Copy Link
Add to Bookmark
Report

Assembly for Crackers - v1.0

DrWatson's profile picture
Published in 
Hacking Tutorials
 · 4 years ago

Hey, This is a very basic guide to assembly for all those people who couldn't be bothered learning the in's & out's of their computer just to be able to use mIRC without having to click on some guys face. :)

I'll basically go through the most necessary stuff that you need to know before you can begin to crack. I know it's not in a very logical order, but what d'ya want for free? ;))

Oh yeah, you should view this with wordwrap on, otherwise it'll be a pain in the arse to follow ;)

REGISTERS


Registers are basically default places in which to store data. The only ones we need to worry about are: (E)AX, (E)BX, (E)CX, (E)DX
( The (E) is only significant when debugging 32-bit code )

Also the register pairs:

  
DS:SI ; Can be used as the source for string operations
ES:DI ; Used as the target for string operations

To understand registers isn't very important for cracking, generally just to know that they're variables for data storage is enough to get you started :)

FLAGS


Flags are essentially like registers except that they can only be true or false ( ie 0 or 1 ) These are set by commands such as CMP, and are used to check the outcome of such a call, ie:

  
CMP AX, BX ; Compare AX to BX, if equal the zero flag is set to 1
JZ 00124531 ; If the zero flag is set, jump to 001254531.

To understand this properly you'll probably have to read on and then come back... :P


The Stack & Push/Pop


Before any function call, a program must 'push' any parameters that the function expects onto the stack. Think of it as a stack of plates, the first plate on the stack is the last one to be taken off-- the stack is exactly the same. It's important to remember this 'first on/last off' principal when looking at a call, as this means that the parameters will be passed in reverse order...

In case my babbling has confused you, lets look at this example:

The windows api function GetDlgItemText requires the following parameters:

  1. Handle of dialog box
  2. Identifier of control
  3. Address of buffer for text
  4. Maximum size of string


Therefore these could be passed like so:

  
MOV EDI,[ESP+00000220] ; Get Handle of dialog box in EDI
PUSH 00000100 ; PUSH (4) Max size of string
PUSH 00406130 ; PUSH (3) Address of buffer for text
PUSH 00000405 ; PUSH (2) Identifier of control
PUSH EDI ; PUSH (1) Handle of dialog box
CALL GetWindowText ; CALL the function

Easy eh? This can be one of the simplest ways of cracking a serial number app, if you know the address of the buffer for the serial number, in this case 00406130, just breakpoint it, and you'll usually end up in or around the procedure that generates the real serial!! :)

POP is simply used to remove the first item from the stack, there are usually a lot of them before a function returns to the program...

AND


  
USAGE : AND dest,src
PURPOSE : Performs a logical AND of the two inputs, replacing the dest with the result
EXAMPLE : AND BX, 03h

There's not very much that can be said about this call, it does what it says.

CALL


  
USAGE : CALL address
PURPOSE : Executes a function at the address 'address'
EXAMPLE : CALL 10284312

Calls the function at address 'address', once the function has finished, the code with continue the line after the call.


CMP


  
USAGE : CMP dest,src
PURPOSE : Subtracts src from dest and updates the flags.
EXAMPLE : CMP AX,03h

This is an important instruction as far as we ( crackers ) are concerned :). Somewhere in the program for it to verify something, ie. to compare the real serial to the one we enter, or to check if a program is registered etc.

This instruction usually preceeds a jump instruction of some kind.

INT


  
USAGE : INT interrupt_number
PURPOSE : Calls a default function ( usually coded in the BIOS )
EXAMPLE : INT 10h

You won't really see this command much ( if at all ) when debugging windows programs, but they turn up all over the place in DOS. Usually the parameters are passed in the default registers ( AX,BX,CX etc. )

There are far too many INT calls to list here, better to get a copy of an interrupt list. Ralph Browns is very good! :)

JMP


  
USAGE : JMP address
PURPOSE : Equivalent to a basic GOTO, jumps to a section of code
EXAMPLE : JMP 00402011

JMP is an unconditional jump to a section of code. As simple as that! :)

There are tons of variations on this instruction, the most important ones are:

  
JZ - Jump if the zero flag is set. ( Same as JE )
JNZ - Jump if the zero flag is not set. ( Same as JNE )

These usually follow a CMP instruction, ie:

  
CMP RealSerial,BadSerial ; Compare the real serial to our serial
JNE GoAwayBadCracker ; If Not Equal then exit.

MOV


  
USAGE : MOV dest,src
PURPOSE : Copies byte or word value from the source to the destination
EXAMPLE : MOV AX,DX

You will see this a *lot* when you're stepping through code, it basically means ( to use BASIC terms ;) ) LET dest = src

There are quite a few variants including MOVSX, but they all basically do the same thing. It might help to get the intel programming specs from their website.

If you can't understand this one, you're screwed! ;)


OR


  
USAGE : OR dest,src
PURPOSE : Performs a logical OR on the two inputs replacing the dest with the result
EXAMPLE : OR DX, AX

Does what it says.

RET


  
USAGE : RET
PURPOSE : To return from a function
EXAMPLE : RET

You will usually see this at the end of a function, and it simply instructs the processor to return to the address of the call to the function.


Useful Stuff


  
The specs for programming intel processors : www.intel.com
Ralph Browns interrupt list : search for it
Win32 Programmers Reference : comes with any visual language

As far as I know this is about all you'll need to really understand to get started in cracking. Most of the stuff is pretty self-explanitory, but if you get stuck you can email me at: Corn02@hotmail.com or go to #cracking4newbies on efnet, where you'll be able to find someone to help you out. Any comments and stuff are also welcome, or any stuff that you think needs to be added also.

--Corn2

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT