ZenHAX

thank you alot for this howto. found a Text /clipboard Manager Files Password

My comments are in relation to my thread here.

As I couldn't get the password for the game in my thread using the procedure shown in this tutorial here, I tried this tutorial using Mini Robot Wars game as an example/test to see what is going wrong.

>quickbms script imt3.bms was created using Notepad. The script being -

math quickbms_arg1 -= 3
goto quickbms_arg1
for i = 0 < 5
put 0xcc byte
next i

- the script being as per the tutorial in this thread here. Script located in quickbms directory where quickbms could find it.

>Started Mini Robot Wars game by clicking MRW.exe and running it as an Administrator.

>Before playing this game I pressed the keys ALT and TAB to get back to my desktop/system to allow me to do the following procedure.

>Opened a command window under Administrator Rights.

>In the command window, changed the directory to C:\quickbms. This is where the program Quickbms is on my system.

>In the command window, I typed in signsrch -P MRW.exe and pressed the enter key. This ran the program signsrch to find MRW sub processes and their memory addresses.

>signsrch found the ZipCrypto process at memory address 0040426e.



>Then ran OllyDbg V1.1 by clicking OLLYDBG.EXE and running it as an Administrator.

>In OllyDbg selected File, Attach, and then selected MRW.exe process.

>OllyDbg showed some message about Entry Point, and there might be some problem with setting breakpoints.



>I clicked OK on the message box.

>Note that I didn't get this (nor any other) message when attaching other games (in my other thread) using OllyDbg.

>In the command window (set at C:\quickbms directory), I typed

quickbms -p -a 0x40426e int3.bms process://MRW.exe

and pressed the enter key.

>Shortly some output message was shown in the command window which suggested everything was working fine so far.



>Note that in the command window the directory was set at C:\quickbms where the quickbms program is, and also where the script int3.bms is.

>But trying to ALT and TAB back into Mini Robot Wars didn't work when trying to run the game! This program couldn't be run anymore!? Also tried clicking on Mini Robot Wars icon in the task tray, but again the program would not open/run anymore!?

>Opened Windows Task Manager which showed that Mini Robot Wars was not responding!?



>And nothing had changed in OllyDbg either!

>I then closed OllyDbg which also closed the Mini Robot Wars icon (and MRW process) from the Task Tray.

So something is not working right here!?

What is wrong? Why isn't the debugging working?

Thank you.

Have you continued the execution of the game with F9 from ollydbg?
It's that play-like > icon in the menu.

Maybe try to run the game in Window mode from its settings, that makes debugging easier.

Thanks for the comments.

Game execution via the debugger was not done as there was no mention of that step in the tutorial.

But trying again, and this time running game from OllyDbg (F9 key) and then playing the game, soon the password was revealed in OllyDbg. So it now works!

Yes, running in windows mode makes it easier to see what is happening.

Ops I forgot the most important part of the step-by-step
Now fixed.