Let's hear it!

[Quik]

I've spent more than $3k on car stuff alone :p

It gets away from you if you don't watch yourself..

In all I have put about 1,500 in my car. but made about $400 back reselling stuff.

Oh, you can't factor in how you pay for stuff! That's cheating.. ;]

[Newby]

Hm. I've been working at cracking a program written in Delphi, and man, this thing is so fucking retarded.. some bits and pieces, from the trace I logged:

Code: [Select]

00000220 .rsrc:sub_50CA48+127BAC call    $+5                      sub_50CA48 call sub_50CA48:loc_6345F9   
00000220 .rsrc:locret_6357B1      retn                            returned to @Now   
...                       
00000220 CODE:sub_403ECC:locret_403ED3 retn                            sub_403ECC returned to CODE:0051A8F2   
00000220 .rsrc:sub_509A54+101462 call    $+5                      sub_509A54 call sub_509A54:loc_60AEBB   
It's somehow magically returning elsewhere from where it was called. It's actually getting annoying. Heh. It's like it's overwriting its own return address or something. But what's weird is that it'll do this in functions IDA recognizes as being standard functions.

Of course, if this thing disassembled everything properly, I wouldn't be having an issue. But half of these loc:6X* addresses are just a bunch of bytes that it can't make sense of.

[iago]

Have you tried pressing 'c' to turn those bytes into code?

Also, why are all the addresses at the left the same?

<edit> And in terms of returning to the wrong place, remember that 'ret' just pops the top value off the stack and jumps there. If they modify the stack, it's going to return somewhere it didn't start. This isn't the crackme called 'shaker.exe', is it?

[BigAznDaddy]

woohoo I rode my bike on some single track trails for 3 hours yesterday. my butt hurts now.

[dark_drake]

Ah... Tuesday is the last day of my senior design 2 class. It's been a ton of work, but at least it was enjoyable. I do need a short break, though.

[Newby]

Have you tried pressing 'c' to turn those bytes into code?

Also, why are all the addresses at the left the same?

I have. It seems to turn the bytes into random assembly... I fear it's incorrect, seeing as how it has a ton of things that don't seem necessary to the program. (e.g. DMA-related stuff, instructions I've *never* seen before, etc.)

And it's a program I won't name, since I don't want to be associated with cracking it.

[iago]

Have you tried pressing 'c' to turn those bytes into code?

Also, why are all the addresses at the left the same?

I have. It seems to turn the bytes into random assembly... I fear it's incorrect, seeing as how it has a ton of things that don't seem necessary to the program. (e.g. DMA-related stuff, instructions I've *never* seen before, etc.)

And it's a program I won't name, since I don't want to be associated with cracking it.

Make sure you convert the exact instruction it jumps to, not the ones before or after.

If you look for my writeup of shaker.exe, you'll see some techniques I used to get around what you're describing:
http://svn.skullsecurity.org:81/ron/security/2009-shaker-crackme/

(The .exe is there too, disassemble it and see if it's similar)

[Newby]

I've been sick since two nights ago. I spent the last 24 hours sleeping, only to wake up on the hour every hour for some strange reason.

Boo.

[BigAznDaddy]

I go back to school in 2 weeks and I still am not allowed to register for class What The Fuck

[iago]

I go back to school in 2 weeks and I still am not allowed to register for class What The Fuck

That sounds like an interesting class.

[Blaze]

I go back to school in 2 weeks and I still am not allowed to register for class What The Fuck

That sounds like an interesting class.

Yeah, I'd like to sign up for that class, too!  But it won't let me sign up for class What The Fuck.

[BigAznDaddy]

blehhh

[Hitmen]

Fuck wikipedia and all of its links to other articles. I was looking something up in the article on the US constitution and ended up 3 hours later reading about the life of HP lovecraft and wondering what the hell I was still doing on there.

[dark_drake]

Fuck wikipedia and all of its links to other articles. I was looking something up in the article on the US constitution and ended up 3 hours later reading about the life of HP lovecraft and wondering what the hell I was still doing on there.

Exercise some self-control! There was this one time I was on Wikipedia reading about chemical engineering, and then I thought, "I'll check out some equipment." I eventually ended up on a page about stripteases.

[BigAznDaddy]

Fucking bullshit. SDSU takes away my Cal Grant gives me a unsubsidized loan, and fucking raises fees from $2,000 a semester to $5000. 
Fucking piece of shit bull crap.