1
00:00:00,030 --> 00:00:02,160
Hello and welcome to this video.

2
00:00:02,700 --> 00:00:10,740
In this video, I will show you how to use either to debunk and -- for a correct me.

3
00:00:11,670 --> 00:00:18,840
So going down on discredit me and then put it somewhere in your desktop like I have here inside of it

4
00:00:19,350 --> 00:00:23,730
is correct me one he actually knows first hand.

5
00:00:23,730 --> 00:00:24,590
See what he does.

6
00:00:25,740 --> 00:00:30,200
So all he does is ask you to please enter the theater key.

7
00:00:30,780 --> 00:00:38,910
And if you were just to take any number and you click on check, you get the wrong Shiraki, try again.

8
00:00:39,500 --> 00:00:41,580
So we are not going to use either.

9
00:00:42,510 --> 00:00:44,770
To crack this new one.

10
00:00:45,480 --> 00:00:46,510
So let's get started.

11
00:00:48,810 --> 00:00:50,170
So we'll open it up.

12
00:00:50,700 --> 00:00:52,470
I'm using a free version.

13
00:00:53,550 --> 00:01:01,830
OK, and then a new project and then go and open the correct me one from the desktop.

14
00:01:04,330 --> 00:01:05,590
And here, Clokey.

15
00:01:07,480 --> 00:01:08,470
Hear clicking on.

16
00:01:12,390 --> 00:01:13,950
And let it disassemble.

17
00:01:19,130 --> 00:01:20,210
And ice.

18
00:01:22,890 --> 00:01:28,540
Now, let's go and look for some strings, so go to view opens up use.

19
00:01:30,070 --> 00:01:31,600
And Select String's.

20
00:01:33,760 --> 00:01:41,140
Scroll down and look for the messages that will give you a hint on how to solve this.

21
00:01:44,520 --> 00:01:51,300
And here you find Congress, so let's double click on this stream and you cross-reference issue to this

22
00:01:51,300 --> 00:02:00,090
data section and in a session, the Congress also have a cross to the function which uses it.

23
00:02:00,570 --> 00:02:10,680
So let's double click and follow this cross-reference and we line into the part where the Congress message

24
00:02:10,680 --> 00:02:12,810
box is being shown on the left.

25
00:02:12,840 --> 00:02:17,940
So Congress message box on the right is a sorry wrong here, a key message box.

26
00:02:18,480 --> 00:02:24,180
So our objective is to try to get it to come to this and show the Congress.

27
00:02:24,840 --> 00:02:31,830
So to do that, we can analyze to come up here and we see that over here.

28
00:02:32,410 --> 00:02:33,420
They said test.

29
00:02:34,110 --> 00:02:39,510
If the test X is zero, then zero will go to hear.

30
00:02:41,340 --> 00:02:45,700
Solely from key Iraqi solely one executive zero.

31
00:02:46,230 --> 00:02:50,710
So to ensure X is zero, we have to find out what sets of he.

32
00:02:51,840 --> 00:02:54,020
So we want it to be zero.

33
00:02:54,030 --> 00:02:59,000
And we see up here, these are actually sent to zero.

34
00:02:59,010 --> 00:03:00,270
So we want this to happen.

35
00:03:01,530 --> 00:03:03,170
So let's see where this happens.

36
00:03:03,720 --> 00:03:08,870
So to find out where this actually happens, we can put a breakpoint somewhere up here.

37
00:03:09,300 --> 00:03:09,550
This.

38
00:03:09,570 --> 00:03:10,110
But here.

39
00:03:11,040 --> 00:03:18,490
So you see where he goes to this path, who here or he goes to a different path.

40
00:03:18,840 --> 00:03:27,600
So let's put a break point to put a break point here and click on a debugger and break points, at which

41
00:03:27,600 --> 00:03:30,450
point the shortcut keys F2.

42
00:03:32,100 --> 00:03:40,770
So at every point you can run, we should go straight to here and click on Run here.

43
00:03:40,770 --> 00:03:41,130
Click on.

44
00:03:41,130 --> 00:03:41,580
Yes.

45
00:03:43,190 --> 00:03:44,300
And now the.

46
00:03:45,750 --> 00:03:54,390
Dialogue is open as you enter this year, we you enter Syria and click on check, and so he has hit

47
00:03:54,390 --> 00:04:00,810
our break point and the blinking arrow in green shows that it is going to go to the right and this is

48
00:04:00,810 --> 00:04:01,090
back.

