FireWorx Crackme3
-----------------
First off, i woult like to say, this crackme suxx ;)

cuz, as you will see, there is no encryption on the password, it's there, readable
at once! how gey ;)

Well, here is how you should do (if you didn't figure it out yourself, but how can't
you figure thisone out!?)

Start the Crackme, Choose REGISTER, and enter a bogus password, get into softice and
set a breakpoint on Hmemcpy, got back to the crackme and press the OK button, press F11
to get out of the call, and then F10 until you come here:

:004454B7  MOV     EAX,[EBP-08]
:004454BA  LEA     EDX,[EBP-04]
:004454BD  CALL    00407504
:004454C2  MOV     EAX,[EBP-04]
:004454C5  MOV     EDX,[EBX+00000098]          ; do a 'd edx' and you'll see the right pass
:004454CB  CALL    00403B44
:004454D0  JNZ     00445500
:004454D2  MOV     EAX,[00447870]
:004454D7  CALL    0043C9B8
:004454DC  CMP     WORD PTR [EBX+0000009E],00

heh, that's all for now..
---
/Klefz - http://klefz.cjb.net