture2-PerlProgramminglecture2-PerlProgramming
lecture2-PerlProgrammingtutorialsruby
ย 

Similar to 13.the use of api's in software, avoiding doublechecking tricks hangul (20)

SoMachine 4.1 quickstart
SoMachine 4.1 quickstartSoMachine 4.1 quickstart
SoMachine 4.1 quickstart
ย 
Hacking Tutorial for Apps
Hacking Tutorial for AppsHacking Tutorial for Apps
Hacking Tutorial for Apps
ย 
War of the Machines: PVS-Studio vs. TensorFlow
War of the Machines: PVS-Studio vs. TensorFlowWar of the Machines: PVS-Studio vs. TensorFlow
War of the Machines: PVS-Studio vs. TensorFlow
ย 
Pimp my Plone
Pimp my PlonePimp my Plone
Pimp my Plone
ย 
You shouldneverdo
You shouldneverdoYou shouldneverdo
You shouldneverdo
ย 
Application development with Python - Desktop application
Application development with Python - Desktop applicationApplication development with Python - Desktop application
Application development with Python - Desktop application
ย 
Getting big without getting fat, in perl
Getting big without getting fat, in perlGetting big without getting fat, in perl
Getting big without getting fat, in perl
ย 
How java works
How java worksHow java works
How java works
ย 
How java works
How java worksHow java works
How java works
ย 
Python setup for dummies
Python setup for dummiesPython setup for dummies
Python setup for dummies
ย 
Project: Intrusion Detection
Project: Intrusion DetectionProject: Intrusion Detection
Project: Intrusion Detection
ย 
Pair Programming Presentation
Pair Programming PresentationPair Programming Presentation
Pair Programming Presentation
ย 
PLC Class project Lab Brett Bloomberg
PLC Class project Lab Brett BloombergPLC Class project Lab Brett Bloomberg
PLC Class project Lab Brett Bloomberg
ย 
Java
JavaJava
Java
ย 
Preparing for the WebGeek DevCup
Preparing for the WebGeek DevCupPreparing for the WebGeek DevCup
Preparing for the WebGeek DevCup
ย 
Mobile Warsaw - Efficient Localization for iOS Apps
Mobile Warsaw - Efficient Localization for iOS AppsMobile Warsaw - Efficient Localization for iOS Apps
Mobile Warsaw - Efficient Localization for iOS Apps
ย 
Introducing Small Basic.pdf
Introducing Small Basic.pdfIntroducing Small Basic.pdf
Introducing Small Basic.pdf
ย 
Introducing small basic
Introducing small basicIntroducing small basic
Introducing small basic
ย 
Learning Joomla! in a weekend (for developers)
Learning Joomla! in a weekend (for developers)Learning Joomla! in a weekend (for developers)
Learning Joomla! in a weekend (for developers)
ย 
lecture2-PerlProgramming
lecture2-PerlProgramminglecture2-PerlProgramming
lecture2-PerlProgramming
ย 

Recently uploaded

Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
ย 
(Genuine) Escort Service Lucknow | Starting โ‚น,5K To @25k with A/C ๐Ÿง‘๐Ÿฝโ€โค๏ธโ€๐Ÿง‘๐Ÿป 89...
(Genuine) Escort Service Lucknow | Starting โ‚น,5K To @25k with A/C ๐Ÿง‘๐Ÿฝโ€โค๏ธโ€๐Ÿง‘๐Ÿป 89...(Genuine) Escort Service Lucknow | Starting โ‚น,5K To @25k with A/C ๐Ÿง‘๐Ÿฝโ€โค๏ธโ€๐Ÿง‘๐Ÿป 89...
(Genuine) Escort Service Lucknow | Starting โ‚น,5K To @25k with A/C ๐Ÿง‘๐Ÿฝโ€โค๏ธโ€๐Ÿง‘๐Ÿป 89...gurkirankumar98700
ย 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
ย 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
ย 
Call Girls In Mukherjee Nagar ๐Ÿ“ฑ 9999965857 ๐Ÿคฉ Delhi ๐Ÿซฆ HOT AND SEXY VVIP ๐ŸŽ SE...
