After following the first address by simply double-clicking on its line we can clearly see that the fist call is used when the user fills an invalid serial number, and the second when he gives the correct one:
Jmp 9 Serial Number Keygen Generator
We saw that ReverseMe puts any serial number typed in the register EDX and some numbers (which represent certainly the correct serial number) in the register ECX; after these operations comes a XOR between values of both registers.
The number of serial ports using the generic 8250 driver on the default kernel configuration is set to 4 at runtime with a maximum of 32. This will prevent the creation of /dev/ttyS4 and above. Counting the typical built in serial port on the motherboard this prevents the use of the 4th serial port on a 4 port expansion card. 2ff7e9595c
Comentarios