This Tutorial are coming from

http://kickme.to/NC


Aouthor: Acid_Cool_178
Date: 30 September 2000
Target: 1ToX Version 2.01 July 2000
Download it from: http://www.logipole.com 
Tools Used: Win32Dasm
Soft Ice
Download it from: http://protools.cjb.net
Level of tut: Newbie

TOC

1. Introduction

2. The Target
3. The Protection
4. The Tools
5. Main Part
6. Greetings

 

1. Introduction

Well, I'm are still working but now I'm are working on a web site, GFX and still have time to write this tut... Strange...... But I weas checking out the shit at download.com so why the hell not ?? I have petched this app once before, no i'm are sniffing the serial out of it....

And i will advise you to compy the exefile 1tox.exe into another directory, and open it in win32dasm there.... I have this catalog system..

c:\Crackes\1toX\

and i have copied the exefile into c:\Crackes\ and are opening the exefile from there.... What you are doing, will, it are up to you....


 

2. The Target

You can find the target at http://www.logipole.com and it are named 1toX Version 2.01 and i have patced it once before, coz i didn't find that fucking serial.... But i will find it now :) 1toX are one file splitter and one easy to use one too... I Like that program best.....


 

3. The Protection

It got one form where you have to enter you name and last name and the code will be generated of that.... And if you have entered the correxct serial then you won't get any "congratulations" message and if you are entering in the wrong serial then you will get "Invalid Key" message... :) and that are also all we need to now... :))


 

4. The Tools

Win32Dasm are for locating the bad jump and the compare routine....
SoftIce are for sniffing out the serial, You should have it configures good aswell... You won't regret that...


 

5. Main Part

Open 1tox.exe in win32Dasm and look for your bad key message in "String Data References" and i founded this.. 

* Possible StringData Ref from Data Obj ->"Register"	<- -Guess once...
                                  |
:00409D3D 68BCA54200              push 0042A5BC
* Possible StringData Ref from Data Obj ->"Invalid key"	<-- Take once guess...
                                  |
:00409D42 6814A54200              push 0042A514
:00409D47 55                      push ebp
* Reference To: USER32.MessageBoxA, Ord:01C3h		<-- Here are the message created...
                                  |
:00409D48 FF15E8614200            Call dword ptr [004261E8]
:00409D4E 6A01                    push 00000001
:00409D50 55                      push ebp
Well, Just scroll some lines up and you will find this code... or only about  5 to 10 lines longer up
:00409D37 3BC1                    cmp eax, ecx
:00409D39 742E                    je 00409D69
:00409D3B 6A10                    push 00000010

Wellwell, here the JE will jump if the serial are matching and the cmp eax,ecx are comparing you good and bad serial.... So open Soft Ice and set one breakpoint at getdlgitemtexta and exit softice again... I hope that you have filled in you name and firstname + you fake key...

Press on the OK button and softice will pop up... Now, press F12 once and you will be in some good code, clear all breakpoints annd sett one new breakpoint at the compare routine, it are at 409d37 and exit soft ice.. BANG, you are back :) well, just to one ? eax and you will see you fale key, and ? ecx to see you real serial, i saw 3684123261 and it worked for me... Write the serial down and clear all breakpoints.. Now you got you real key :))


 

6. Greetings

Mercution, LaZaRuS, Potsmoke, Dark Wolf, ManKind, Julietta, BiSHoP, ACiD BuRN, and all the rest that i have forgotten....


If you got any comments to this tutorial the please contact Fr1c or the writter of this tutorial..