Call Girls In Mukherjee Nagar ๐Ÿ“ฑ 9999965857 ๐Ÿคฉ Delhi ๐Ÿซฆ HOT AND SEXY VVIP ๐ŸŽ SE...Call Girls In Mukherjee Nagar ๐Ÿ“ฑ 9999965857 ๐Ÿคฉ Delhi ๐Ÿซฆ HOT AND SEXY VVIP ๐ŸŽ SE...
Call Girls In Mukherjee Nagar ๐Ÿ“ฑ 9999965857 ๐Ÿคฉ Delhi ๐Ÿซฆ HOT AND SEXY VVIP ๐ŸŽ SE...Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
ย 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
ย 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
ย 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
ย 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
ย 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlanโ€™s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlanโ€™s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlanโ€™s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlanโ€™s ...OnePlan Solutions
ย 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
ย 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
ย 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
ย 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
ย 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto Gonzรกlez Trastoy
ย 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
ย 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
ย 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
ย 

Recently uploaded (20)

Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
ย 
(Genuine) Escort Service Lucknow | Starting โ‚น,5K To @25k with A/C ๐Ÿง‘๐Ÿฝโ€โค๏ธโ€๐Ÿง‘๐Ÿป 89...
(Genuine) Escort Service Lucknow | Starting โ‚น,5K To @25k with A/C ๐Ÿง‘๐Ÿฝโ€โค๏ธโ€๐Ÿง‘๐Ÿป 89...(Genuine) Escort Service Lucknow | Starting โ‚น,5K To @25k with A/C ๐Ÿง‘๐Ÿฝโ€โค๏ธโ€๐Ÿง‘๐Ÿป 89...
(Genuine) Escort Service Lucknow | Starting โ‚น,5K To @25k with A/C ๐Ÿง‘๐Ÿฝโ€โค๏ธโ€๐Ÿง‘๐Ÿป 89...
ย 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
ย 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
ย 
Call Girls In Mukherjee Nagar ๐Ÿ“ฑ 9999965857 ๐Ÿคฉ Delhi ๐Ÿซฆ HOT AND SEXY VVIP ๐ŸŽ SE...
Call Girls In Mukherjee Nagar ๐Ÿ“ฑ 9999965857 ๐Ÿคฉ Delhi ๐Ÿซฆ HOT AND SEXY VVIP ๐ŸŽ SE...Call Girls In Mukherjee Nagar ๐Ÿ“ฑ 9999965857 ๐Ÿคฉ Delhi ๐Ÿซฆ HOT AND SEXY VVIP ๐ŸŽ SE...
Call Girls In Mukherjee Nagar ๐Ÿ“ฑ 9999965857 ๐Ÿคฉ Delhi ๐Ÿซฆ HOT AND SEXY VVIP ๐ŸŽ SE...
ย 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
ย 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
ย 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
ย 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
ย 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlanโ€™s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlanโ€™s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlanโ€™s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlanโ€™s ...
