Log in

View Full Version : Little help needed (username+pw)

Ransid
August 16th, 2001, 18:27
Hi guyz

The program I am trying to crack is, GaugeDump 2.0 (shareware/243k):

http://www.bruceh.com/download/GD20.EXE

I have found that if I change the:

0040E311 0F85A1000000 jne 0040E3B8

to

0040E311 0F85A1000000 je 0040E3B8

Then the program accepts any username, password and reports that registration was successful. But it asks for you to restart the program to give full functionality... but I can't find out how to stop it reverting back to unregistered/shareware version?

P.S I did change the (je) at :004012B9 to (jne) and that made the front end say the program was registered but really it wasn't(atleast it didn't function as if it was registered)

Please, I hope someone can help me

Thanks in advance
Clandestiny
August 16th, 2001, 22:01
Hiya Ransid,

Chances are that your target has multiple registration checks and that it performs at least one of them during initialization everytime the prog is run. You'll need to find and disable these as well. In the simplest case it will be another reg / unreg flag which you will be able to handle as you did the original check. It is also possible, however, that the target reads its registration status from another file or from the registry. In these cases, Regmon, Filemon, and an API monitor will be your tools of choice.

Regards,
Clandestiny
ransid
August 17th, 2001, 05:07
Hi Clandestiny,

I looked at the registery and found that the program saves my username+false password in the registery but then must look at it again when the program starts again(which then says, "ahem, this password is wrong for this username"

Like I said I have already made it say it is registered at program start but then runs in unregistered mode. Maybe it does some more checks somewhere else?

Thanks for the advice & thanks in advance



Ransid
Fake51
August 17th, 2001, 08:39
Most programs tend to check the name gainst the serial at startup, few rely on a simple flag in the registry to tell them they're regged.
This typically doesn't make it a whole lot harder tho, as most programmers are stupid enuff to use the same algocheck-subroutine, when trying to figure out if the serial is straight. That just means that you have to go one level deeper, find the algo-sub, and make sure it always gives the right answer.

Thus, you may have several places in the program, that all call the same sub to see if the serial is correct. Patch the sub to see the light.

Blue skies
Fake