Guest sonic_00 Posted February 23, 2007 Share Posted February 23, 2007 hi, i want to create a patch for a general program, but i'm not sure how to do it. i thought to this solution: 1 - modify the exe file; 2 - compare the normal file with the modified one to find the different bytes; 3 - put into an array the position of the bytes in the code and their new values; 4 - tell the program to open the normal exe file, find the bytes and modify them with the new values 5 - close the exe file. is this the right way? and do you know other solutions? and of course, sorry if my english is cruel Link to comment
Nacho_dj Posted February 23, 2007 Share Posted February 23, 2007 That's exactly what I do in my patches, it's a good way Good luck Nacho_dj Link to comment
Ufo-Pu55y Posted February 24, 2007 Share Posted February 24, 2007 ... and do you know other solutions?I think the only other solution is to ask the devs not to protect it... lol Link to comment
Loki Posted February 26, 2007 Share Posted February 26, 2007 Your general theory is correct, sure. If you're struggling as to exactly how to do it, there are loads of source codes knocking around the place - all you really need is one example and it should show you what you need to know! Link to comment
Guest sonic_00 Posted February 27, 2007 Share Posted February 27, 2007 I GOT IT! I've done a full-working patch both with Delphi and C++! Yeahhhh! Link to comment
antrobs Posted March 2, 2007 Share Posted March 2, 2007 That's good ........ do you have some sample's of your patcher in Delphi and C++ to show to us.... aNtRoBs Link to comment
Guest sonic_00 Posted March 8, 2007 Share Posted March 8, 2007 That's good ........ do you have some sample's of your patcher in Delphi and C++ to show to us.... Well, in this example (Delphi) i've patched TSRh Trial KeyGenME (Yes, i know you mustn't patch it, but it's only for example ) so, after we've patched the keygenme and saved it with a different name, let's see wich bytes are different: (original file is "1.exe" and the modified one "1_mod.exe" ) var Original,Modified, Target : file; Buffer,Buffer1,Buffer3 : integer; i : integer;procedure TForm1.Button1Click(Sender: TObject);begin AssignFile(original,'1.exe'); Reset(original,1); AssignFile(modified,'1_mod.exe'); Reset(modified,1); i := 1; repeat BlockRead(Original,Buffer,1); BlockRead(Modified,Buffer1,1); if not(Buffer = Buffer1) then begin memo2.Lines.Add(IntToStr(Buffer1)); memo1.Lines.Add(IntToStr(i)); end; i := i +1; until EoF(Original); CloseFile(Original); CloseFile(Modified);end; only ONE byte changed! its position in the exe is 3894 ad its new value 235. we have now in "memo1" the position of the byte, and in "memo2" the new value. Right? let's name the original file "target.exe" and patch it with this proc: procedure TForm1.Button2Click(Sender: TObject);begin Buffer3 := 235; AssignFile(Target,'Target.exe'); Reset(Target,1); Seek(Target,3893); //finds the right position - 1 : 3893 BlockWrite(Target,Buffer3,1); //then writes 235 in the next position (the correct position) : 3894 CloseFile(Target); ShowMessage('Operazione completata!');end; we GOT it... is it all clear? Link to comment
Guest devilclaw Posted April 5, 2007 Share Posted April 5, 2007 Cool..Your code search and replace different bytes... but, can you show me a code to change a specific hex address?thankz Link to comment
Loki Posted April 5, 2007 Share Posted April 5, 2007 Just use SetFilePointer. In MASM, something like:.dataFileName db "crackme.exe",0FileOffset dd 00025DDBhReplaceBy db 90h,90h,90h,90h,90hReplaceSize dd 5hfhandle dd ?fsize dd ?bwrite dd ?.codeinvoke CreateFile, addr FileName, GENERIC_READ or GENERIC_WRITE, NULL, NULL,OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULLmov fhandle,eaxinvoke SetFilePointer, fhandle, FileOffset, 0, 0mov fsize, eaxinvoke WriteFile, fhandle, ADDR ReplaceBy, ReplaceSize, ADDR bwrite, 0invoke CloseHandle, fhandleAdd error checking and stuff, obviously Link to comment