ย 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
ย 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
ย 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
ย 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
ย 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
ย 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
ย 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
ย 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
ย 
Vip Call Girls Noida โžก๏ธ Delhi โžก๏ธ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida โžก๏ธ Delhi โžก๏ธ 9999965857 No Advance 24HRS LiveVip Call Girls Noida โžก๏ธ Delhi โžก๏ธ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida โžก๏ธ Delhi โžก๏ธ 9999965857 No Advance 24HRS Live
ย 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
ย 

13.the use of api's in software, avoiding doublechecking tricks hangul

  • 1. 13.The use of API's in software, avoiding doublechecking tricks 2012 ๋…„ 2 ์›” 4 ์ผ ํ† ์š”์ผ ์˜ค์ ‚ 9:30 Hello everybody. ๋ชจ๋‘๋“ค ์•ˆ๋…•. Welcome to this Part 13 in my series about reversing for newbies/beginners. ๋‚˜์˜ ์ดˆ๋ณด์ž reversing series Part 13 ์— ์˜จ ๊ฒƒ์„ ํ™–์˜ํ•ด. This "saga" is intended for complete starters in reversing, also for those without any programming experience at all. ์ด "saga"๋Š” ์™„๋ฒฝํžˆ reversing ์ดˆ๋ณด์ž๋ฅผ ๋งž์ถฐ์„œ ๋งŒ๋“ค์–ด์กŒ๋‹ค. ๋˜ํ•œ ์–ด๋– ํ•œ programming ๊ฒฝํ—˜์ด ์—†์–ด๋„ ๋œ๋‹ค. Lena151 (2006) Set your screen resolution to 1152*864 and press F11 to see the movie full screen !!! Again, I have made this movie interactive. You screen ํ•ด์ƒ๋„๋ฅผ 1152*864 ๋กœ ์„ค์ •ํ•ด ๊ทธ๋ฆฌ๊ณ  full screen ์œผ๋กœ movie ๋ฅผ ๋ณด๊ธฐ ์œ„ํ•ด F11 ๋ฅผ ๋ˆŒ๋Ÿฌ So, if you are a fast reader and you want to continue to the next screen, just click here on this invisible hotspot. You don't see it, but it IS there on text screens. ๊ทธ๋ž˜์„œ, ๋„ค๊ฐ€ ์ด๊ฒƒ์„ ๋นจ๋ฆฌ ์ฝ๊ณ  ๋‹ค์Œ screen ์„ ๋ณด๊ณ  ์‹ถ๋‹ค๋ฉด, ๋ณด์ด๋Š” hotspot ์—ฌ๊ธฐ๋ฅผ ๋ˆŒ๋Ÿฌ. ๋ณด๊ณ  ์‹ถ์ง€ ์•Š์„ ๋•Œ๋Š” ์—ฌ๊ธฐ์— ๋‘์ง€๋งˆ. Then the movie will skip the text and continue with the next screen. Movie ๋Š” text ์™€ ๋‹ค์Œ screen ์„ skip ํ•  ์ˆ˜ ์žˆ๋‹ค. If something is not clear or goes too fast, you can always use the control buttons and the slider below on this screen. ๋ฌด์–ธ๊ฐ€ ๋ช…ํ™•ํ•˜์ง€ ์•Š๊ฑฐ๋‚˜ ๋นจ๋ฆฌ ๋„˜๊ธฐ๊ณ ์ž ํ•  ๋•Œ, ํ•ญ์ƒ control button ๊ณผ ์ด screen ๋ฐ‘์— ์žˆ๋Š” slider ๋ฐ”๋ฅผ ์‚ฌ์šฉํ•ด. He, try it out and click on the hotspot to skip this text and to go to the next screen now!!! ๋„์ ‚ํ•ด๋ด. ๊ทธ๋ฆฌ๊ณ  ์ด text ์™€ ๋‹ค์Œ screen ์„ ๋ณด๊ธฐ ์œ„ํ•ด hotspot ์„ click ํ•ด. 1. Abstract In Part12, we found a case where simply patching the reg scheme sufficed to also effectively register the program.
