1 00:00:01,010 --> 00:00:06,200 In this lesson I'm going to show you how to step to a course. 2 00:00:06,260 --> 00:00:14,940 Previously you had to learn how to use F nine to run an effort to step over so in this to this lesson 3 00:00:15,030 --> 00:00:25,200 we'll be doing seven step into a call Control F nine execute to return alternate F nine run to using 4 00:00:26,130 --> 00:00:34,300 all these three new commands are used in conjunction with stepping into cars and stepping out of house. 5 00:00:34,410 --> 00:00:35,210 So let's begin. 6 00:00:37,520 --> 00:00:40,030 Open your 0 1 Mexican. 7 00:00:40,160 --> 00:00:44,690 Correct me if X 64 DV G 8 00:00:49,650 --> 00:00:52,360 and on the top here. 9 00:00:52,830 --> 00:01:00,600 If you go to the bar menu you'll be able to see all these shortcut keys associated. 10 00:01:00,620 --> 00:01:10,760 If you have the commands for example run his F nine step over is f it. 11 00:01:10,880 --> 00:01:14,220 So these two we have been using in a past lesson. 12 00:01:14,350 --> 00:01:20,330 Today we are going to step into a security return and run to use our code. 13 00:01:20,630 --> 00:01:24,560 And these are the corresponding shortcut keys F seven. 14 00:01:24,640 --> 00:01:32,640 Step into obscurity return control of Nine run to use a code alternate F nine. 15 00:01:32,710 --> 00:01:33,430 So let's begin. 16 00:01:35,170 --> 00:01:40,780 So now we have started and we are at the starting address of the operating system. 17 00:01:40,930 --> 00:01:46,860 Let's run to our entry point by pressing f 9 or clicking this button. 18 00:01:48,420 --> 00:01:51,160 And now we are at our entry point. 19 00:01:51,160 --> 00:02:00,290 And if you want to step over we will use F H or this button so let's go it. 20 00:02:00,340 --> 00:02:06,100 Click this button or F it and now we come to our first call. 21 00:02:06,170 --> 00:02:15,950 Remember that in the past lesson I told you that Carl is also a kind of jump but he does not show behind 22 00:02:15,950 --> 00:02:16,870 the scenes. 23 00:02:16,970 --> 00:02:18,600 He actually does a gem. 24 00:02:18,620 --> 00:02:28,670 He goes to this address for 0 1 f 0 perform the instructions and that address and comes back to the 25 00:02:28,850 --> 00:02:31,520 Russian after the call. 26 00:02:31,520 --> 00:02:37,010 That means every time you see a call it will actually jump over there perform whatever it needs to do 27 00:02:37,550 --> 00:02:41,300 and come back to the next instruction after the call. 28 00:02:41,310 --> 00:02:42,250 Okay let's take a look. 29 00:02:42,350 --> 00:02:50,550 If I could continue to press f it now it will go there and come back but it isn't sure. 30 00:02:50,720 --> 00:02:57,350 I just press F it and you actually have gone there and done the instructions and come back to the next 31 00:02:58,030 --> 00:03:01,160 Russian okay. 32 00:03:01,260 --> 00:03:03,620 I press F it and now this will take a jump. 33 00:03:05,210 --> 00:03:12,140 F 8 f f keep up pressing F it and now the next call. 34 00:03:12,200 --> 00:03:17,740 So this time we want to step into the call instead of stepping over it. 35 00:03:17,780 --> 00:03:20,750 F it I am going to press F seven. 36 00:03:20,780 --> 00:03:22,510 This is our new command. 37 00:03:22,610 --> 00:03:30,720 If you forget the command shortcuts you can always refer to DBA when you step into his F seven. 