PiONEER Posted April 5, 2007 Share Posted April 5, 2007 (edited) Hello Check Win32_Assembler_Coding_for_Crackers_by_Goppit_v11.chm for a ASM Patch Cheers Edited April 5, 2007 by PiONEER Link to comment
Guest devilclaw Posted April 5, 2007 Share Posted April 5, 2007 (edited) HelloCheck Win32_Assembler_Coding_for_Crackers_by_Goppit_v11.chm for a ASM Patch Cheers I was talking about delphi language, but I'll try to do my patch using asm.. Thankz about the tutorial, I'll study this.. Edited April 5, 2007 by devilclaw Link to comment
Guest devilclaw Posted April 5, 2007 Share Posted April 5, 2007 @PiONEERI've already downloaded 3 times from URL http://www.tuts4you.com/blogs/request.php?1230and all times WinRar are showing me this error:! C:\Downloads\Win32 Assembler Coding for Crackers v11.rar: Invalid or corrupt authenticity informationCan you send Win32_Assembler_Coding_for_Crackers_by_Goppit_v11.chm to rapidshare ou other fileshare service?thanks in advance Link to comment
Vrane Posted April 5, 2007 Share Posted April 5, 2007 http://arteam.accessroot.com/tutorials.html?fid=173 Link to comment
Teddy Rogers Posted April 5, 2007 Share Posted April 5, 2007 If you took the time to read the FAQ on Tuts 4 You:http://www.tuts4you.com/blogs/e107_plugins/faq/faq.phpIt would explain why you are getting the authenticity verification error...Ted. Link to comment
Guest devilclaw Posted April 5, 2007 Share Posted April 5, 2007 If you took the time to read the FAQ on Tuts 4 You:http://www.tuts4you.com/blogs/e107_plugins/faq/faq.php It would explain why you are getting the authenticity verification error... Ted. Sorry Ted, I read now, but Winrar cannot extract the file.. still getting the message: ! C:\Documents and Settings\Administrator\Desktop\Win32 Assembler Coding for Crackers v11.rar: Unexpected end of archive! C:\Documents and Settings\Administrator\Desktop\Win32 Assembler Coding for Crackers v11.rar: CRC failed in Win32 Assembler Coding for Crackers v11\Win32_Assembler_Coding_for_Crackers_by_Goppit_v11.chm. The file is corrupt! C:\Documents and Settings\Administrator\Desktop\Win32 Assembler Coding for Crackers v11.rar: Unexpected end of archive Look a screenshot of Info about this file: Authenticity verification: Absent This happen because my WinRar is registered with another name or because the rar file is not signed? Link to comment
Teddy Rogers Posted April 5, 2007 Share Posted April 5, 2007 Just downloaded direct from Tuts 4 You page and tested here and there are no errors.The reason for absent authenticity verification is because you are using a cracked copy of WinRAR. Different cracks seem to handle the authenticity verification differently, some say it is invalid and in other cases such as yours, it seems, say that it isn't present...Ted. Link to comment
Guest devilclaw Posted April 6, 2007 Share Posted April 6, 2007 Thankz Vrane for the link! PiONEER, this tutorial rulez Thank you very much! I cant stop to read Ted, I'll try to install another version (a new beta) that just use a keyfile not a crack, later I post here to you the results. Link to comment
PiONEER Posted April 6, 2007 Share Posted April 6, 2007 Hello HeHe nice try it... i have one for Delphi but it is Privat Cheers Link to comment
Guest devilclaw Posted April 6, 2007 Share Posted April 6, 2007 (edited) @Ted You right! I search for a non-patched winrar but no success today, I just found one but I think that the EXE its already patched... and that key its already blacklisted at oficial winrar site.. I will wait a next version @PiONEER What this delphi tutorial teach? I'm curious now I think that Asm tuto for cracking will do all my job Edited April 6, 2007 by devilclaw Link to comment
PiONEER Posted April 6, 2007 Share Posted April 6, 2007 Hello @devilclaw Yep ASM is good try it it do the job for you Cheers Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now