49
00:04:01,110 --> 00:04:02,360
We don't want you to go to the right.

50
00:04:02,760 --> 00:04:09,630
We want you to go to the left so that you take this path and come down.

51
00:04:11,510 --> 00:04:18,320
Over here and run this are to set it to zero so we can reverse that.

52
00:04:20,070 --> 00:04:29,370
Now, in order to reverse that, we come out here and we will assemble a Jancsi to become a Jazy, so

53
00:04:29,730 --> 00:04:32,240
Sarag on this one presently is GenZE.

54
00:04:33,030 --> 00:04:41,130
So here we go down to that program and then here we click on Assemble and we change the instruction

55
00:04:41,130 --> 00:04:44,870
from Jancsi to Jazy that will reverse the jump.

56
00:04:46,540 --> 00:04:50,850
And Guernsey and Jersey used the same number.

57
00:04:51,430 --> 00:04:58,370
So he will not overwrite, overunder the rest of the instructions, click OK, and I can close this.

58
00:04:59,080 --> 00:05:09,150
So now you step over this and by using F it F or you can even go to debugger and click on Effi.

59
00:05:10,360 --> 00:05:11,510
We're here, step over.

60
00:05:13,090 --> 00:05:18,480
So now he's gone to the left because we're reversing and now here we want to know where he's going,

61
00:05:19,000 --> 00:05:21,280
so we have to have it again.

62
00:05:24,310 --> 00:05:30,700
And now the arrow is blinking, that means is going to go to the right, which is no good until we let

63
00:05:30,700 --> 00:05:31,520
it go to the left.

64
00:05:31,930 --> 00:05:36,020
So here so you have to assemble A, J and Z.

65
00:05:36,700 --> 00:05:46,180
So we select on this one, come up to edit and come back here, patch program assemble.

66
00:05:46,750 --> 00:05:50,430
And here we will reverse the Jay Z to Jay Z.

67
00:05:52,000 --> 00:06:01,230
And as I mentioned, Jay-Z and Jay-Z used the same number of bytes so he will not overwrite the instructions

68
00:06:01,250 --> 00:06:02,040
that come below.

69
00:06:02,380 --> 00:06:05,200
It's OK to assemble and we close.

70
00:06:05,830 --> 00:06:08,950
So now we press it again to see where he goes left.

71
00:06:09,580 --> 00:06:10,750
He should go to the left.

72
00:06:11,950 --> 00:06:12,230
Yes.

73
00:06:12,310 --> 00:06:13,400
So he has gone to the left.

74
00:06:13,750 --> 00:06:19,700
Now he's over here and he is going to come here and so on.

75
00:06:20,230 --> 00:06:21,430
So let's have it.

76
00:06:23,050 --> 00:06:23,770
You think so?

77
00:06:24,160 --> 00:06:27,560
Yes, so now you see the Register X is zero.

78
00:06:27,940 --> 00:06:29,360
That is what we want tonight.

79
00:06:29,890 --> 00:06:32,110
We won X to be zero.

80
00:06:32,980 --> 00:06:40,450
And the other reason why you want it to be zero, because we're here, the message box.

81
00:06:41,730 --> 00:06:45,170
The message being, is he actually be zero, I'll explain later.

82
00:06:45,740 --> 00:06:49,580
So now over here, let's continue to Effi.

83
00:06:53,960 --> 00:06:58,510
And now any tax hikes will be zero and no.

84
00:06:58,650 --> 00:07:02,770
And now he's going to jump to the left because the red arrow is blinking.

85
00:07:03,200 --> 00:07:11,230
That means he's going to go to here and call the message box function of the parameter Congress.

86
00:07:11,260 --> 00:07:11,830
Well done.

87
00:07:12,460 --> 00:07:24,910
So now, if you go and look at the EPA, the EPA four for the message box, EPA for the message boxes

88
00:07:25,060 --> 00:07:28,930
found in median documentation.

89
00:07:29,980 --> 00:07:39,070
So message box has these parameters, the first barometer is handle, so this hunger here is that there

90
00:07:39,070 --> 00:07:44,490
needs to be zero a to the only window on the message box to be created.

91
00:07:44,880 --> 00:07:47,350
A disparity is null, meaning zero.

