Jumat, 26 Oktober 2007
PHP and MySQL
Build an online catalog and a members-only site
Everything you need to know to create a dynamic PHP and MySQL Web site!
Been thinking of creating a high-quality interactive Web site? This book is just what you need to get started! Here's the fun and easy way(r) to develop a Web application in PHP 4, 5, or 6 and MySQL 5, test your software, enable your Web pages to display, change, and move database information, and much more.
Discover how to
* Plan and implement a Web database application
* Design and build a MySQL 5 database
* Build dynamic HTML forms
* Create scripts that store, retrieve, and update database information
* Display database information in a Web page
Download Baca selengkapnya Internet Learning: Oktober 2007
Senin, 22 Oktober 2007
raZZia's Tutorial on Key Generators
Tools!
For tools you need a minimum of debugger like SoftIce for Windows (hence WinIce), and a C compiler with Dos libraries.
Content!
In this tutorial I will show how to make a key-gen for Ize and Swiftsearch. The protection that these programs use is the well known Enter-Name-and-Registration-Number method. After selecting 'register', a window pops up where you can enter your name and your registration number. The strategy here is to find out where in memory the data you enter is stored and then to find out what is done with it. Before you go on make sure you configure the SoftIce dat file according to the PWD tutorial #1.
Part 1: Scanline Swiftsearch 2.0!
Swiftsearch is a useful little program that you can use to search on the web. I will explain step by step how to crack it.
step 1. Start the program :)
step 2: Choose register from the menus. You will now get a window where you can enter your name and your registration number.
step 3: Enter SoftIce (ctrl-d)
step 4: We will now set a breakpoint on functions like GetWindowText(a) and GetDlgItemText(a) to find out where in memory the data that we just entered is stored. The function that is used by this program is GetDlgItemTexta (trial and error, just try yourself :) so, in SoftIce type BPX GetDlgItemTexta and exit SoftIce with the g command.
step 5: Now type a name and a registration number (I used razzia and 12345) and press OK, this will put you back in SoftIce. Since you are now inside the GetDlgItemTexta function press F11 to get out of it. You should see the following code:
lea eax, [ebp-2C] :<--- we are looking for this location push eax push 00000404 push [ebp+08] call [USER32!GetDlgItemTextA] mov edi, eax :<--- eax has the length of the string and is stored in edi for later usage. We see that EAX is loaded with a memory address and then pushed to the stack as a parameter for the function GetDlgItemTextA. Since the function GetDlgItemTextA is already been run we can look at EBP-2c (with ED EDP-2c) and see that the name we entered is there. Now we know where the name is stored in memory, normally it would be wise to write that address down, but we will see that in this case it wont be necessary. So, what next? Now we have to allow the program to read the registration number we entered. Just type g and return and when back in SoftIce press F11. You should see the following code: push 0000000B lea ecx, [ebp-18] : <--So, ebp-18 is where the reg. number push ecx : is stored. push 0000042A push [ebp+08] call [USER32!GetDlgItemTextA] mov ebx, eax : <--save the lenght of string in EBX test edi, edi : <--remember EDI had the lenght of the jne 00402FBF : name we entered? We see that the registration number is stored at location EBP-18 , check it with ED EBP-18. Again, normally it would be wise to note that address down. Also we see that it is checked if the length of the name we gave was not zero. If it is not zero the program will continue. Step 6: Ok, now we know where the data we entered is stored in memory. What next? Now we have to find out what is DONE with it. Usually it would we wise to put breakpoints on those memory locations and find out where in the program they are read. But in this case the answer is just a few F10's away. Press F10 until you see the