By accident (more towards forced to actually) aq find the storage location of setting the admin password and operator billing pro ECAFE. Starting from a PC client that access billingnya replaced (because who has the same cafe give the operator know-___-). Aq gk would get in and shut down because aq gk billingnya know the password again. I try to delete it, then plug it again, to no avail, because even if removed, it remains ninggalin ECAFE setting a password in a place where yesterday aq do not know where it was.
Cari2 and baca2 already in the forum but did not find the solution also becomes aq decided to finish his own. As usual file2 in client folder as below.
Files that govern the setting of ECAFE named "clientsetup.exe". Aq started tracking there. Aq open OllyDbg to analyze the processes that run in the program. The results are as shown below.
Because there are so many processes are carried out and the memory is used, then aq selection search based on "text string". The trick, right-click> search for> All referenced Text Strings
The result will only be displayed with the text description. Iseng2 aq are looking for any explanation (which know no information can be obtained 
). And it turns out that information can benar2 aq.
). And it turns out that information can benar2 aq.
In the image seen explain the process that involves a process associated with the password. Starting from the password successfully changed, not successfully changed, not the same password, etc.. Around it, looks a suspect to the address registry aq (aq karna already familiar with the contents of the registry, registry permutations habits ). See the address "Software \ Winset" in the picture. Simply slide into tekape aq (you know).And seen two pieces of string value there.
). See the address "Software \ Winset" in the picture. Simply slide into tekape aq (you know).And seen two pieces of string value there.
Aq try removing the second string to test for errors. Then open the file clientsetup aq earlier. Because the string was already removed, aq try entering the default password is "admin" for login. Aq and was able to login again. This happens because the program does not find a setting in the registry so that the program will receive a default password of the program
Tidak ada komentar:
Posting Komentar