AhMunRa
Grandmaster Cheater Supreme
![]() Reputation: 27
Joined: 06 Aug 2010
Posts: 1117
|
 Posted: Mon Feb 28, 2011 5:05 pm Post subject: C# / .NET and HEX SOLVED |
 |
|
Am working on a keygenme, have found the algo to build my solution, the problem I am having is doing math on int's. The bit of code is
| Code: |
CPU Disasm
Address Hex dump Command Comments
00432632 |> /8BC6 /MOV EAX,ESI ; move char(x) to eax
00432634 |. |99 |CDQ ; The CDQ instruction copies the sign (bit 31) of the value in the EAX register into every bit position in the EDX register.
00432635 |. |F7FD |IDIV EBP ; signed divide
00432637 |. |0FB74454 58 |MOVZX EAX,WORD PTR SS:[EDX*2+ESP+58]
0043263C |. |85C0 |TEST EAX,EAX
0043263E |. |7E 33 |JLE SHORT 00432673
00432640 |. |8BF8 |MOV EDI,EAX
00432642 |> |E8 A71C0900 |/CALL 004C42EE ; [vbsedit.004C42EE
00432647 |. |99 ||CDQ
00432648 |. |B9 3E000000 ||MOV ECX,3E
0043264D |. |F7F9 ||IDIV ECX
0043264F |. |80FA 1A ||CMP DL,1A ; Switch (cases 0..33, 2 exits)
00432652 |. |73 05 ||JNB SHORT 00432659
00432654 |. |80C2 41 ||ADD DL,41
00432657 |. |EB 11 ||JMP SHORT 0043266A
00432659 |> |80FA 34 ||CMP DL,34
0043265C |. |73 05 ||JNB SHORT 00432663
0043265E |. |80C2 47 ||ADD DL,47
00432661 |. |EB 07 ||JMP SHORT 0043266A
00432663 |> |3AD1 ||CMP DL,CL ; Default case of switch vbsedit.43264F
00432665 |. |73 07 ||JNB SHORT 0043266E
00432667 |. |80EA 04 ||SUB DL,4
0043266A |> |885434 14 ||MOV BYTE PTR SS:[ESI+ESP+14],DL ; Cases 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 1A, 1B, 1C, 1D, 1E, 1F, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 2A, 2B, 2C, 2D, 2E, 2F, 30, 31, 32, 33 of switch vbsedit.43264F
0043266E |> |83EF 01 ||SUB EDI,1
00432671 |.^|75 CF |\JNE SHORT 00432642
00432673 |> |46 |INC ESI
00432674 |. |83FE 40 |CMP ESI,40
00432677 |.^\7C B9 \JL SHORT 00432632
|
The magic is happening at the call located at address 00432642.
| Code: |
CPU Disasm
Address Hex dump Command Comments
004C42F3 |. 8B48 14 MOV ECX,DWORD PTR DS:[EAX+14]
004C42F6 |. 69C9 FD430300 IMUL ECX,ECX,343FD
004C42FC |. 81C1 C39E2600 ADD ECX,269EC3
004C4302 |. 8948 14 MOV DWORD PTR DS:[EAX+14],ECX
004C4305 |. 8BC1 MOV EAX,ECX
004C4307 |. C1E8 10 SHR EAX,10
004C430A |. 25 FF7F0000 AND EAX,00007FFF
004C430F \. C3 RETN
|
Yes I know this is the rand() function.
This I have broken down to
| Code: |
shiftInt = shiftInt * 214013;
shiftInt = shiftInt + 2531011;
prevInt = shiftInt;
// Next bit of code handles shr eax, 10
if (first == true)
{
for (int x = 0; x < 16; x++)
{
//shiftInt = shiftInt - 1;
shiftInt = shiftInt / 2;
}
}
|
shiftInt is declared as int as is prevInt. My problem is that without setting shitInt = shiftInt - 1; prior to dividing by 2 it is 1 number off. When I take the value and convert to hex it is also off.
Anyone have any thoughts as to why? I have used the subroutine before to reproduce a shr eax, 10 instruction. Not sure why it is failing here.
NOTE SOLVED BY changing my vars from int to double and using Math.Round(x, 0); this is giving me expected results.
_________________
<Wiccaan> Bah that was supposed to say 'not saying its dead' lol. Fixing >.> |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