38 00:03:30,800 --> 00:03:41,850 As you can see all you can press this icon to step into Personally I prefer to use F seven so step into 39 00:03:41,880 --> 00:03:43,440 F seven now. 40 00:03:43,440 --> 00:03:53,420 Press seven and the moment you press F seven it is going to jump to this address 4 0 2 6 8 0 so press 41 00:03:53,420 --> 00:03:55,920 s I now take a look. 42 00:03:56,030 --> 00:04:01,500 You are now jumped to this address 4 0 2 6 8 0 now. 43 00:04:02,050 --> 00:04:06,100 When you are here you can step over by pressing every 44 00:04:11,220 --> 00:04:11,580 OK. 45 00:04:11,600 --> 00:04:12,340 This region 46 00:04:16,710 --> 00:04:18,450 and then you see a red. 47 00:04:18,630 --> 00:04:26,550 Red means a return return to a return to the place you jump from the means before you jump. 48 00:04:26,640 --> 00:04:31,720 Where were you so when you click when you run this return you will go back day. 49 00:04:31,770 --> 00:04:40,200 So now notice when you enter here he enter this address 4 0 2 6 0 0 and you execute it all the code 50 00:04:40,200 --> 00:04:42,240 here until red. 51 00:04:42,300 --> 00:04:53,640 So every call will start from a starting location and then execute all the instructions in a call and 52 00:04:53,640 --> 00:04:58,050 return back to the place where it came from before the call. 53 00:04:58,410 --> 00:05:07,480 So if I the press Enter now he will go back to the place before the call to the place where I was so 54 00:05:07,510 --> 00:05:12,190 let's press it and notice if I scroll down. 55 00:05:12,190 --> 00:05:14,640 You can see we were here just now. 56 00:05:15,930 --> 00:05:21,800 We jump to this location executed it by pressing S7. 57 00:05:21,920 --> 00:05:26,570 Then when we hit the return he came back to the line after the call. 58 00:05:27,080 --> 00:05:33,230 So this is a characteristic of all cause whenever the call is finish whenever you're finished doing 59 00:05:33,230 --> 00:05:39,200 what you're supposed to do you will always return using the Reconstruction Authority. 60 00:05:39,320 --> 00:05:44,140 He will return to the place after the call Get lost. 61 00:05:44,330 --> 00:05:45,810 Now we're back from the call. 62 00:05:46,460 --> 00:05:51,400 US press FAA to step over the rest of the instruction. 63 00:05:51,440 --> 00:05:58,860 Just keep pressing FAA keep to this John will not be taken because this is not Rick 64 00:06:02,540 --> 00:06:04,260 jumped it couldn't be this unconditional. 65 00:06:04,270 --> 00:06:11,410 John he's keeping this car jammed will not be taken. 66 00:06:11,530 --> 00:06:16,950 He also says Jiang is not even John is not taken down. 67 00:06:16,980 --> 00:06:21,040 He's not taken jump is taken Jiang taken. 68 00:06:21,040 --> 00:06:21,850 So he would jump 69 00:06:25,050 --> 00:06:25,370 OK. 70 00:06:25,380 --> 00:06:26,630 Now we have another call. 71 00:06:26,980 --> 00:06:34,070 So over here if you press F it he would jump over instead of go to the car but he will still execute 72 00:06:34,070 --> 00:06:34,410 the. 73 00:06:34,420 --> 00:06:35,830 Behind the scenes. 74 00:06:35,990 --> 00:06:39,560 So if you want to step into the car. 75 00:06:39,990 --> 00:06:42,800 What key should be press. 76 00:06:42,940 --> 00:06:44,270 That is correct. 77 00:06:44,510 --> 00:06:45,630 F seven. 78 00:06:45,640 --> 00:06:48,770 So if you press S7 he will step into the car. 79 00:06:48,910 --> 00:06:54,460 If you if you're not interested to step into a car because you do not want to see the details of the 80 00:06:54,460 --> 00:06:56,920 car you can always press have it. 81 00:06:57,270 --> 00:07:02,230 But remember even pressing FAA it does not mean you do not his good car. 82 00:07:02,230 --> 00:07:07,740 The car is still being executed but for now we want to step into it to see what happens. 83 00:07:07,750 --> 00:07:12,010 Soviet press F seven to enter the car at this address. 84 00:07:12,010 --> 00:07:19,630 Anytime Anytime is a operating system memory memory address that will run a system. 85 00:07:19,810 --> 00:07:28,560 So let's press S7 and go there and we have come here and location and days jumps to this and we jump 86 00:07:28,560 --> 00:07:33,300 to the operating system code starting at 7 you can see this our operating system code. 87 00:07:33,520 --> 00:07:41,050 So if you the press et now you execute all this operating system code but most of the time usually we 88 00:07:41,050 --> 00:07:46,600 are not interested in the operating system code because we are not cracking the operating system. 89 00:07:46,720 --> 00:07:52,050 Our interest is to correct the me file these we and the base address four thousand. 90 00:07:52,070 --> 00:07:53,680 Not this address here. 91 00:07:53,890 --> 00:08:01,860 So mostly we are not interested in this but if we press FAA we will continue to step through but and 92 00:08:01,900 --> 00:08:05,940 we are looking for the REIT which is over here are. 93 00:08:06,010 --> 00:08:13,130 So if we keep on pressing eventually we hit charity and go back to our car. 94 00:08:13,390 --> 00:08:16,660 Just before we jump in. 95 00:08:18,310 --> 00:08:22,370 So now is going to hit the charity all right now. 96 00:08:22,660 --> 00:08:27,510 He will go back to the place just before he made the call. 97 00:08:28,160 --> 00:08:34,220 Oh here so you make a call over here by pressing F seven. 98 00:08:34,320 --> 00:08:42,000 We jump to this operating system code and then when you hit the return we came back to this but this 99 00:08:42,000 --> 00:08:43,450 after the call. 100 00:08:43,600 --> 00:08:44,710 Now we press F. 101 00:08:48,480 --> 00:08:54,050 Now we have another call that we insist we are not going to jump into it this time. 102 00:08:54,060 --> 00:08:54,830 So press Effi 103 00:09:00,740 --> 00:09:07,590 all right now we are going to call another instruction at this register. 104 00:09:07,600 --> 00:09:10,120 We start this address. 105 00:09:10,120 --> 00:09:16,360 So whenever you see call E X always look to the register here to see what address it is going to jump 106 00:09:16,360 --> 00:09:16,660 to. 107 00:09:17,260 --> 00:09:22,120 So in this case he is going a charming 2 4 0 1 6 C 0. 108 00:09:22,120 --> 00:09:27,490 So if you press F seven we are going to jump to this address. 109 00:09:29,050 --> 00:09:30,870 Seven and take a look. 110 00:09:30,890 --> 00:09:37,700 We are now here and in the press at 8 to sectoral 111 00:09:41,010 --> 00:09:43,230 his jungle be taken. 112 00:09:44,050 --> 00:09:44,420 General. 113 00:09:44,420 --> 00:09:51,530 Also be taken because his Red Sea jumps over this red image is not going to return yet 114 00:09:55,240 --> 00:09:56,650 this time is going to return. 115 00:09:56,650 --> 00:09:57,490 See this. 116 00:09:57,490 --> 00:09:59,650 So now you press F it return. 117 00:10:00,880 --> 00:10:11,650 To the location just before we call press F it and you return it before the call we will hear and then 118 00:10:11,650 --> 00:10:22,140 we press S7 to go to this earlier address and then when you hit the return it came back to hear right. 119 00:10:22,180 --> 00:10:24,170 Press F it and now we are here. 120 00:10:24,400 --> 00:10:35,310 And this time if you press F seven we are going to jump to this address 4 0 1 C 7 0 so press 7 gave 121 00:10:35,360 --> 00:10:42,820 you a 4 0 1 C. 7 0 press enter and a jump over this written 122 00:10:46,340 --> 00:10:53,450 and even keep on moving until you find a return somewhere or goes back up here to written by let's say 123 00:10:53,450 --> 00:10:59,900 you do want to keep on exploring this part of the quote but you want to do Strictly execute until you 124 00:10:59,900 --> 00:11:01,290 hit a return. 125 00:11:01,340 --> 00:11:02,250 Why do you keep. 126 00:11:02,250 --> 00:11:08,470 What could you press let's say you do not want to keep pressing effort every effort you can guess a 127 00:11:08,470 --> 00:11:19,470 shot at me to jump straight to the written you can press this key execute to return all the shot lucky 128 00:11:19,510 --> 00:11:30,020 for Disease Control F 9 you can check it out here control F nine execute two written so execute the 129 00:11:30,020 --> 00:11:37,630 return will jump straight will you execute all the Russian until he hits the return so let's try it 130 00:11:37,660 --> 00:11:44,350 now control F nine or this key here the return. 131 00:11:44,370 --> 00:11:49,170 Let's go let's click on this control at 9 go. 132 00:11:49,370 --> 00:11:53,540 So he has jam not jam it has SC cause and all the. 133 00:11:53,700 --> 00:11:56,530 The intervening chords and hitting the return. 134 00:11:56,810 --> 00:12:02,650 So now it is ready to return to the place where he was before the call. 135 00:12:02,850 --> 00:12:07,640 So if you press F it now he returned to the place before the call. 136 00:12:07,650 --> 00:12:08,370 There you go. 137 00:12:09,230 --> 00:12:10,990 We were here just now. 138 00:12:11,180 --> 00:12:12,890 You press F seven to enter the call. 139 00:12:13,850 --> 00:12:14,970 And now we are back here. 140 00:12:15,830 --> 00:12:18,120 Let's try another one. 141 00:12:18,170 --> 00:12:28,900 Press TV Now we are going to enter this UN system address press F seven and we are adding system code 142 00:12:29,860 --> 00:12:35,590 and now we can keep on pressing f it until we hit the return OK. 143 00:12:35,610 --> 00:12:37,040 We are not here any return yet. 144 00:12:37,750 --> 00:12:47,440 So if you want to run to the return quickly we exploding any further we can always press risky this 145 00:12:47,440 --> 00:12:52,130 one security return or control F nine. 146 00:12:52,270 --> 00:12:54,170 So let's hit that now country at 9. 147 00:12:55,270 --> 00:13:00,570 And again we strip we execute until the return. 148 00:13:00,590 --> 00:13:01,700 Now we're at the return. 149 00:13:01,700 --> 00:13:05,920 We are ready to return to the place where we were before we caught. 150 00:13:06,440 --> 00:13:11,520 So we press have it to return and take a look. 151 00:13:11,520 --> 00:13:12,760 We return back again. 152 00:13:12,890 --> 00:13:16,090 We were here just now the F 720. 153 00:13:16,370 --> 00:13:18,260 And now we return here okay. 154 00:13:18,290 --> 00:13:22,440 Let's try it further F F A F it. 155 00:13:22,890 --> 00:13:23,510 Another call. 156 00:13:24,320 --> 00:13:25,930 So now we are going to call. 157 00:13:26,670 --> 00:13:30,530 We are going to jump to this address 4 0 2 6 0 0. 158 00:13:30,560 --> 00:13:37,330 So press F seven to step into it and we are here for 0 2 6 0 0. 159 00:13:37,440 --> 00:13:39,580 Let's press F it. 160 00:13:39,590 --> 00:13:47,290 This is a fast written select only to instructions and we are returning press f it back we are back 161 00:13:47,290 --> 00:13:53,440 to the place where we were we were here just now and now we return here and now there's another call 162 00:13:53,800 --> 00:14:02,370 we are going to jump to this address for 0 1 after 3 0 press s 7 and we go to for the 1 3 0 and there 163 00:14:02,460 --> 00:14:11,440 is only one instruction press F it and then we are going to return again so press every now and return 164 00:14:12,400 --> 00:14:20,420 and we return we were here just now we press our seven execute and now we return to this location continue 165 00:14:20,420 --> 00:14:21,110 to press every 166 00:14:23,890 --> 00:14:25,210 This is Jaime is not taken 167 00:14:33,110 --> 00:14:35,700 OK so I think you get the idea. 168 00:14:35,720 --> 00:14:39,260 Not another thing I want to show he is not a con man. 169 00:14:39,320 --> 00:14:43,690 Call the run to use a code. 170 00:14:44,250 --> 00:14:44,780 Let's try it. 171 00:14:44,870 --> 00:14:50,100 Let's reset this by restarting press F nine. 172 00:14:50,390 --> 00:15:01,430 Denise to run two and three point and press f a two step over entities all right. 173 00:15:01,780 --> 00:15:02,310 So. 174 00:15:02,380 --> 00:15:05,730 Press F eight nine. 175 00:15:05,770 --> 00:15:13,930 If you want to run to return click on this to run to return a security return and then press FAA to 176 00:15:13,930 --> 00:15:14,860 return. 177 00:15:15,120 --> 00:15:17,830 We have done this before now. 178 00:15:17,850 --> 00:15:18,570 Press enter 179 00:15:22,030 --> 00:15:30,060 if you want to enter you press seven to enter to enter the call press. 180 00:15:30,360 --> 00:15:37,840 If you want to return fast you could this security return and you either return press equity return. 