1 00:00:00,960 --> 00:00:02,020 Hello. 2 00:00:02,040 --> 00:00:10,680 Have a no show you how to use t VB compiler so let's open VBA compiler 3 00:00:15,010 --> 00:00:25,980 and then load our program on file open program and select the crime 16 open. 4 00:00:26,870 --> 00:00:29,700 So now it has Nick on par. 5 00:00:30,080 --> 00:00:38,630 You can see the compiler Okay so this combined means to convert the binary file into who source code 6 00:00:39,620 --> 00:00:45,960 and you can see from here so says the Tenet solution is four days have fun. 7 00:00:46,010 --> 00:00:55,580 If he doesn't even see the Von and then here is a property for the form and name and the form is form 8 00:00:55,570 --> 00:01:05,520 one and then if you click on each of these you can see the property here the name in some other properties 9 00:01:05,520 --> 00:01:06,330 as well. 10 00:01:06,570 --> 00:01:10,860 So these in two boxes car tax one. 11 00:01:10,980 --> 00:01:16,900 So this text box is text one is called text 1 and then this button is called. 12 00:01:17,190 --> 00:01:26,630 Come on one this button is called common to so this is how useful this program is from here you can 13 00:01:26,630 --> 00:01:30,850 know what the optics are call in from here. 14 00:01:30,860 --> 00:01:36,510 You can host of ISIS the program itself now here. 15 00:01:36,550 --> 00:01:43,550 So if you look at Come on one button come on one button so school is over here. 16 00:01:44,230 --> 00:01:52,150 So when you click on this command one button you execute this source code the same way if you click 17 00:01:52,150 --> 00:01:59,860 on this next button you execute command to source code command to click this command handlers. 18 00:01:59,890 --> 00:02:05,380 So every button on the phone has a command handler. 19 00:02:05,440 --> 00:02:09,970 So this is command one command one button. 20 00:02:09,970 --> 00:02:12,730 So the handler for his car command one click. 21 00:02:13,720 --> 00:02:16,410 This is command to button. 22 00:02:16,480 --> 00:02:18,660 So the handler for his command to click. 23 00:02:20,320 --> 00:02:26,690 So that's how we can use this program to analyze to be sure they see program. 24 00:02:28,120 --> 00:02:31,900 So and you notice here there's a formal program. 25 00:02:32,210 --> 00:02:37,040 The former handler is executed in any form for stats. 26 00:02:37,210 --> 00:02:40,830 So most likely your next screen is caught from here. 27 00:02:41,620 --> 00:02:45,180 So if you double click this you will see that this is under you. 28 00:02:45,370 --> 00:02:52,460 And here you can really really get the address of the uh the form the handler. 29 00:02:52,510 --> 00:02:58,570 So once you've got the address you can just frankly copy for final faces for the energy 30 00:03:01,240 --> 00:03:05,200 and reload your program and then. 31 00:03:05,470 --> 00:03:14,590 This program is a crime scene and you can rightly and good strip to the expression so go to expression 32 00:03:15,190 --> 00:03:19,380 and base your address here right. 33 00:03:19,380 --> 00:03:21,950 This address is obtained from here. 34 00:03:22,120 --> 00:03:26,210 His address his address for the former handler. 35 00:03:27,670 --> 00:03:30,440 So you go straight day and you see. 36 00:03:30,550 --> 00:03:34,430 So this is the input a comment. 37 00:03:34,450 --> 00:03:44,740 This is the form handler subroutine. 38 00:03:45,940 --> 00:03:52,580 So whenever the form looks this is a function of the subroutine that really stuck. 39 00:03:53,320 --> 00:03:59,770 So it is called on you see why we did earlier in message box showing here. 40 00:03:59,770 --> 00:04:06,690 So in this message so easy to find out the analyzed here. 41 00:04:06,710 --> 00:04:13,450 This basic programming in imagery to identify which this code is reaching instructions intensity that 42 00:04:14,050 --> 00:04:16,150 whenever something happens. 43 00:04:16,210 --> 00:04:23,740 So this is the other method that you can use in a voice a little less than we used to call a senator 44 00:04:24,520 --> 00:04:33,910 and now he can use this method to identify where the subroutine is fun for the next screen. 45 00:04:34,040 --> 00:04:34,360 Right. 46 00:04:34,410 --> 00:04:40,230 And the rest is a saying you can just go here now and put our breakpoint here and input object and then 47 00:04:40,400 --> 00:04:46,110 another breakpoint here and perform the patching and exactly how we did in the previous setting. 48 00:04:46,770 --> 00:04:51,810 So no need to repeat that the method now from here on was this is actually the same. 49 00:04:51,810 --> 00:04:59,490 The only new thing is we are now using the VB compiler to have us identify the various functions and 50 00:04:59,490 --> 00:05:05,420 the various command handlers and also the form itself. 51 00:05:05,460 --> 00:05:09,570 And the name of the various component of the form. 52 00:05:09,570 --> 00:05:18,170 Now you'll notice here in the form look here you have to treat that we have it this is an that that 53 00:05:18,330 --> 00:05:26,020 issue is you the disassemble program in the view just like a 64 this is a blow you. 54 00:05:26,550 --> 00:05:28,250 And here is a deacon part of you. 55 00:05:28,470 --> 00:05:32,620 But we have no SS in it because that is a proof feature. 56 00:05:32,760 --> 00:05:41,080 So if you wanted to view the compact source code you need to buy and you can click on buy if you wanted 57 00:05:41,150 --> 00:05:41,930 justice. 58 00:05:44,010 --> 00:05:47,170 So only you only have access to the disassembly of you. 59 00:05:47,630 --> 00:05:57,230 But it is good enough because with this you already can identify the address where the handler recites 60 00:05:57,280 --> 00:06:02,400 and used it to go to our 64 division and trace it down. 61 00:06:04,380 --> 00:06:08,490 So that's all for this doesn't I'll see you next on.