1 00:00:00,590 --> 00:00:03,050 Hello and welcome back. 2 00:00:03,050 --> 00:00:11,930 Before we jump in to trying to solve crime meter Dean let us first examine the strategies data available 3 00:00:11,960 --> 00:00:16,380 to us as you can see in this slide. 4 00:00:16,500 --> 00:00:27,030 There are three ways in which we can approach the crime rate in the first way is the easiest to do and 5 00:00:27,030 --> 00:00:31,710 it does not require you to unpack the file. 6 00:00:31,740 --> 00:00:42,990 So in this method you will hide in a debugger from the program using killer height or idea plugins and 7 00:00:42,990 --> 00:00:54,390 then you will create a loader using the two and then you will bash hero key in the process that is running. 8 00:00:54,390 --> 00:01:01,770 So this method is very useful if you are unable for whatever reason to unpack defined. 9 00:01:03,210 --> 00:01:11,480 So the second rule is use if you can find me or be the original entry point or in entry point. 10 00:01:12,060 --> 00:01:21,990 If you recall easy entry point of the father he's inside the paper section so finding it will be sometimes 11 00:01:21,990 --> 00:01:24,110 may not be so straightforward. 12 00:01:24,120 --> 00:01:31,180 So in those cases where you are able to find your B then you cannot use the second way. 13 00:01:31,310 --> 00:01:33,420 If you used the first order. 14 00:01:34,470 --> 00:01:44,730 So assuming that you then find your AP and then he will not try to unpack it by dumping the unpack file 15 00:01:45,390 --> 00:01:51,950 and then trying to fix your I.D. and sometimes fixing I.T. is not so easy. 16 00:01:51,960 --> 00:01:59,780 So if you are unable to face i.e. table then the secondary cannot be used. 17 00:01:59,880 --> 00:02:07,800 So you'll be left with your first order but assuming that you are able to successfully unpack file then 18 00:02:07,830 --> 00:02:13,360 you can go ahead and bash the father has me unpacked. 19 00:02:13,680 --> 00:02:20,520 So it is known as file patching and here I would like to emphasize the difference between process patching 20 00:02:20,580 --> 00:02:23,690 and file purging in process patching. 21 00:02:23,760 --> 00:02:31,140 You are not patching any files in the at all you are actually patching the memory the RAM memory and 22 00:02:31,140 --> 00:02:40,490 this is also known as runtime paging however in the second movie Ray you are using the unpack file to 23 00:02:40,720 --> 00:02:44,340 patch you are actually patching your files so. 24 00:02:44,800 --> 00:02:54,090 So what's the difference between process and file processes where a program has been loaded into memory 25 00:02:54,780 --> 00:03:02,970 so before a program runs serious in the hand disk and it is known as a file so before file can run he 26 00:03:02,970 --> 00:03:10,420 has to be loaded from the had this into memory and then only you patching the process. 27 00:03:10,420 --> 00:03:18,300 So this is done using Lotus but are we here we are patching a file so you're not patching the memory 28 00:03:18,340 --> 00:03:19,220 here patching a file. 29 00:03:19,230 --> 00:03:20,700 So this would be different. 30 00:03:22,050 --> 00:03:29,670 And then the third method is the most difficult of all because the third method is where you are trying 31 00:03:29,670 --> 00:03:38,460 to figure the zero key so and it may not be so easy especially if this year a key is a January 10 using 32 00:03:38,460 --> 00:03:44,610 some complicated method or what is known as complicated algorithms. 33 00:03:44,610 --> 00:03:52,290 So now I'm going to start off the next lesson by going through the first method first and then we'll 34 00:03:52,290 --> 00:03:57,760 proceed with second and then we in the subsequent lessons. 35 00:03:57,780 --> 00:04:00,420 So that's all for this lesson. 36 00:04:00,420 --> 00:04:02,130 I'll see you in the next one. 37 00:04:02,490 --> 00:04:03,470 Thank you for watching.