zabbix
+ Reply to Thread
Results 1 to 12 of 12

Thread: W*2Dasm Question

  1. #1
    Join Date
    Jan 2010
    Posts
    1

    W*2Dasm Question

    Ok, so after years in the programming in various languages I decided to venture into ASM. I did it at university, very little of it, so I understand it to a certain degree.

    I was following a tutorial on cracking software. It's not something I'd want to do, but learning how to do it definatly gives you a deeper insight into things.

    Anyway, sort of hit a snag.

    I disassembled the software I'm attempting to crack. At start up it asks for an email address and password. The software validates online. So anyway, I took some text from the dialog that popped up and searched for it in W*2Dasm and it returned nothing.

    The string I was searching for is "Verify!" ... its what's on the button. I tried other strings that were on the dialog box, and still nothing.

    All I'm seeing is lines that say:

    * Possible StringData Ref from Code Obj -> "Verify your account"

    The question is, why wouldn't the string be there in the code? Something I'm missing?

    Thanks. Appreciate any comments.
    0*00*0*00**0000*0**0**0*0**00*0*0***00**00*000000*00*0*00**00*0*0**00**00**00**00**00*0*0***00*00*** *00*

  2. #2
    Join Date
    Jan 2010
    Posts
    3
    In x86 assembly, when you write a (direct) jump or call, the jump target is specified as an offset from the address of the next instruction. For example:

    *000: jmp *020 ; => EB *E
    *002: ...

    Here, EB is the opcode for a short jmp, and *E is the offset from the following instruction (at *002) to the jump target (i.e., *E = *020 - *002).

    Another example:

    2000: jmp 2*00 ; => E* FD 00
    200*: ...

    Here, E* is the opcode for a near jmp, and 00FD is the offset from the following instruction (at 200*) to the jump target.

    (Indirect jumps do not use offsets. For example, jmp eax will use the contents of eax as the jump target, without adding the address of the next instruction.)
    _______________________________________________________
    Last edited by gordo; 01-31-2010 at 11:13 AM. Reason: spam links

  3. #3
    Join Date
    Feb 2010
    Posts
    1
    As my research revealed, you are not the only one who has noticed that
    W*2DASM seems to have dissapeared mysteriously.
    Since you are exclusively interested in obtaining a legal full version
    (and since no Google Answers Researcher would be allowed to help you
    getting an illegal, cracked version), I see only one solution: You
    need to contact the programmer directly. Would you be interested in
    business contact information for the author of W*2DASM? Please let me
    know.

    ==============
    Last edited by gordo; 02-15-2010 at 08:21 AM.

  4. #4
    Abhijit12 Guest

    kannada lyrics

    You can browse [URL=http://www.indiankalakar.com/kannada_lyrics.php]kannada lyrics[/URL] by movie/album name, singers and lyric titles arranged by alphabets.

  5. #5
    DIVYANI92 Guest
    I did try a decompiler once (named Rec, i think). First noticeable
    thing was that the decompiler would simply crash with such large input
    (or for all i know it could be callbacks crashing it, dunno). Apart
    from that, the input you'd get lacked symbols, so all function and
    variable names were based on addresses, making the 'code' far less
    than human readable. Of course, the 'code' consisted only of simple
    constructs like for.
    ============
    Last edited by gordo; 03-04-2010 at 07:46 AM.

  6. #6
    Join Date
    Mar 2010
    Posts
    1
    Thankiossk Cool!
    [url=http://www.mbtshoesupply.com]mbt sale[/url]

  7. #7
    Join Date
    Mar 2010
    Posts
    1
    W*2Dasm (or Win*2DASM) doesn’t seem to exist on the map any more, but it’s still a very useful programmers tool, especially if you like reverse engineering.

    W*2Dasm is a Windows *2-bit (Win*2) disassembler. What it does is display the programs routines in assembly code, which makes it easier for you to trace what the software is doing.

    I like to use this software every once in a while, but recently I found there were no decent sources for this software.

    However, I soon located a copy that I had on my computer from a while back, in a directory named “w*2ds8**̸*;.
    =================
    [url=http://www.themortgagebroker.co.uk/property-developers.html]Property Developers[/url]
    [url=http://www.merchant-accounts.com]Merchant Services[/url]

  8. #8
    Join Date
    Mar 2010
    Posts
    1
    wow that is good thanks for the post
    [URL="http://www.testkingprep.com/avaya-certification-certification.html"]avaya certification[/URL]|[URL="http://www.testkingprep.com/oracle-certification.html"]brain***** oracle[/URL]|[URL="http://www.testkingprep.com/itil-certification.html"]itil v* certification[/URL]|[URL="http://www.testkingprep.com/mcp-certification.html"]mcp *****[/URL]|

  9. #9
    Join Date
    Mar 2010
    Posts
    1
    URSoft W*2DASM is a discontinued product and can not be bought anymore. You may find old versions for download on the Internet, or try other programs such as OllyDbg, IDA or SoftICE.
    =========
    [
    Last edited by gordo; 03-30-2010 at 06:57 PM.

  10. #10
    season31 Guest
    *. Ida and W*2dasm shows the Offset of a specific Virtual Address at the bottom of the main window

    2. there are some tools around that may help you, search for File Location Calculator on google

    *. do it by hand, the formula is pretty simple; make practice with the ***rd 'search' function and try to find the formula.
    ============
    Last edited by gordo; 04-05-2010 at 06:27 PM.

  11. #11
    Join Date
    Apr 2010
    Posts
    1
    W*2Dasm is a Windows *2-bit (Win*2) disassembler. What it does is display the programs routines in assembly code, which makes it easier for you to trace what the software is doing.
    Last edited by gordo; 04-08-2010 at 10:00 PM.

  12. #12
    cookies9 Guest
    Now, put the selector line on "0040**DF Call GetDlgItemTextA" then press the F2 button from your key***rd to set a breakpoint. Go to the second address to and set a breakpoint there too by pressing F2. See the picture below to see my breakpoints. The addresses highlighted with white means that there is set a breakpoint.
    *************
    [url=http://www.micrositez.co.uk]SEO UK[/url]

+ Reply to Thread

Similar Threads

  1. W*2dasm revisited
    By OldJohnnyBoy in forum Programming
    Replies: 1
    Last Post: 07-06-2015, 11:59 AM
  2. question
    By darknight in forum Viruses and Trojans
    Replies: 1
    Last Post: 12-26-2008, 08:07 AM
  3. I can't open powered_keylogger.exe in w*2Dasm 8.**?
    By sneha in forum Security & Encryption
    Replies: 2
    Last Post: 05-07-2007, 02:40 AM
  4. question
    By Unregistered in forum Proxies and Firewalls
    Replies: 1
    Last Post: 08-03-2004, 03:56 PM
  5. Question
    By Unregistered in forum Internet Privacy
    Replies: 2
    Last Post: 04-21-2004, 10:18 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts