Meanwhile it takes probably only 20s max to bypass and run without monkeying with the rest. Ah well.
Shame you didn't mention what you were doing that wasn't adding up...maybe ask in conversation for pointers?
Google is the most efficient. xD Eh, Tuts4You is good. Another good resource would be Micro$hit's PE Format.
Is this the correct jump ? after setting rip (assuming rip and eip is the same) to this jump, i was stepping over but i didn't find a jmp rax instead i received a EXCEPTION_ACCESS_VIOLATION after stepping through about 14 lines
) Remember to let it Load the protection and then let it Return to the main module... SP means Stack Pointer (16-bit). ESP means Extended Stack Pointer (32-bit), RSP means Register Stack Pointer (64-bit). Though technically, 64-bit registers never actually have that name-prefix. We just go with it. (It'll probably be easier for you to use "Step Over" instructions when in the Kernel btw.) I use shortcut keys, much faster stepping into/over/blablabla.
Scroll up? Make sure you correct your stack...or you'll crash. Very close (if it were a snake, it'd be biting you)...but remove img..
I got it to work for myselfYou forgot to let it load the library. Right now, you're in the Kernel. You're not looking for the JMP yet. When it RETs back to Paralogue module, you'll see what you need to. Notice the module you're in, title of your debugger says it all. (You're very close btw...you'll probably laugh once you figure it out. Very glad you're this far.
this is the first time i reverse engineered anything. i wanted to learn it for a long time but never had the motivation to start.. haha
Glad you could learn something from it all.I got it to work for myself
when I have free time, I will give a shot at making a crack, although i probably won't succeed
Thank you so much for the tutorial and help
Actually, if you were on v16, you could just dump it and it'd work. Sure it'd be professional to clean up the exe a bit but it'd work regardless. Since v17, another piece of protection was added. Not difficult but not for newcomers. Enjoy. How do you feel about that comment earlier, 10 hours nothing...and so close all along?
It means use Google to figure out what a stack is. Then read what I said again. Correct your stack before trying to get to all of that.
Thanks.Nice to see so many people are able to get it working now. I imagine they are just as excited about it as I was when it worked for me the first time as well
BupoTiling03-Retired this proves you are a good teacher, repeating the steps multiple times until people could make it this far
Glad people can learn and grow. Btw I made a script for you.
No, you performed it correctly. Half of it. The rest of the protection isn't in the executables. Look into the Pak files. The game is calling "Quit" to exit...for a reason. In fact, Page 17 has what you need.
Hmm. Some posts lead me to believe I could just run it at that point without having to mess with the pak files. Guess I'll keep looking.