following code : cmp ebx, 0000000A :<--remember EPX had the length of the je 00402FDE : registration code we entered? These two lines are important. They check if the length of the registration code we entered is equal to 10. If not the registration number will be considered wrong already. The program wont even bother to check it. Modify EBX or the FLAG register in the register window to allow the jump. Continue Pressing F10 until you get to the following code (note that the adresses you will see could be different) : :00402FDE xor esi, esi :<-- Clear ESI :00402FE0 xor eax, eax :<-- Clear EAX :00402FE2 test edi, edi :00402FE4 jle 00402FF2 :00402FE6 movsx byte ptr ecx, [ebp + eax - 2C] :<-- ECX is loaded with a letter of the name we entered. :00402FEB add esi, ecx :<-- Add the letter to ESI :00402FED inc eax :<-- Increment EAX to get next letter :00402FEE cmp eax, edi :<-- Did we reach the end of the string? :00402FF0 jl 00402FE6 :<-- If not, go get the next letter. Well, we see that the program adds together all the letters of the name we entered. Knowing that ESI contains the sum of the letters, lets continue and find out what the program does with that value : :00402FF2 push 0000000A :00402FF4 lea eax, [ebp-18] :<-- Load EAX with the address of the reg. number we entered :00402FF7 push 00000000 :00402FF9 push eax :<-- Push EAX (as a parameter for the following function) :00402FFA call 00403870 :<-- Well, what do you think this function does? :) :00402FFF add esp, 0000000C :00403002 cmp eax, esi :<-- Hey! :00403004 je 00403020 We see that a function is called and when RETurned ESI is compared with EAX. Hmm, lets look at what's in EAX. A '? EAX' reveals : 00003039 0000012345 "09" Bingo. That's what we entered as the registration number. It should have been what's inside ESI. And we know what's inside ESI, the sum of the letters of the name we entered! Step 7: Now we know how the program computes the registration code we can make a key-gen. But we should not forget that the program checks also that the registration number has 10 digits. A simple C code that will compute the registration number for this program could look like this: #include
#include
main()
{
char Name[100];
int NameLength,Offset;
long int Reg = 0, Dummy2 = 10;
int Dummy = 0;
int LengtDummy = 1;
int Lengt , Teller;
printf("Scanline SwiftSearch 2.0 crack by raZZia.\n");
printf("Enter your name: ");
gets(Name);
NameLength=strlen(Name);
// the for lus calculates the sum of the letters in Name
// and places that value in Reg
for (Offset=0;Offset< lengt =" LengtDummy" dummy ="1;" lengtdummy="LengtDummy" dummy2="Dummy2*10;" lengt="10-Lengt;" teller="1;Teller<="Lengt;Teller="Teller+1)" edi="EDI*EAX" edi="EDI*EAX" edi="EDI*ESI" ebp="EBP+EDI" eax="EAX" eax="EAX" eax="EAX" eax="EAX">>10
:00404489 ret
The above code consists of a loop that goes trough all the letters of the name we entered. With each
letter some value is calculated, all these values are added up together (in EBP). Then this value is stored
in EAX and the function RETurns. And that was what we were looking for, we wanted to know how EAX got its value!
Step 6: Now to make a key-gen we have to translate the above method of calculating the right reg# into a
c program. It could be done in the following way :
(Note : I am a bad c programmer :)
#include
#include
main()
{
char Name[100];
int NameLength,Offset;
unsigned long Letter,DummyA;
unsigned long Key = 0xa4cc;
unsigned long Number = 0;
printf("Ize 2.04 crack by razzia\n");
printf("Enter your name: ");
gets(Name);
NameLength=strlen(Name);
for (Offset=0;Offset> 0x10;
Letter=Letter*DummyA;
DummyA=Key;
DummyA=DummyA*0x15a4e35;
DummyA=DummyA+1;
Key=DummyA;
DummyA=DummyA & 0x7fff0000;
DummyA=DummyA >> 0x10;
Letter=Letter*DummyA;
Letter=Letter*(Offset+1);
Number=Number+Letter;
}
printf("\nYour registration number is : %lu\n",Number);
}
Final Notes
For feedback and suggestions pls contact me :)
raZZia
Baca selengkapnya Internet Learning: Oktober 2007
For tools you need a minimum of debugger like SoftIce for Windows (hence WinIce), and a C compiler with Dos libraries.
Content!
In this tutorial I will show how to make a key-gen for Ize and Swiftsearch. The protection that these programs use is the well known Enter-Name-and-Registration-Number method. After selecting 'register', a window pops up where you can enter your name and your registration number. The strategy here is to find out where in memory the data you enter is stored and then to find out what is done with it. Before you go on make sure you configure the SoftIce dat file according to the PWD tutorial #1.
Part 1: Scanline Swiftsearch 2.0!
Swiftsearch is a useful little program that you can use to search on the web. I will explain step by step how to crack it.
step 1. Start the program :)
step 2: Choose register from the menus. You will now get a window where you can enter your name and your registration number.
step 3: Enter SoftIce (ctrl-d)
step 4: We will now set a breakpoint on functions like GetWindowText(a) and GetDlgItemText(a) to find out where in memory the data that we just entered is stored. The function that is used by this program is GetDlgItemTexta (trial and error, just try yourself :) so, in SoftIce type BPX GetDlgItemTexta and exit SoftIce with the g command.
step 5: Now type a name and a registration number (I used razzia and 12345) and press OK, this will put you back in SoftIce. Since you are now inside the GetDlgItemTexta function press F11 to get out of it. You should see the following code:
lea eax, [ebp-2C] :<--- we are looking for this location push eax push 00000404 push [ebp+08] call [USER32!GetDlgItemTextA] mov edi, eax :<--- eax has the length of the string and is stored in edi for later usage. We see that EAX is loaded with a memory address and then pushed to the stack as a parameter for the function GetDlgItemTextA. Since the function GetDlgItemTextA is already been run we can look at EBP-2c (with ED EDP-2c) and see that the name we entered is there. Now we know where the name is stored in memory, normally it would be wise to write that address down, but we will see that in this case it wont be necessary. So, what next? Now we have to allow the program to read the registration number we entered. Just type g and return and when back in SoftIce press F11. You should see the following code: push 0000000B lea ecx, [ebp-18] : <--So, ebp-18 is where the reg. number push ecx : is stored. push 0000042A push [ebp+08] call [USER32!GetDlgItemTextA] mov ebx, eax : <--save the lenght of string in EBX test edi, edi : <--remember EDI had the lenght of the jne 00402FBF : name we entered? We see that the registration number is stored at location EBP-18 , check it with ED EBP-18. Again, normally it would be wise to note that address down. Also we see that it is checked if the length of the name we gave was not zero. If it is not zero the program will continue. Step 6: Ok, now we know where the data we entered is stored in memory. What next? Now we have to find out what is DONE with it. Usually it would we wise to put breakpoints on those memory locations and find out where in the program they are read. But in this case the answer is just a few F10's away. Press F10 until you see the following code : cmp ebx, 0000000A :<--remember EPX had the length of the je 00402FDE : registration code we entered? These two lines are important. They check if the length of the registration code we entered is equal to 10. If not the registration number will be considered wrong already. The program wont even bother to check it. Modify EBX or the FLAG register in the register window to allow the jump. Continue Pressing F10 until you get to the following code (note that the adresses you will see could be different) : :00402FDE xor esi, esi :<-- Clear ESI :00402FE0 xor eax, eax :<-- Clear EAX :00402FE2 test edi, edi :00402FE4 jle 00402FF2 :00402FE6 movsx byte ptr ecx, [ebp + eax - 2C] :<-- ECX is loaded with a letter of the name we entered. :00402FEB add esi, ecx :<-- Add the letter to ESI :00402FED inc eax :<-- Increment EAX to get next letter :00402FEE cmp eax, edi :<-- Did we reach the end of the string? :00402FF0 jl 00402FE6 :<-- If