Cracking Tutorial for Ulead Cool 3D 2.5

                    ====> Using ProcDump for Auto-Cracking VBox <====





 Tools used

 ----------

 ProcDump 1.5.0           (avaible together with several tuts at procdump32.cjb.net)







 First of all I'd like to tell you that this tutorial is thought of a quick help for people

 new to ProcDump who'd like to kill the VBox 4.0 protection. This tutorial has been requested

 by a guy on #cracking4newbies on EFNet. Although I think most of you can use ProcDump for

 killing VBox protection already this guy was not able to do so. I hope after this short

 tutorial everyone is able to do this.



 Choose any program protected by VBox 4.0.3 ... I've chosen Ulead Cool 3D 2.5, which I found

 on a CD-ROM near my PC. But this will work with any target protected by VBox < 4.2.



 The first step of course is to start ProcDump ... after that choose UNPACK. Now you need to

 choose 'VBox Dialog'. After you pressed on OK you need to choose the EXE file that has been

 protected by VBox ... for me this is U3DEDIT2.EXE. Now you have to wait till your target

 has been loaded and the VBox Screen is displayed. The next step is to press the TRY button.

 Now you have to switch back to ProcDump and press the OK button, which signifies ProcDump

 that the target has been loaded and is ready to be worked with.



 Now the Unpacker Status Window in ProcDump showed me the following information



          Predumping File ...

          Tracing File ...

          Hiding Debugger to host ...

          Breakpoint reached at 0x004FC000

          String search in progress .....

          Setting breakpoint at 0x004FC02B

          Breakpoint reached at 0x004FC02B

          Setting breakpoint at 0x004FB000

          Breakpoint reached at 0x004FB000

          Setting Memory Search Base to 0x004FB000

          String search in progress .....

          Setting breakpoint at 0x004FB02B



 And then the VBox Dialog appeared once again. You now need to press the TRY button. Then

 'Step by step analyzis' has been activated and you need to choose the output file, e. g.

 CRACKED.EXE. Then you'll get something like 'Process Successfully unpacked :)

 (EIP 0x004FB20B)'. Now use ProcDump's included PE Editor to kill the no-longer needed

 section, which is 'WeiJunLi' and apply the changes 'To PE file'.



 Now your target has been automatically cracked using ProcDump ... that was only an

 introduction to ProcDump for Newbies ... more experienced crackers should choose the

 way I've chosen and crack VBox using SoftICE (hint!!). But this lesson has been written

 for Newbies to ProcDump as an introduction.



 IF YOU WOULD LIKE TO HAVE A TUTORIAL ON A SPECIFIC TARGET (NO GAMES), MEET ME ON IRC AT

 #Cracking4Newbies or #C.i.A or e-mail me at TORNAD0_@hotmail.com ... NOTE DOWN URL AND

 SIZE OF THE TARGET AND ALSO INCLUDE THE TYPE OF PROTECTION.







 Another target has been Reverse Engineerd.





 ====> If you want to USE ANY PROGRAM BEYOND it's FREE TRIAL PERIOD, then please BUY IT.





 Greetings to:



 tKC, +Aesculapius, +MaLaTTiA, +ORC, /Miz, alpine, Bisoux, Borna, Boggy, Crackz, DnNuke,

 ECLiPSE Group, epxy, Eternal Bliss, Dead-Mike, FaNt0m, Fravia, fresh, Ghiri, HarvestR,

 Iczelion, Jeff, LaZaRuS, Lord Soth, LUCIFER48, McCodEMaN, MiZ, Ms Jessca, night, NiKai,

 Nitrus, OkStart, pruri, RevX, Rhayader, Santa Clawz, tC, The Sandman, Vladimir,

 Volatility, WarezPup, WKT Group, Xomgromit and EVERYONE ELSE





 You may ask me any question you want. I can be reached at #Cracking4Newbies on EFNET

 or via e-mail at TORNAD0_@hotmail.com



 My website with other tutorials and the cRACKER's n0TES can be found at learn2crk.cjb.net





 ------------------------------------------------------------------------------------------

 Copyright  1999 by TORN@DO and The Immortal Descendants. All Rights Reserved.