92
00:07:47,710 --> 00:07:49,490
The message box has no owner.

93
00:07:50,080 --> 00:07:51,820
So we want it to have no owner.

94
00:07:52,000 --> 00:07:53,500
So we want it to be zero.

95
00:07:53,920 --> 00:07:55,740
If it is anything other than zero.

96
00:07:55,930 --> 00:07:56,800
The message was.

97
00:07:56,830 --> 00:07:57,740
We're not sure.

98
00:07:58,540 --> 00:08:06,280
So that's why it's important that the push this one needs to be zero.

99
00:08:07,000 --> 00:08:15,130
As you have explained before, whenever you are going to call EPA before you call, you will push the

100
00:08:15,130 --> 00:08:17,820
parameters to the stack which is down here.

101
00:08:18,610 --> 00:08:24,860
And the way it is done is that whatever is pushing is in reverse order from the EPA.

102
00:08:25,660 --> 00:08:31,460
This is the first barometer to measure past second parameter, that parameter and so on.

103
00:08:32,170 --> 00:08:33,190
So now let's see.

104
00:08:33,380 --> 00:08:34,960
We are going to have it.

105
00:08:37,240 --> 00:08:40,420
And now he's going push Congress.

106
00:08:40,990 --> 00:08:42,310
He's going to push gun.

107
00:08:44,450 --> 00:08:47,670
And I know he's going to push, which is now zero, which is good.

108
00:08:48,770 --> 00:08:49,310
There you go.

109
00:08:49,310 --> 00:08:49,680
Zero.

110
00:08:50,450 --> 00:08:58,520
So this is the first barometer to message box, second parmeter time, barometer and barometer.

111
00:08:58,940 --> 00:09:05,990
So these are four parameters that are pushing this thing in to make it ready for the message box EPA

112
00:09:05,990 --> 00:09:06,560
to be caught.

113
00:09:07,220 --> 00:09:11,260
This is exactly what you want according to the forms documentation.

114
00:09:12,410 --> 00:09:19,010
So if you take a look at your mouth doing a combination again, let me just remind you, this is the

115
00:09:19,010 --> 00:09:19,940
first parameter.

116
00:09:20,120 --> 00:09:23,480
Second parameter, that parameter for parameter.

117
00:09:24,760 --> 00:09:30,370
So that's why we got first, second, third, fourth parameter, how we are going to start over this

118
00:09:30,790 --> 00:09:33,490
by effort and the message box is showing.

119
00:09:34,030 --> 00:09:34,740
Well done.

120
00:09:35,170 --> 00:09:35,570
All right.

121
00:09:35,890 --> 00:09:39,090
So now you can take this and run all the way.

122
00:09:39,890 --> 00:09:40,270
All right.

123
00:09:40,330 --> 00:09:49,280
Now you can stop the debugger and now we are ready to back the original file.

124
00:09:49,780 --> 00:09:57,330
So depending on your file, your father, we need to pacis this one personally is not best for you.

125
00:09:57,640 --> 00:10:01,750
It has only passed the database, so you need to test the file.

126
00:10:02,470 --> 00:10:07,270
So to do that, you click on the click on edit whiffing on that program.

127
00:10:08,020 --> 00:10:15,180
And now we go to the last one here, apply patches to input file and then here this is an input father

128
00:10:15,190 --> 00:10:19,960
you want to patch, but before we patch it, we create a backup, namely click, OK.

129
00:10:21,210 --> 00:10:26,700
All right, so now we go back, you can see there is a back up here, all right.

130
00:10:26,730 --> 00:10:28,150
And this is a pacifier.

131
00:10:28,650 --> 00:10:33,840
So in case you made a mistake, you can have a do you have a back up of the original before he's being

132
00:10:33,840 --> 00:10:34,290
bashed?

133
00:10:34,800 --> 00:10:41,790
So let's try to run this now the PETTIFER and now we enter and eating whatever doesn't matter.

134
00:10:42,170 --> 00:10:46,830
You click on check and we have got a good message so successfully.

135
00:10:47,250 --> 00:10:49,160
Besch correct me one.

136
00:10:49,890 --> 00:10:59,510
So this is how you can use Yeeda to deba and reverse and crack me and also Petchey.

137
00:11:00,390 --> 00:11:02,100
So that's all for this video.

138
00:11:02,850 --> 00:11:04,230
Thank you for watching.