|
hmm all the pissing contests, you're doing it the wrong way...
Patch the proc, NOT the conditional...
.00457C2C is the proc i think (couldnt download exe, link expired, so i had to look at phils exe, nice tagging -> do the tags AFTER the crack works...)
looks like a simple true / false proc...
so a 33 C0 40 C3 should do the job... cant test, aint got all the files...
will do later, if someone wants to put the link up with the files needed to run
the exe until the msgbox appears or whatever...
-----
1. You replaced a 3 byte instruction with a 2 byte short jump, there is a byte left over, the coding will then continue making instructions from the 3rd byte you left behind unchecked and screw the rest of the program.
may/may not matter, depending on the code execution path, if the short jump is a forced jump, EB xx, then the extra byte should never be executed, unless theres a conditional above the part you patch that can branch past it..
-------
EBP is a Base Pointer and not the actual Stack itself which is ESP. If you check the GetDriveTypeA API you will see the stack itself is not changed in any way. So therefor the Stack is perfectly fine as it is.
-------
ebp is a FRAME and holds the stack pointer on entry of the proc...
typically looks like
push ebp
mov ebp,esp
blah blah blah
then can end with a...
mov ebp,esp
pop ebp
ret xx
or leave
ret xx
EBP is important especially within framed procs like this one, calling an api within the ebp frame doesnt matter, the cleanup at the end of the proc RELIES on the stack not being fucked, as it has to pop ebp, and set esp from ebp...
lessons... blind leading the blind more like...
__________________
bleh
DO NOT PM me with questions, leave that in the forums...ESPECIALLY if i dont know you...
|