Cracking Tutorial for Waste Whacker 3.1

Before we start, please read the Disclaimer section of this essay!

Target Program: Waste Whacker 3.1
Description: Waste Whacker was designed to quickly remove the files you, the user, requires. No other utility does the job of waste removal like Waste Whacker. The other utilities on the market are designed to safely remove some common types of files when the program is manually ran. Waste Whacker allows a user to set the exact location and file types to remove. The removal process is then accomplished quickly during bootup of Windows or during manual operation. Some products have a lengthy load time due to the many features included. Waste Whacker was designed to be small, quick, and powerful.
If you prefer a FTP-Search, look for WASTEWH.EXE (1111876 Bytes).
Protection: User Name & Registration Number
Tools needed: - SoftICE 3.24
Ob duh: Do I really have to remind you all that by BUYING and NOT stealing the software you use will ensure that these software houses will continue to produce even *better* software for us to use and more importantly, to continue offering even more challenges to breaking their often weak protection systems.
If you're looking for cracks or serial numbers from these pages then your wasting your time, try to search elsewhere on the Web under Warez, Cracks, etc.
Level: (X)Beginner ( )Intermediate ( )Advanced ( )Expert

As you now already know, the first step to crack a program is to have a look at it's protection. So start Waste Whacker and choose Options - Register. A dialog box with a "User Name" & "Registration Number" request get's displayed.
So after this quick look, we can start our cracking session. Enter "cRACKING tUTORIAL" as Name and "12345678" as Serial-#. Then enter SoftICE and set a breakpoint to HMEMCPY. Leave SoftICE and press "OK". SoftICE will pop up. Since this dialog box has two input fields, we can leave SoftICE - it will pop up again. So do this now.
Back in SoftICE again, press the F12-Key (about 7 times), until you're in Waste Whacker code. Now press F10 until you left the CALLs (RET instructions). The following code will now be displayed:

  :00473E21  8B55F4               MOV      EDX,[EBP-0C]
  :00473E24  8D4340               LEA      EAX,[EBX+40]
  :00473E27  E8CCFCF8FF           CALL     00403AF8
  :00473E2C  8D4DFC               LEA      ECX,[EBP-04]
  :00473E2F  8B5340               MOV      EDX,[EBX+40]
  :00473E32  8B4324               MOV      EAX,[EBX+24]
  :00473E35  E856F9FFFF           CALL     00473790
  :00473E3A  837DFC00             CMP      DWORD PTR [EBP-04],00
  :00473E3E  741F                 JZ       00473E5F
  :00473E40  8B45FC               MOV      EAX,[EBP-04]
  :00473E43  8B533C               MOV      EDX,[EBX+3C]
  :00473E46  E8E5FFF8FF           CALL     00403E30
  :00473E4B  7512                 JNZ      00473E5F
  :00473E4D  8BD3                 MOV      EDX,EBX
  :00473E4F  8BC3                 MOV      EAX,EBX
  :00473E51  E81AFDFFFF           CALL     00473B70
  :00473E56  8BC3                 MOV      EAX,EBX
  :00473E58  E83BFDFFFF           CALL     00473B98
  :00473E5D  EB09                 JMP      00473E68
  :00473E5F  8BD3                 MOV      EDX,EBX
  :00473E61  8BC3                 MOV      EAX,EBX
  :00473E63  E81CFDFFFF           CALL     00473B84
  :00473E68  33C0                 XOR      EAX,EAX
  :00473E6A  5A                   POP      EDX
  :00473E6B  59                   POP      ECX
  :00473E6C  59                   POP      ECX
  :00473E6D  648910               MOV      FS:[EAX],EDX
  :00473E70  68853E4700           PUSH     00473E85
  :00473E75  8B45F8               MOV      EAX,[EBP-08]
  :00473E78  E84FF0F8FF           CALL     00402ECC
  :00473E7D  C3                   RET

At 473E21, EDX contains our User Name ("cRACKING tUTORIAL"). As you trace through the code, you'll come accross 473E3A, where the result of the CALL 473790 is checked. In that CALL the validity of our User Name is checked. If our User Name is valid, we won't jump - but if if not, we'll jump to 473E5F.
Since there's a very suspicious JNZ instruction after 473E46, we should check the registers (EAX & EDX in this case):
EAX will contain 492807055011, which looks very like a Registration Number to me, EDX will contain 12345678, which is our fake Registration Number.
Now we found the Registration Number we need to 'register' Waste Whacker, which was quite easy - not all programs are so easy to crack; so keep practicing.


If you're USING Waste Whacker BEYOND it's FREE TRIAL PERIOD, then please BUY IT.

Disclaimer: This essay is for EDUCATIONAL purposes only, if you wish to use the program/game then please BUY IT.

Info: Brand and product names are trademarks or registered trademarks of their respective holders.

Copyright © 1998 by TORN@DO and The Immortal Descendants. All Rights Reserved.