  • 2. ์ด๋ฒˆ Part12 ์—์„œ, ์šฐ๋ฆฌ๋Š” program ์„ ํšจ๊ณผ์ ์œผ๋กœ ๋“ฑ๋กํ•˜๊ธฐ ์œ„ํ•˜์—ฌ ๊ฐ„๋‹จํžˆ reg scheme ์„ patching ํ•˜๋Š” ์‚ฌ๊ฑด์„ ์ฐพ์•˜๋‹ค. However in this Part 13, we will reverse a "real" application to learn something about defenses to trick the reverser, in the case doublechecks. ์ด๋ฒˆ Part13 ์—์„œ, ์šฐ๋ฆฌ๋Š” doublecheck case ์—์„œ reverser ๋ฅผ ์†์ด๋Š” ๊ฒƒ์„ ๋ฐฉ์–ดํ•˜๊ณ  ๋ฐฐ์šฐ๊ธฐ ์œ„ํ•ด "real" application ์„ reverse ํ•  ๊ฒƒ์ด๋‹ค. For better comprehension and if you are a newbie, I advise you to first see the previous parts in s this series before seeing this movie. ์ข€ ๋” ์ดํ•ด๋ ฅ์„ ๋†’์ด๊ณ  ๋„ค๊ฐ€ ์ดˆ๋ณด์ž๋ผ๋ฉด, ๋‚˜๋Š” ์ด movie ๋ฅผ ๋ณด๊ธฐ ์ ‚์— ์ด series ์˜ ์ด์ ‚ parts ๋ฅผ ๋จผ์ € ๋ณด๋ผ๊ณ  ์กฐ์–ธ์„ ํ•œ๋‹ค. The goal of this tutorial is to teach you something about a program's behaviour. ์ด tutorial ์˜ ๋ชฉํ‘œ๋Š” ๋„ˆ์—๊ฒŒ program's behaviour ์— ๋Œ€ํ•˜์—ฌ ๊ฐ€๋ฅด์น˜๊ธฐ ์œ„ํ•œ ๊ฒƒ์ด๋‹ค. In my search not to harm somebody, I found an old version of Xoftspy(version 4.13.88) which is no longer available for download. ๋‚˜์˜ ์—ฐ๊ตฌ๋Š” ๋ˆ„๊ตฌ์—๊ฒŒ๋„ ํ•ด๊ฐ€ ๋˜์ง€ ์•Š๋Š”๋‹ค, ๋‚˜๋Š” Xoftspy(version 4.13.88)์˜ old version ์„ ์ฐพ์•˜๋‹ค. ๊ทธ๊ฒƒ์€ ๋” ์ด์ƒ download ๊ฐ€ ๊ฐ€๋Šฅํ•˜์ง€ ์•Š๋‹ค. Taking a look in the specialized media, I also found this application to be "cracked" already. ํŠนํ™”๋œ media ๋ฅผ ๋ด, ๋‚˜๋Š” ์ด๋ฏธ "cracked"๋œ application ์„ ์ฐพ์•˜๋‹ค. Here, this applications is only chosen because it is ideal for this tutorial in reversing and it is targeted for educational purposes only. ์—ฌ๊ธฐ, ์ด applications ์€ ์˜ค์ง ์„ ํƒ๋๋‹ค. ์™œ๋ƒํ•˜๋ฉด ์ด๊ฒƒ์€ reversing tutorial ์— ์ด์ƒ์ ์ด๋‹ค. ๊ทธ๋ฆฌ๊ณ  ์ด target ๋œ ๊ฒƒ์€ ์˜ค์ง ๊ต์œก์ ์ธ ๋ชฉ์ ์ด๋‹ค. I hope you will exploit your newly acquired knowledge in a positive way. ๋„ค๊ฐ€ ์–ป์€ ์ƒˆ๋กœ์šด ์ง€์‹์„ ๊ธ์ •์ ์ธ ๋ฐฉํ–ฅ์œผ๋กœ ์ด์šฉํ•˜๊ธธ ๋ฐ”๋ž€๋‹ค. In this matter, I also want to refer to Part 1. ๋ฌธ์ œ๊ฐ€ ์žˆ์œผ๋ฉด, Part 1 ๋ฅผ ์ฐธ์กฐํ•˜๊ธฐ ๋ฐ”๋ž€๋‹ค. 2. Tools and Target ์ด๊ฒƒ๋„ ๋˜‘๊ฐ™์Œ The tools for today are : Ollydebug andโ€ฆ your brain. ์˜ค๋Š˜์˜ tools ์€ : Ollydebug ์™€ ๋„ˆ์˜ ๋‘๋‡Œ๋‹ค. The first can be obtained for free at ์ฒซ๋ฒˆ์งธ๋กœ ๋ฌด๋ฃŒ๋กœ ์–ป์„ ์ˆ˜ ์žˆ๋‹ค. http://www.ollydbg.de Todays target is Xoftspy 4.13.88 Because it can no longer be downloaded, ์˜ค๋Š˜ target ์€ Xoftspy 4.13.88 ์ด๋‹ค. ์™œ๋ƒํ•˜๋ฉด ์ด๊ฒƒ์€ ๋” ์ด์ƒ download ๊ฐ€ ์•ˆ๋œ๋‹ค.
