1
00:00:00,900 --> 00:00:02,870
Hello and welcome back.

2
00:00:02,970 --> 00:00:11,430
In this lesson we are going to take a look at how to create a loader creating a loader is a two step

3
00:00:11,430 --> 00:00:12,690
process.

4
00:00:12,750 --> 00:00:22,800
Step one is to use a system for CVG to find the memory address as well as invites to patch.

5
00:00:22,800 --> 00:00:31,370
Once I found the memory address as well as the biased and you want patch then we go to step 2 step 2.

6
00:00:31,380 --> 00:00:39,120
We used to program this is a do two program which we downloaded and you install last lesson to create

7
00:00:39,300 --> 00:00:43,950
a loader based on the information in Step 1 above.

8
00:00:43,950 --> 00:00:46,230
So let's get started.

9
00:00:46,320 --> 00:00:49,100
We are going to create a loader for correct me.

10
00:00:49,110 --> 00:00:52,140
Eleven packed file.

11
00:00:52,280 --> 00:00:54,200
If you have deleted this.

12
00:00:54,410 --> 00:00:55,610
No worries.

13
00:00:55,610 --> 00:00:57,700
You can download it from this link again.

14
00:00:59,130 --> 00:01:09,440
So the first thing we do is open the crack me eleven backfire using excessive force BBG

15
00:01:20,340 --> 00:01:24,780
now know that he has open the kit on run

16
00:01:28,730 --> 00:01:40,390
he anything click and then once the error message dialog box shows click on Boss we are using the contact

17
00:01:40,400 --> 00:01:50,920
method to create this program and once he responds click on contact and look for the user more you call

18
00:01:52,190 --> 00:02:04,600
it is here correctly on this click follow from and here you will find the jump if you want to patch.

19
00:02:04,600 --> 00:02:07,230
So we assemble the jam here

20
00:02:11,390 --> 00:02:20,290
GMP if you've forgotten how to do this please do revise the earlier lessons on how we did this how why

21
00:02:20,290 --> 00:02:25,440
we patching here so check and see issue instructions inside.

22
00:02:25,630 --> 00:02:35,060
Okay so now take note this is the address we want to patch and this is the base.

23
00:02:35,150 --> 00:02:36,910
Are you on the page.

24
00:02:37,560 --> 00:02:44,480
So now we can file page file but we are not going to patch you.

25
00:02:44,500 --> 00:02:45,740
We are going to exploit it.

26
00:02:46,210 --> 00:02:51,080
So clear a spot to not spotting this information.

27
00:02:51,130 --> 00:02:55,940
So to explain and save it in the Crimea eleven fold it

28
00:03:03,780 --> 00:03:08,080
and give it a file name patch.

29
00:03:08,290 --> 00:03:09,390
1 2 3 7

30
00:03:12,080 --> 00:03:14,220
1 patch I support.

31
00:03:14,960 --> 00:03:16,000
So no I take note.

32
00:03:16,250 --> 00:03:20,870
We have found we can go and open the file you open a file using Notepad.

33
00:03:26,730 --> 00:03:31,170
Then over here is your is your set.

34
00:03:31,190 --> 00:03:35,560
Now take note here any offset is different from the virtual address.

35
00:03:35,610 --> 00:03:43,290
Will addresses 4 0 3 8 5 9 0 0 0 0 3 8 5 9.

36
00:03:43,290 --> 00:03:45,490
So this is called reality.

37
00:03:45,490 --> 00:03:48,960
Put your address.

38
00:03:48,960 --> 00:03:50,530
Let me spell it for you.

39
00:03:51,100 --> 00:03:55,000
Relative word your address.

40
00:03:55,010 --> 00:03:56,880
Oh Harvey.

41
00:03:58,070 --> 00:04:04,200
No one over here is virtual address reality virtual address is this address.

42
00:04:09,660 --> 00:04:14,850
And virtual address me.

43
00:04:14,980 --> 00:04:23,990
He's referring to the same address here but he has a base address.

44
00:04:24,390 --> 00:04:36,460
Added 2 0 0 4 9 is so you can choose either two to create a loader based on Harvey e or based on V that

45
00:04:36,490 --> 00:04:37,640
is up to you both.

46
00:04:38,150 --> 00:04:39,430
So let me show you what I mean.

47
00:04:39,950 --> 00:04:48,960
So now after you have gotten this information we can go and uh open our due to program which we safe

48
00:04:48,980 --> 00:04:50,290
on a desktop.

49
00:04:50,330 --> 00:04:51,320
Shut up.

50
00:04:51,310 --> 00:04:54,620
Link run.

51
00:04:55,010 --> 00:04:59,120
Now the first thing you do you will see there's a few buttons.

52
00:04:59,120 --> 00:04:59,620
Phew.

53
00:04:59,630 --> 00:05:07,400
Here's a menu here and you click on project continue and you hear me if any gave you one.