not, go get the next letter. Well, we see that the program adds together all the letters of the name we entered. Knowing that ESI contains the sum of the letters, lets continue and find out what the program does with that value : :00402FF2 push 0000000A :00402FF4 lea eax, [ebp-18] :<-- Load EAX with the address of the reg. number we entered :00402FF7 push 00000000 :00402FF9 push eax :<-- Push EAX (as a parameter for the following function) :00402FFA call 00403870 :<-- Well, what do you think this function does? :) :00402FFF add esp, 0000000C :00403002 cmp eax, esi :<-- Hey! :00403004 je 00403020 We see that a function is called and when RETurned ESI is compared with EAX. Hmm, lets look at what's in EAX. A '? EAX' reveals : 00003039 0000012345 "09" Bingo. That's what we entered as the registration number. It should have been what's inside ESI. And we know what's inside ESI, the sum of the letters of the name we entered! Step 7: Now we know how the program computes the registration code we can make a key-gen. But we should not forget that the program checks also that the registration number has 10 digits. A simple C code that will compute the registration number for this program could look like this: #include
#include
main()
{
char Name[100];
int NameLength,Offset;
long int Reg = 0, Dummy2 = 10;
int Dummy = 0;
int LengtDummy = 1;
int Lengt , Teller;
printf("Scanline SwiftSearch 2.0 crack by raZZia.\n");
printf("Enter your name: ");
gets(Name);
NameLength=strlen(Name);
// the for lus calculates the sum of the letters in Name
// and places that value in Reg
for (Offset=0;Offset
:00404489 ret
The above code consists of a loop that goes trough all the letters of the name we entered. With each
letter some value is calculated, all these values are added up together (in EBP). Then this value is stored
in EAX and the function RETurns. And that was what we were looking for, we wanted to know how EAX got its value!
Step 6: Now to make a key-gen we have to translate the above method of calculating the right reg# into a
c program. It could be done in the following way :
(Note : I am a bad c programmer :)
#include
#include
main()
{
char Name[100];
int NameLength,Offset;
unsigned long Letter,DummyA;
unsigned long Key = 0xa4cc;
unsigned long Number = 0;
printf("Ize 2.04 crack by razzia\n");
printf("Enter your name: ");
gets(Name);
NameLength=strlen(Name);
for (Offset=0;Offset
Letter=Letter*DummyA;
DummyA=Key;
DummyA=DummyA*0x15a4e35;
DummyA=DummyA+1;
Key=DummyA;
DummyA=DummyA & 0x7fff0000;
DummyA=DummyA >> 0x10;
Letter=Letter*DummyA;
Letter=Letter*(Offset+1);
Number=Number+Letter;
}
printf("\nYour registration number is : %lu\n",Number);
}
Final Notes
For feedback and suggestions pls contact me :)
raZZia
Selasa, 02 Oktober 2007
Refactoring
Many developers develop their applications first for functionality and then, once the functionality is in place, they re-work their applications to make them more manageable and more readable. This process is referred to as refactoring. Refactoring is the process of reworking code for readability, performance, providing type safety, and lining applications up to better adhere to standard OO (object-oriented) programming practices.
For this reason, the C# environment of Visual Studio 2005 now includes a set of refactoring tools. You can find these tools under the Refactoring option in the Visual Studio menu. To show this in action, create a new class called Car in Visual Studio:
using System;
using System.Collections.Generic;
using System.Text;
namespace ConsoleApplication1
{
public class Car
{
public string _color;
public string _doors;
public int Go()
{
int speedMph = 100;
return speedMph;
}
}
}
Now from here, suppose that in the idea of refactoring, you want to change the code a bit so that the _color and the _door variables are encapsulated into public .NET properties. The refactoring capabilities of Visual Studio 2005 allow you to simply right-click either of these properties in the document window and select Refactor Encapsulate Field. This will pull up the Encapsulate Field dialog shown in Figure 14-28.