  • 3. I have included it in this package for research. ์—ฐ๊ตฌ๋ฅผ ์œ„ํ•ด ์ด package ์— ์ด๊ฒƒ์„ ์ฒจ๋ถ€ํ–ˆ๋‹ค. 3. Behaviour of the program Because you know meanwhile about the importance of decent study of your target and because you've seen how to do it in the previous Parts in this series, ์™œ๋ƒํ•˜๋ฉด ๋„ˆ๋„ ๊ทธ ๋™์•ˆ ๋„ˆ์˜ target ์ ์ ƒํ•œ ๊ณต๋ถ€๋Š” ์ค‘์š”ํ•˜๋‹ค๋Š” ๊ฒƒ์„ ์•ˆ๋‹ค. ์™œ๋ƒํ•˜๋ฉด ๋„ˆ๋Š” ์ด series ์˜ ์ด์ ‚ part ์—์„œ ์–ด๋–ป๊ฒŒ ํ•˜๋Š”์ง€ ๋ดค๋‹ค. I will only show you the things we will need to take care of whilst searching for the patches. Patche ๋ฅผ ์ฐพ๋Š” ๋™์•ˆ ๊ทธ๊ฒƒ์„ ๋Œ๋ณด๋Š” ๊ฒŒ ํ•„์š”ํ•  ๋•Œ ๋ณด์—ฌ์ค„ ๊ฒƒ์ด๋‹ค. Please do some preliminary study of the target on your own. Target ์˜ ์˜ˆ๋น„ ๊ณต๋ถ€๋ฅผ ํ•˜์ž. INFO : I already told you about packers/protectors, throwing exceptions at Olly though Olly isn't good with those. ์ด๋ฏธ ๋„ˆ์—๊ฒŒ Olly ์—์„œ Packers/protectors ์— ๋Œ€ํ•˜์—ฌ, ์˜ˆ์™ธ๋ฅผ ๋˜์ง€๋Š” ๊ฒƒ์„ ๋งํ–ˆ๋‹ค. Olly ๋Š” ์ข‹์€ ๊ฒƒ๊ณผ ํ•จ๊ป˜ ์žˆ์ง€ ์•Š๋‹ค. Olly has a means of passing the exceptions to the program though which can deal with them using the Structured Exception Handler(SEH). Not only packers/protectors can do this of course. And here with Xoftspy, we have such a program. Remember that we usually add a range of exceptions 00000000-FFFFFFFF for Olly to pass to the program so that we have no problems with this. So, let me show you how to pass one distinct exception. But first โ€ฆ The program was opened in PEiD And shows us this And this So, give it a go(or F9 of course) Now, pay attention : the program runs and then โ€ฆ Hop, there it happens already See this exception here ??? Well, if you leave this too long unattended, Olly crashes each time Set that Olly has paused the program but will crash anyway after short time
  • 4. (Well at least, that's what happened on my system) So, hurry and hit the Shift+F9 keys โ€ฆ to pass the exception to the program All right, the soft is running Because I pressed the Shift-F9 keys meanwhile ! Now to avoid this for the future Just add the exception to the list like this โ€ฆ :) :) Olly automatically find the last occurred exception :) And adds it to the list of exceptions to ignore for the future (== exceptions that will be passed to the program) INFO : This is not necessary if you have added a range of exceptions that includes this one of course. See also the previous Parts in this series about it. (Adding a range). :) If you want to return to the code of the program, you can do it like this Doubleclick the main exe We are not yet in the main exe, so โ€ฆ once more INFO : We land here in the code from the main program. We are not at the EP of course but at the first line of code from the main program.(First line after PE Header) Now, let's study the program ;) Mmmmmm ;) Don't ok yet All right. We know enough to find what we need to patch. But return to Olly 4. Finding the patches
  • 5. INFO : Windows programs use API's to interact with the kernel. Hence, also finding input from users in a registration window for example is done with API's A technique to find info on and to land in the registration scheme, is to use the API's to our advantage. The API's that are important for this are : INFO : DialogBoxes: DialogBoxParamA GetDlgItem GetDlgItemInt GetDlgItemTextA GetWindowTextA GetWindowWord INFO : MessageBoxes: MessageBeep MessageBoxA MessageBoxEXA SendMessageA SendDlgItemMessageA INFO : Registry Access: RegCreateKeyA RegDeleteKeyA RegQueryValueA RegQueryValueExA RegCloseKeyA RegOpenKeyA INFO : Reading/Writing files:
