#ro0ted #OpNewblood What the blackhats don’t want you to know: Modifying Timed Trial Programs
Timed Trials – https://twitter.com/ro0ted/
Load program up in Olly:
Search for all referenced strings:
The important thing for a reverse engineer to know about time trials is that the app MUST remember the amount of tries/days left after quitting and restarting the program. That means that certain data has to be stored persistently somewhere. The most obvious candidates for storing this data are the registry and a file on the hard drive.
A registry path looks like this:
while a file path looks like this:
AppName\DataFileName.ini or AppName\DataFileName.dat
and many times will have something like %WINDOWS% in the name around it, pointing to the Windows install directory.
Looking in the Referenced Strings we find a Registry Key Reference:
Now you know when you hack a website it usually has a database? So does your Windows machine; it’s called the registry. You can access it through “regedit” in the run box or if you have a Win7 type “regedit” without quotes…Run as Admin.
Double click data to see where in Registry it’s located at as in the desired location:
The data flag says 9. It will be different for each machine.
Let’s re open the program outside of Olly.
In registry location right click select modify change the number to 100 in Decimal to 100.
Actually let’s put it to 1000
Now restart the program outside of Olly:
That’s how you make a time trial last on your terms.
Reversing Timed Trials: Ollydbg Tricks Part 3 +
(Visited 476 times, 1 visits today)
- You can follow any responses to this entry through the RSS 2.0 feed.
- Both comments and pings are currently closed.