Finding Correct Serial Numbers Author: Volatility Please Read The Disclaimer
Before Continuing.
I shouldn't be writing an essay on this program, but it still serves for KNOWLEDGE PURPOSES. I wrote up an essay on how to crack this program, before I visited the author's homepage, and saw what he had to say. Here's what he says: "A good reason to register - The registration charges will be given to SOS Children’s Villages organisation. SOS Children’s Villages is a non-political and non-denominational welfare organisation. SOS Children’s Villages offer abandoned, orphaned and destitute children - regardless of race, nationality or creed - a new and permanent home, and prepare them for an independent life." What a way to make a cracker feel bad! Nonetheless, I still published the essay for its knowledge purposes. If you keep this program (I really don't know why you would) without paying for it, you should burn in hell. Normally, I post the user name and serial I got for the program, but I'm not going to do that here, so lamers don't use it. Prepare To Crack: After starting WinEye up, right click on the eyes in your system tray, and choose "Properties", then choose the "Registration" tab. We need to enter a name and code. Our favorite methods for trapping serial numbers in Soft-Ice are GetWindowTextA and GetDlgItemTextA, so let's try those first. To save you time, we need GetWindowTextA. Making The Crack: Enter your user name and some dummy data for the code. Press Cntrl+D to enter Soft-Ice. Set a breakpoint on GetWindowTextA (BPX GETWINDOWTEXTA). Press Cntrl+D again to exit back to the program. Click on "OK". Soft-Ice will pop up. Now, if we think about
it, the function will be called twice -- once for the user name, and
once for the code. So, the first time Soft-Ice pops. Press
Cntrl+D once, and you'll be back in Soft-Ice. Press F11 once to
exit the code, and you should be here:
You could now display the user name you entered by pressing F10 to step through the line "CALL 00416C3F", and typing d ecx. This part of the code
isn't interesting though, so we need to keep stepping until we find
something that does look useful, like a compare (CMP, TEST) and jump
(JE, JNE, JZ, JNZ etc). You'll find it here:
Now, to display your code, just step through the line "CALL 00406290", and display ECX by typing d ecx.
Copyright © 1999 Volatility And The Immortal Descendants. All Rights Reserved. |