  • 6. ReadFile WriteFile CreateFileA INFO : Reading data from INI file: GetPrivateProfileStringA GetPrivateProfileIntA WritePrivateProfileStringA INFO : Reading data(other) LoadStringA lstcmpA MultiByteToWideChar WideCharToMultiByte wsprintfA INFO : Time And Date: GetFileTime GetLocalTime GetSystemTime GetSystemTimeAsFileTime SetTimer SystemTimeToFileTime INFO : Createing a NAG-window: CreateWindowExA ShowWindow UpdateWindow INFO : Find messageboxtext
  • 7. SendDlgItemMessageA SendMessageA SetDlgItemTextA SetWindowTextA For a registration scheme, I usually place a breakpoint in one(or all) of the next API calls : GetdlgItemTextA GetWindowTextA lstrcmpA GetPrivateProfileStringA GetPrivateProfileIntA RegQueryValueExA WritePrivateProfileStringA WritePrivateProfileIntA INFO : This list is far from, complete! There are a lot more, but I'm only giving you a guide here. INFO : Do you really have no idea what API to break on or have you tried "every" API but you don't succeed? Solution: ---> rightclick ---> search for ---> all intermodular calls ---> rightclick ---> set breakpoint on every command ---> click "ok" button from registration or whatever you need to do ---> you will definitely break somewhere !!! REMARK : If you break too soon, even before you can click the "ok" button, then this(these) breakpoint(s) is(are) useless and may be removed till the program lets you click the required button ;) So, for a registration scheme, I usually start breakpointing in one (or all) of these API calls GetdlgItemTextA GetWindowTextA lstrcmpA GetPrivateProfileStringA GetPrivateProfileIntA RegQueryValueExA
  • 8. WritePrivateProfileStringA WritePrivateProfileIntA For your convenience, I included a file with all before noted down for future reference. Question is how now how to find where and which of these API's is used. Well, it's often trial and error but decent study of your target can significantly improve your skills in this. You can set BP's on API's in different ways. One way is to use the command bar. Just press BP -space- followed by the API's name and press enter. Example : BP GetWindowTextA BTW, Olly comes with the commandline plugin which is basically the same. Or find the commandbar plugin at http://www.tuts4you.com Or you can also set BP's on API's like this โ€ฆ. Just follow along. Push Ctrl+N to bring up the Names And find GetWindowTextA INFO : One of the other ways is to type the API's name in the Goto box and breakpoint where you land in the dll See previous tuts :) Let's start with this one. :) 3 BPs set And let's continue registration Mmmm, we break here โ€ฆ already before displaying the window So this is probably a useless API Or better said, a useless BP :)
  • 9. Because we didn't click the OK button yet So let's remove it Doubleclick opcode or F2 And continue And register Right Indeed, let's take a look in Win32.hlp what exactly this API does and why I suspected this API to participate in the registration process The API name explains a lot already, and I think the rest is clear by now too. So, let's see what the API exactly does in our case โ€ฆ GetWindowTextA reads 13h(19d) bytes in the text box And puts them in a buffer at 00EE4C30 INFO : Reading the code like this reveals that the name is only read for 19d chars, more input is useless ! INFO : There are three textboxes for our data on the registration window. Hence, we need to click another 2 times to retrieve all the data. I did that but removed it from this movie to reduce its size till we land โ€ฆ. โ€ฆ here Now, I always take a fast overview By stepping over the code(F8) till I see something interesting Now I skipped some of the film to reduce its size(not much though) Just by stepping F8(some returns too !) Until we land here So step F8 till here Mmmm Length of the name Aha
