||There is a crack, a crack in everything. That's how the light gets in.|
NOTE: CSE HTML
Validator cannot check for a completely syntactically correct
document, although it can find many syntactic errors and offer useful advice and
assistance in creating your documents.
document for syntax cannot be done in a standard HTML browser
because the browser is designed to only let you view HTML documents. If syntactic
errors exist in the document being viewed, the browser attempts to display the
document in a less predictable manner (it guesses as to how it thinks the document
should be displayed), thus resulting in syntactic errors causing your document to be
displayed in a variety of fashions that are likely to vary depending on the browser and
even with the version of the browser. Sometimes, if a document has enough errors, it
will not even display. But why worry about it when you can easily check your
documents with HTML Validator? Simply have HTML Validator validate your documents
prior to them being published. You may also notice that your documents display faster
and with less problems. "
Do not change this
file! It contains your registration information.
The 15 digit serial code is based on your User Name/Handle and is also placed in your System Registry file.
Since I cracked this program without using
a Dead Listing I won't tell you to go and create one using W32Dasm but
if you really want to learn more about this program it might be a good
idea to create one all the same..
First things first..
Run up the program then select the 'File' menu then the 'Register..' option.
You should now be in a simple looking Registration Screen.
Fill in your Name/Handle and a fake serial number.
Before clicking on the 'Ok' button press 'Ctrl-D' to activate Softice then type: bpx messageboxa. Now press 'x' to leave Softice.
Now you can click
on the 'OK' button.
Softice now breaks at the start of the messageboxa system function.
Press the 'F11'
key once and click on the 'OK' button to the message saying your serial
code was invalid. Softice should break here..
:00423815 68A7E04400 push 0044E0A7 ;Messagebox Title
:0042381A 6842DF4400 push 0044DF42 ;"You've entered invalid.."
:0042381F 53 push ebx
:00423820 E848550100 Call USER32.MessageBoxA
:00423825 E979010000 jmp 004239A3 ;We return here
What I normally do here is to scroll the Softice Assembly window until I come across the first occurrence of the following assembler instructions which are nearly always very close by:-
cmp Register,Register (or test Register,Register)
The first set of
these instructions I came across I discounted because it was to do with
creating a messagebox:-
push 0044DE6C ;"Thank you for registering"
:004237F0 53 push ebx
:004237F1 E877550100 Call USER32.MessageBoxA
:004237F6 85F6 test esi, esi
:004237F8 7430 je 0042382A
OK, no problem, I now scrolled up a few more lines and Bingo!, I found another classic set of my favorite set of instructions here:-
:004237CF E80C960000 call 0042CDE0 ;Compare serials
;eax=ffffffff if fail
;eax=1 if correct
:004237D4 83C408 add esp, 00000008
:004237D7 85C0 test eax, eax ;serial correct?
:004237D9 7502 jne 004237DD ;No? then jump
If you have a dead
listing close by for this program then you'll see how close all these instructions
are to our original Softice breakpoint on messageboxa.
At this point I cleared all of Softice's previous breakpoints by typing: bc *
then I type: bpx 004237cf then x to leave Softice.
Now re-run the registration process again and once again Softice breaks but this time on our newly created breakpoint at: 004237cf
Press the 'F10' key once, yep that's right don't trace into this call, just step over it. Now it's interesting to monitor the state of the pc's registers after you've just skipped over a call because this can reveal quite a lot about what the call has just been doing.
So now type: D ecx and you'll see in Softice's code window the *real* serial number you need to use to register this babe!.
If you type D edx then you'll see your *fake* serial.
Now re-run this program
but now use the *real* serial number you've just sniffed out.
My thanks and gratitude goes to:-
Fravia+ for providing possibly the greatest source of Reverse Engineering
knowledge on the Web.
+ORC for showing me the light at the end of the tunnel.
Ripping off software through serials
and cracks is for lamers..
If your looking for cracks or serial numbers from these pages then your wasting your time, try searching elsewhere on the Web under Warze, Cracks etc.
|Next||Return to Essay Index||Previous|
, dword ptr [ecx+01] ;