Spynet Internet Mail is a small email program that can be used to quickly send or get E-Mail. I know the programmer, but as soon as he got recognized by software magazines, he became an ass hole, so I chose this program to do a tutorial on. This is actually the first program I ever cracked...ahh sweet revenge. He seems to be a good programmer, but lacks in protecting his software. This program comes down to reversing a single jump. First, load the program in W32DASM. If you don't have it, go to http://zencrack.cjb.net/ and download it from the tools section. This is my favorite site by the way :) Let's get back on track. When you load it, go into the string data refs section (ALT + R + S). Search for the string "error: inc...". Wow, it's right there. This promises to be easy. Double click it and you see this:
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
:00409FB1 6A10 push 00000010
* Possible StringData Ref from Data Obj ->"Spynet Internet Mail - application "
:00409FB3 6824C44100 push 0041C424
* Possible StringData Ref from Data Obj ->"error: incorrect registration "
:00409FB8 68CCCE4100 push 0041CECC
:00409FBD 55 push ebp
Wow! This looks EXTREMELY easy :) Let's go into our hex editor and change the blue highlighted bytes. You should always search for the few bytes before the jump with the jump, in order to get an accurate position. If you don't, you may change something...important :) After searching for it in your hex editor, change it from 7449 to 9090 and note down the offset. This will make it go straight to "you registered". You COULD change it to JNE, but then it would only jump if they entered an invalid serial. Test it by running the program and entering any serial...Wow! It works. Now to make a patch. I do everything in Windows 32 Assembly language.