  • 10. :) Mmmmm, "Is something entered" in both boxes First the length of our name And continue stepping F8 Then the length of the key INFO : All this is not so important of course. But it really helps to be able to read the code this way. It also helps in "When do I need to expect the good things to arrive ? :) Now, pay attention to conditional jumps We need to find where we jump to the BadBoy RESUME : But let me resume so far first. Using the API GetWindowTextA, I managed to land in the registration scheme. First, the program verifies if we effectively made all necessary data input. After this, we can expect the verification of the input(serial). So, continue stepping F8 โ€ฆ Scroll down to see what this is Huh??? BadBoy โ€ฆ And GoodBoy Scroll a little up again to see all the conditional jumps And study the code better here. See this, twice the same routine with the same calls and jumps!!! So this is definitely doublechecking registering Both jumps go past the BadBoy But eventually, let's make the first JNZ jump always to avoid doublechecking
  • 11. So it's clear that the important stuff Is in this call !!! Or perhaps here ??? Let's first try the last call(most probable the good one) That means that we can skip all the โ€ฆ Previous lines by placing a BP here so we can run till here next time Important : note that we DON't want AL to be zero when retuning from this call Remember that. Because, if AL == 0 --> Badboy ! And here too, just in case โ€ฆ. Now step over till call (F8) And step in call(F7) now Once more : when returning here, AL must be different from zero! And so we land here Now always take an overview first and scroll down Mmmmm, quite a big routine โ€ฆ. Indeed, here is a return Aha, and here too Yep, I hope you understand this leads to the BadBoy Scroll up again Aha, and this leads to the GoodBoy INFO : In a clear scheme like this one, we can immediately choose the right path to follow and choose to end (with the right cond jumps) up in the Goodboy scheme, already from the start. So, this means not to jump this place ;) Scroll up again Mmmm, the jumps that will decide it all And all to the same place :) โ€ฆ the place we don't want to jump too
  • 12. Let's step over and see what goes on Look at jump taken or not each time you land on a jump As we do not want to jump past the GoodBoy Ok Ok Loop, no problem INFO : It is in loops like this that a program reads the buffer with data and copies it in a register(here EDX and ESI respectively) so it can "work" with the data. If you look closer, you will notice that the program reads the double serial. :) :) Not far, so no problem Place a BP after the loops and press F9 to avoid turning in circles like a squirrel LOL Run till BP Remove BP(F2) And step over(F8) Mmmm, here are the jumps that need our attention Scroll down BadBoy Let's make sure we go to the GoodBoy to see what goodies that brings us Look here And see where the jump would take us by scrolling down Mmmm, past the good return โ€ฆ.. Remember this is not where we want to arrive Remember that we want to return here After AL has been set to 1 !
