Ferrous Moon
http://www.ferrousmoon.com:80/forums/

how to remove VSEC (updated 2019-09-21 for 0.2.6)
http://www.ferrousmoon.com:80/forums/viewtopic.php?f=52&t=3063
Page 1 of 1

Author:  hans henrik [Wed Jul 12, 2017 12:01 pm ]
Post subject:  how to remove VSEC (updated 2019-09-21 for 0.2.6)

using OllyDBG 2.01 (from http://www.ollydbg.de/odbg201.zip )


instructions for 0.2.6:

video here: https://www.youtube.com/watch?v=9AKNnJxchuo

find the string "vdpin/disarmed.png", search for references to it, there should only be one, looking like:
Code:
test esi,esi jne short Onlink-x86.00B35C5C push offset "vdpin/disarmed.png"
then simply replace the `jne` instruction with nop nop, and voila, VSEC will be disarmed instantly upon clicking on any square in VSEC :)


--------------------------------------------------------------------------------------
instructions for 0.2.5:

Go to -> Expression "VsecScreenInterface::attempts" -> Follow Expression

search for references to this address

its written to from many places, but only read in 1 place, with a
Code:
mov ecx, dword ptr ds:[Onlink-x86.VsecScreenInterface::attempts]
now shortly after that, its increased by 1 with "inc ecx" - replace that with "nop" - and you'll (probably?) have unlimited attempts, as it should no longer count the number of times you've clicked.


a little further down there, you'll find some variation of this code, repeated over and over and over (probably 8 times, but i didn't count):
Code:
cmp dword ptr ds:[edi*4+Onlink-x86.VsecScreenInterface::LightsStats],eax sete al mov dword ptr ds:[edi*4+Onlink-x86.VsecScreenInterface::LightsStats],eax xor eax,eax cmp edx,3 jge short Onlink-x86.001E58E1
this is part of the algorithm that determines which button should lit or not when clicking. the "sete al" instruction, specifically, makes the switches light up. replace all the "sete al" instructions with
Code:
mov al,0 nop
- and all buttons around the button you clicked, should only ever turn off, which makes solving the VSECs as easy as clicking on all the lit buttons (or just click on any of the buttons near the lit button, really)


(i've been doing some version of this for several years, forgetting how i did it last time, and sometimes messing up and making the program crash on vsecs instead. - i should have kept notes of this - and now i have)

Author:  ogro [Mon Oct 16, 2017 3:18 pm ]
Post subject:  Re: how to remove VSEC

The problem is not worth the work for removal, I used a java solver I found on the web

Page 1 of 1 All times are UTC-05:00
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/