181 00:15:38,060 --> 00:15:38,790 Step it 182 00:15:44,110 --> 00:15:49,740 given pressing FAA. 183 00:15:50,070 --> 00:15:50,630 All right. 184 00:15:50,910 --> 00:15:54,170 Now this is the one that I want to demonstrate. 185 00:15:54,180 --> 00:15:58,720 So now we are going to enter this system. 186 00:15:59,370 --> 00:16:01,050 So let's press S7 entry. 187 00:16:02,760 --> 00:16:04,540 Now we are going to jump press of. 188 00:16:04,800 --> 00:16:09,960 Now we're at the operating system call operating system memory address. 189 00:16:10,020 --> 00:16:13,010 So we oh here we can press FAA. 190 00:16:13,280 --> 00:16:21,260 And if you want to quickly execute a return which TV press yes right here you can present this key security 191 00:16:21,260 --> 00:16:21,710 return. 192 00:16:21,740 --> 00:16:29,530 So if you practice Kino you will execute all code until you finally return and stop the another alternative 193 00:16:29,530 --> 00:16:35,500 is if you quickly want to go back to our user code which is our crack me code. 194 00:16:35,500 --> 00:16:37,270 We can do another key. 195 00:16:37,330 --> 00:16:46,630 We can use this key here run to use a code so run to use the code shortcut his alternate have nine so 196 00:16:46,750 --> 00:16:55,430 run to user code to execute everything until it hit no return and then automatically go back to the 197 00:16:55,430 --> 00:16:59,840 user code to place where we came from. 198 00:16:59,840 --> 00:17:08,820 So let's try it now alternate f 9 click on this through in a we are back to the user code. 199 00:17:09,240 --> 00:17:18,050 So the user code is the correct me memory address space so remember that whenever we have an operating 200 00:17:18,050 --> 00:17:24,260 system code and we want to come back to the user code we can always use run. 201 00:17:24,260 --> 00:17:25,100 Two years ago. 202 00:17:25,100 --> 00:17:31,180 So you execute all the operating system instruction and come back to our user code. 203 00:17:31,280 --> 00:17:33,080 So our user code is correct me code. 204 00:17:34,070 --> 00:17:34,340 All right. 205 00:17:34,340 --> 00:17:40,080 So let's try another example. 206 00:17:40,480 --> 00:17:48,370 Here it is again another operating system instruction Let's F nine F seven jump to step into it one 207 00:17:48,370 --> 00:17:51,530 more time f eight to jump day. 208 00:17:52,110 --> 00:17:53,830 And now we are in the operating system code. 209 00:17:54,220 --> 00:17:58,020 So how do we go back to use a code. 210 00:17:58,100 --> 00:17:58,610 That's right. 211 00:17:58,700 --> 00:18:01,280 He can use this button here run to use the code. 212 00:18:01,670 --> 00:18:09,500 So instead of pressing F F F it and looking for return we can quickly and really execute until we return 213 00:18:09,500 --> 00:18:10,430 back to use a code. 214 00:18:10,730 --> 00:18:17,880 So just click on random user code or alternate f Knight and we are back in the user code. 215 00:18:17,960 --> 00:18:19,550 We just executed this call. 216 00:18:19,640 --> 00:18:21,420 Now we that in user code. 217 00:18:21,650 --> 00:18:23,890 So that's it for this. 218 00:18:23,940 --> 00:18:33,140 And the instructions that I want to show you are these three seven is how you step into a car instead 219 00:18:33,140 --> 00:18:37,590 of stepping over using f it we can step into it using S7. 220 00:18:37,910 --> 00:18:46,040 And then when we are in your car we can execute until we find the Harry D which is by using control 221 00:18:46,040 --> 00:18:47,880 F nine two. 222 00:18:48,070 --> 00:18:55,970 And none of these if we are in the operating system code there's a shortcut to return back to use a 223 00:18:55,970 --> 00:19:05,750 code by using alternate F nine so F nine to execute all the operating system code and return back to 224 00:19:05,750 --> 00:19:06,790 the user. 225 00:19:07,190 --> 00:19:11,540 So this is why they call it the assassin house here the this one. 226 00:19:11,540 --> 00:19:13,010 Thank you for watching.