  • 13. All right. Scroll back up Yep, change the flag so we do NOT jump I trust you know this well by now? Doubleclick to change the flag and See change Ok. Step over jump See here And again Step over jump :( :) Step over jump Remember though that we will have to give these conditional jumps a treatment afterwards INFO : I will already tell you we won't need to change them after all ;) Just continue to see what surprises the program has for us :( Jumps also to the badboy, Hence โ€ฆ. But scroll down first :) :) Scroll down and continue stepping So, this way, I forced the program to think I entered the right serial :)
  • 14. We will return AL == 1 Scroll up to remember where we are AL = 1 And that's what we want !!! Now jump (F8) This is where we wanted to land, past the Badboy And execute the GoodBoy F8 And BAM ! The program pops up, telling us that we successfully registered! So, did you understands? We have to NOP all the JNZ We changed the flag for However, the program ahs still a surprise for us โ€ฆ ;) Olly pauses the soft when coming back So, press F9 Mmmm, I forgot to remove the BPs And so, Olly breaks in them when pressing F9 Remove the BP now F2 And run INFO : To avoid all confusion : I have not restarted the program, only pressed F9 after running the registration scheme successfully ! Huh ????? Let's think โ€ฆ. So the program either doublechecks or runs another routine to verify
  • 15. If it was effectively the right serial that was entered Let's see this in the code and โ€ฆ Go back to Olly :) I planned to look for some strings but โ€ฆ look what is here !!!! This is exactly what I was going to search for !!! That is the string we need !!! Let's see, doubleclick to go there And we land here RESUME : I successfully registered and then โ€ฆ. The program says it is not registered !!! Searching for these last strings however, we land here in another routine that also seems to deal with registering. Will this be another doublechecking ??? Let's see better here and scroll up And study the code here Mmmmm I suppose you begin to get the hang of it ??? Meaning that AL will decide about goodboy or BadBoy here And it's all decided in (one of) this (these) last call(s) Doubleclick opcode To set a breakpoint Scroll up to also set a BP in the beginning of this routine. And let's restart to see what happens โ€ฆ And run ;)
  • 16. BAM ! We break in the breakpoint we just set !! Now, think with me. When clicking the About box button โ€ฆ we land here in the verification of the registration. This is not abnormal of course : in the about box is displayed if we are registered or not. However, when registering by the registration routine, then here is a doublechecking done. That also means that this routine is the main "registered or not". Hence, if we patch here, then there is a relatively big chance registration will be permanent. Let's try itโ€ฆ First, let's study the code here. Scroll down. Mmmm, ok. There are no jumps till here, so press run (F9) to land on the BP And we land here on the call I suspect it's all happening in Step in the call (F7) But first remark that we need to return AL >< 0 to be registered !!!! We land in the call And let's see what's all happening here INFO : It's never a bad idea when going through registration schemes to set a BP and restart and run. If you do that here, you will see that this routine is ran at startup(breaking in BP here), meaning that indeed here is decided about registered or not at startup. Scroll down Run till here Remove BP And step F8 from here Ok Mmmm, ok, no harm done BTW, note the data we want the program to register us with No harm done
  • 17. INFO : I have deliberately removed some of the last steps to eb able to reconstruct with you what has happened. But it is rather simple in fact : we must return AL > 0 And we see that this depends on BL We are not registered at this time, so, we will jump here passed the good news : MOV BL, 1 And because AL is zero โ€ฆ we have not jumped here Thus setting BL to zero ---> unregistered And we will jump the setting of BL to 1 ( ---> registered) And so, we jump the good news landing here now Do you understand that this is the place to patch ???? Now, do you understand that IN ADDITION and for extra surety, I could also have patched โ€ฆ.. This JNZ to JMP ????? But of course, this needs always to be patched !!! For complete certainty Now, let's make changes permanent 5. Patching, Saving and testing ;) Save under a different name ;) :) All fine ! 6. Conclusion In this part 13, the primary goal was to make you learn to "think reverser" and not give right up if a program acts otherwise then expected. Give it another try, and finally, you will succeed.
  • 18. So, in this Part13, we studied what to do if not simply patching the reg scheme effectively registers the program. I hope you understood everything fine and I also hope someone somewhere learned something from this. See me back in part 14 ;) The other parts in this series are available at http://tinyurl.com/27dzdn (tuts4you) http://tinyurl.com/r89zq (SnD FileZ) http://tinyurl.com/l6srv (fixdown) Regards to all and especially to you for taking the time to look at this tutorial. Lena151 (2006, updated 2007)