54
00:05:08,300 --> 00:05:14,240
For the application you can click me here Evan and in for the file.

55
00:05:15,270 --> 00:05:24,640
Click history that's here and look for the creamy eleven packed file which is click open then you can

56
00:05:24,640 --> 00:05:26,660
leave all this alone.

57
00:05:26,860 --> 00:05:29,350
Click on Save and over here.

58
00:05:29,350 --> 00:05:39,220
Now you can create a new loader by my regular key and add and then select all set batch.

59
00:05:39,580 --> 00:05:47,530
So now you double click on offset page and over here in the target file click through right here to

60
00:05:47,530 --> 00:05:49,100
select target file.

61
00:05:50,020 --> 00:05:55,000
And over here you either choose this or this.

62
00:05:55,020 --> 00:06:03,260
So if you are choosing this then this is the address then you want to use what's your address which

63
00:06:03,380 --> 00:06:04,400
is this.

64
00:06:04,880 --> 00:06:10,430
But if you are choosing this one then you use the top 1 so that's up to you.

65
00:06:10,460 --> 00:06:13,390
So I'm going to choose to Harvey.

66
00:06:13,640 --> 00:06:22,910
So if I choose Harvey then over here I can just take this address and BCE here.

67
00:06:22,970 --> 00:06:35,100
The offset and then you are combined 74 key here and then I want to bash that so you fall with this

68
00:06:35,120 --> 00:06:36,220
by eevee.

69
00:06:37,200 --> 00:06:39,260
So TB Oh here.

70
00:06:39,520 --> 00:06:49,020
Frankly if you have another line to patch then you add it over here and just enter the offset by basically

71
00:06:49,020 --> 00:06:54,690
here and you might have a few lines here depending on what is the export here.

72
00:06:54,840 --> 00:06:56,320
So that's you're done.

73
00:06:56,460 --> 00:06:57,570
Click save.

74
00:06:57,560 --> 00:06:59,620
Here's a bunch I mean sure is scary.

75
00:07:01,760 --> 00:07:02,650
Nanking unsafe

76
00:07:05,970 --> 00:07:10,220
so not they say this you can leveling these and going on.

77
00:07:10,240 --> 00:07:18,680
Create loader select a simple loader OK and give it the funding.

78
00:07:18,920 --> 00:07:20,890
Now leave it as it is.

79
00:07:20,890 --> 00:07:26,920
Funding suggested cramming eleven loader clean safe.

80
00:07:27,070 --> 00:07:28,720
Now I see you on the right now.

81
00:07:28,890 --> 00:07:32,080
You can kill Yes and you will test it for you.

82
00:07:32,190 --> 00:07:35,910
Oh you can click no and run it manually over here.

83
00:07:36,080 --> 00:07:37,290
This is the loader.

84
00:07:37,290 --> 00:07:45,870
So now you double click the loader and then you look at the program the origin program and then here

85
00:07:46,110 --> 00:07:46,500
is key.

86
00:07:46,500 --> 00:07:53,270
Anything click on check and he has special file in person especially process not a file.

87
00:07:53,970 --> 00:08:00,490
So this method of patching is where you're putting your memory of the process which is running.

88
00:08:00,490 --> 00:08:02,820
You're not putting this file.

89
00:08:02,820 --> 00:08:04,680
This file is untouched.

90
00:08:04,710 --> 00:08:11,370
If you were to run the audio file and keep anything he will feel today.

91
00:08:11,940 --> 00:08:13,800
So this is a process.

92
00:08:13,920 --> 00:08:16,140
The process of creating a loader.

93
00:08:16,740 --> 00:08:23,390
So every time you want to start this file you must have you started using the loader.

94
00:08:23,520 --> 00:08:27,640
If you study directly with the loader it will not be patched.

95
00:08:27,900 --> 00:08:34,290
So you need to start this program first and this program will look a backfire and once a pay file is

96
00:08:34,290 --> 00:08:34,620
loaded.

97
00:08:35,880 --> 00:08:40,350
You wait for this to unpack itself in memory.

98
00:08:40,590 --> 00:08:44,230
Then you bash the file in memory.

99
00:08:44,230 --> 00:08:46,040
So that's how it works.

100
00:08:46,080 --> 00:08:47,610
So that's all for this lesson.

101
00:08:47,610 --> 00:08:49,470
Thank you for watching.

102
00:08:49,500 --> 00:08:52,060
Before that you can save your project.

103
00:08:52,560 --> 00:09:01,410
You can keep a project and then click on C S and give it a name for a project which has gotten the default

104
00:09:02,400 --> 00:09:07,160
extension done goopy too so you just click save.

105
00:09:07,690 --> 00:09:13,380
And now if you go here you see a project save you as a as a way to file extension.

106
00:09:13,470 --> 00:09:18,010
The DB B B2 so a future if you want to reopen the file.

107
00:09:18,080 --> 00:09:23,710
He just opened this file using two to thank you for watching this offer this lesson.