Figure 14-28
From this dialog, you can provide the name of the property and click the OK button. This will turn the selected public field into a private field while also encapsulating the field into a public .NET property. After clicking OK, the code will have been reworked to the following (after redoing both fields):
using System;
using System.Collections.Generic;
using System.Text;
namespace ConsoleApplication1
{
public class Car
{
private string _color;
public string Color
{
get { return _color; }
set { _color = value; }
}
private string _doors;
public string Doors
{
get { return _doors; }
set { _doors = value; }
}
public int Go()
{
int speedMph = 100;
return speedMph;
}
}
}
As you can see, these wizards make it quite simple to refactor your code not just on one page but for an entire application. Also included are abilities to do the following:
Rename method names, local variables, fields, and more
Extract methods from a selection of code
Extract interfaces based upon a set of existing type members
Promote local variables to parameters
Rename or reorder parameters
You will find the new refactoring abilities provided by Visual Studio 2005 a great way to get you the cleaner, more readable, better structured code that you are looking for. Baca selengkapnya Internet Learning: Oktober 2007
For this reason, the C# environment of Visual Studio 2005 now includes a set of refactoring tools. You can find these tools under the Refactoring option in the Visual Studio menu. To show this in action, create a new class called Car in Visual Studio:
using System;
using System.Collections.Generic;
using System.Text;
namespace ConsoleApplication1
{
public class Car
{
public string _color;
public string _doors;
public int Go()
{
int speedMph = 100;
return speedMph;
}
}
}
Now from here, suppose that in the idea of refactoring, you want to change the code a bit so that the _color and the _door variables are encapsulated into public .NET properties. The refactoring capabilities of Visual Studio 2005 allow you to simply right-click either of these properties in the document window and select Refactor Encapsulate Field. This will pull up the Encapsulate Field dialog shown in Figure 14-28.
Figure 14-28
From this dialog, you can provide the name of the property and click the OK button. This will turn the selected public field into a private field while also encapsulating the field into a public .NET property. After clicking OK, the code will have been reworked to the following (after redoing both fields):
using System;
using System.Collections.Generic;
using System.Text;
namespace ConsoleApplication1
{
public class Car
{
private string _color;
public string Color
{
get { return _color; }
set { _color = value; }
}
private string _doors;
public string Doors
{
get { return _doors; }
set { _doors = value; }
}
public int Go()
{
int speedMph = 100;
return speedMph;
}
}
}
As you can see, these wizards make it quite simple to refactor your code not just on one page but for an entire application. Also included are abilities to do the following:
Rename method names, local variables, fields, and more
Extract methods from a selection of code
Extract interfaces based upon a set of existing type members
Promote local variables to parameters
Rename or reorder parameters
You will find the new refactoring abilities provided by Visual Studio 2005 a great way to get you the cleaner, more readable, better structured code that you are looking for. Baca selengkapnya Internet Learning: Oktober 2007
Learning PHP 5
Publisher : O'Reilly
Pub Date : June 2004
ISBN : 0-596-00560-1
Pages : 368
Learning PHP 5 is the ideal tutorial for graphic designers, bloggers, and other web crafters who want a thorough but non-intimidating way to understand the code that makes web sites dynamic. The book begins with an introduction to PHP, then moves to more advanced features: language basics, arrays and functions, web forms, connecting to databases, and much more. Complete with exercises to make sure the lessons stick, this book offers the ideal classroom learning experience whether you're in a classroom or on your own. Baca selengkapnya Internet Learning: Oktober 2007
Pub Date : June 2004
ISBN : 0-596-00560-1
Pages : 368
Learning PHP 5 is the ideal tutorial for graphic designers, bloggers, and other web crafters who want a thorough but non-intimidating way to understand the code that makes web sites dynamic. The book begins with an introduction to PHP, then moves to more advanced features: language basics, arrays and functions, web forms, connecting to databases, and much more. Complete with exercises to make sure the lessons stick, this book offers the ideal classroom learning experience whether you're in a classroom or on your own. Baca selengkapnya Internet Learning: Oktober 2007
Langganan:
Postingan (Atom)