This Tutorial are coming from
|Date:||30 September 2000|
|Target:||1ToX Version 2.01 July 2000|
|Download it from:||http://www.logipole.com|
|Download it from:||http://protools.cjb.net|
|Level of tut:||Newbie|
Well, I'm are still working but now I'm are working on a web site, GFX and still have time to write this tut... Strange...... But I weas checking out the shit at download.com so why the hell not ?? I have petched this app once before, no i'm are sniffing the serial out of it....
And i will advise you to
compy the exefile 1tox.exe into another directory, and open it in win32dasm
there.... I have this catalog system..
and i have copied the exefile into c:\Crackes\ and are opening the exefile from there.... What you are doing, will, it are up to you....
You can find the target at http://www.logipole.com and it are named 1toX Version 2.01 and i have patced it once before, coz i didn't find that fucking serial.... But i will find it now :) 1toX are one file splitter and one easy to use one too... I Like that program best.....
It got one form where you
have to enter you name and last name and the code will be generated of that....
And if you have entered the correxct serial then you won't get any
"congratulations" message and if you are entering in the wrong serial
then you will get "Invalid Key" message... :) and that are also all we
need to now... :))
Win32Dasm are for locating
the bad jump and the compare routine....
SoftIce are for sniffing out the serial, You should have it configures good aswell... You won't regret that...
Open 1tox.exe in win32Dasm
and look for your bad key message in "String Data References" and i
* Possible StringData Ref from Data Obj ->"Register" <- -Guess once... | :00409D3D 68BCA54200 push 0042A5BC
* Possible StringData Ref from Data Obj ->"Invalid key" <-- Take once guess... | :00409D42 6814A54200 push 0042A514 :00409D47 55 push ebp
* Reference To: USER32.MessageBoxA, Ord:01C3h <-- Here are the message created... | :00409D48 FF15E8614200 Call dword ptr [004261E8] :00409D4E 6A01 push 00000001 :00409D50 55 push ebp
Well, Just scroll some lines up and you will find this code... or only about 5 to 10 lines longer up
:00409D37 3BC1 cmp eax, ecx :00409D39 742E je 00409D69 :00409D3B 6A10 push 00000010
Wellwell, here the JE will jump if the serial are matching and the cmp eax,ecx are comparing you good and bad serial.... So open Soft Ice and set one breakpoint at getdlgitemtexta and exit softice again... I hope that you have filled in you name and firstname + you fake key...
Press on the OK button and softice will pop up... Now, press F12 once and you will be in some good code, clear all breakpoints annd sett one new breakpoint at the compare routine, it are at 409d37 and exit soft ice.. BANG, you are back :) well, just to one ? eax and you will see you fale key, and ? ecx to see you real serial, i saw 3684123261 and it worked for me... Write the serial down and clear all breakpoints.. Now you got you real key :))
Mercution, LaZaRuS, Potsmoke, Dark Wolf, ManKind, Julietta, BiSHoP, ACiD BuRN, and all the rest that i have forgotten....
If you got any comments to this tutorial the please contact Fr1c or the writter of this tutorial..