Topic created on: April 28, 2010 07:51 CDT by bugmero .

Hi All,

I'm new to IDA pro , and to reversing, i have an application written in delphi, i am using ida pro 5.1 to reverse it, the application is connected to a data base , files are dbf , connection is msjet, the database is encrypted, i need to find what kind of encryption is used, i used findcrypt plug in, but it tells me C:\Program Files\IDA\plugins\epf.plw: incompatible plugin version, skipped


4DB449: found sparse constants for MD5
4DBD85: found sparse constants for MD4
54CB20: found sparse constants for MD4
Found 3 known constant arrays in total.

I went at the segment but i don't know how to read it

this is what is says :
CODE:004DB442                 add     eax, ebx
CODE:004DB444                 add     eax, [esp+54h+var_50]
CODE:004DB448                 add     eax, 0D76AA478h
CODE:004DB44D                 mov     edx, 7
CODE:004DB452                 call    sub_4DB3EC
CODE:004DB457                 add     eax, esi
CODE:004DB459                 mov     ebx, eax
CODE:004DB45B                 mov     eax, edi
CODE:004DB45D                 xor     eax, esi
CODE:004DB45F                 and     eax, ebx
CODE:004DB461                 xor     eax, edi

P.S.:does any one know of any good books for ida ?

Thanks