Hey, First thing is first. The purpose of this tutorial is for education purposes only. I hereby claim no responsibility what you do with this information. As always if you like the software please purchase it.
Winamp Skin Maker 1.2
Hex to Decimal Calculator (if you have windows 7 choose programmer mode on the calculator).
A small understanding of ASM operands.
Let's begin, First open olly, and open Winamp Skin Maker 1.2 (WSM for short). Let Olly analyze the code. Press F9 (run) let's get a feel for this application and how it behaves when you enter an invalid user/serial code. To do that click about > register > Enter name and any serial it doesn't matter at this point. For me i wrote MrSmith & 12345678 > click ok and what do you see ? Bam Fail, Invalid registration code. No problem. So this program just checks if the serial given matches the name, no nag no nothing else pretty straight forward.
Ok Right click Olly > Search For/View > All Referenced Strings > hit ctrl + F type "Fail" (without quotes and press Enter/Click ok. Double click the line Olly takes you to. This is what mine looks like
Scroll down a little until you seeCode:00406C29 . PUSH OFFSET skinner_1_2.004258B0 ; ASCII "Fail"
This is pretty much at the beginning of the routine where WMS checks your serial to the real serial for your name.Code:00406D83 - 8D4424 38 LEA EAX,[ESP+38]
Set a breakpoint on this line with F2 then hit F9, Enter any User/serial again. I used MrSmith & 12345678. Hit ok and Olly will break and place you where you need to be (In the routine). Now you need to step through the code to see what the program is doing. To step through press F8 each time. Keeping an eye on flags EDI, EBX. As you step through you will see the program handle your name and compare your serial with the real serial. At this address
You see your name printed in ascii so you know you are at the right place. Keep stepping through (F8)Code:00406D96 . 50 PUSH EAX ; Arg1 = ASCII "MrSmith"
When you get to this address you will see your serial code that you entered.
Interesting stuff! . Keep stepping through till you reach this addressCode:00406DA5 . 50 PUSH EAX ; Arg1 = ASCII "12345678"
Ok taking a look at our register window at the right, You will see each flag;Code:00406DEB . > 3BFB CMP EDI,EBX ; compare EDI (our serial) with EBX (real serial)
Convert EBX flag value from hex to decimal, for me EBX = 00322A5F (3287647) as Decimal.Code:EAX 00BC614E ECX 05F5E100 EDX 00989680 EBX 00322A5F ; Real serial as hex ESP 0012F374 EBP 0012F400 ESI 000406DA EDI 00BC614E ; Our serial as hex EIP 00406DEB skinner_1_2.00406DEB
Go on give it a try. Did it work ? of course it did . Congratulations.
guide created by: MrSmith