Page 13 of 16
Re: bRO's client asking for PIN Code on log in
Posted: 16 Dec 2012, 21:03
by ROX_Leopardo
I found the possible procedure that called the method that Kurama posted... with this we can try to know what is the values that the method posted by Kurama used on algorithm...
pastebin.com/HrT2cALv
Search for sub_4AAB70 on asm code...
Re: bRO's client asking for PIN Code on log in
Posted: 17 Dec 2012, 05:22
by ever_boy_
FredBr already commited a fix.
Thank you all who helped us, I learned a lot here.
edit:
well, it seems that his fix is logging in by brute force, spamming a given code, until it is successful (and eventually it will be), but I believe this is not the ideal solution.
So, we should still look for that code.
Re: bRO's client asking for PIN Code on log in
Posted: 17 Dec 2012, 10:50
by kLabMouse
ever_boy_ wrote:FredBr already commited a fix.
Thank you all who helped us, I learned a lot here.
edit:
well, it seems that his fix is logging in by brute force, spamming a given code, until it is successful (and eventually it will be), but I believe this is not the ideal solution.
So, we should still look for that code.
I already posted the code's needed for that. Just a bit of "brain enable" and all go good.
You can try to get the ASM codes from original, and build a C/C++ code that is equivalent. Thus you can check the data on fly with the Ripped and own function if they match.
Re: bRO's client asking for PIN Code on log in
Posted: 17 Dec 2012, 11:01
by ever_boy_
I'm sorry, I meant "a perl's version of that code". We're working on that, but I'm not very used to c++ and asm...
Re: bRO's client asking for PIN Code on log in
Posted: 17 Dec 2012, 11:04
by kLabMouse
ever_boy_ wrote:I'm sorry, I meant "a perl's version of that code". We're working on that, but I'm not very used to c++ and asm...
Like same as C/C++ one, If you have a working C/C++ code you can just change it to Perl one. The only difference is work on strings/arrays of bytes.
Re: bRO's client asking for PIN Code on log in
Posted: 17 Dec 2012, 11:26
by ever_boy_
yeah, but first gotta work on your c++ code, at which I suck :/
btw, we're having some trouble here. a friend of mine says he needs to limit a given var to DWORD type, so that the function could work, but he can't do that in perl. do you know anything about that?
Re: bRO's client asking for PIN Code on log in
Posted: 17 Dec 2012, 11:44
by ROX_Leopardo
ever_boy
Give me some examples of the bytes that the client receive and the sequence that we give with this...
Re: bRO's client asking for PIN Code on log in
Posted: 17 Dec 2012, 11:48
by Kurama
Re: bRO's client asking for PIN Code on log in
Posted: 17 Dec 2012, 11:51
by kLabMouse
ever_boy_ wrote:yeah, but first gotta work on your c++ code, at which I suck :/
btw, we're having some trouble here. a friend of mine says he needs to limit a given var to DWORD type, so that the function could work, but he can't do that in perl. do you know anything about that?
simple: a = a & 0xFFFFFFFF;
Re: bRO's client asking for PIN Code on log in
Posted: 17 Dec 2012, 11:54
by Kurama
thank you, its working now =D
