HOW TO MAKE KEYGEN FOR BOMBMAIL VERSION 5.0
       ( Include source code of keygen and kegen , using Visual Basic 6.0 ).
                     -------Written by tnHuAn------
Protection : Register Code.

You can download this software at : http://www.softheap.com/bomber.html

Tools : SoftIce ( I use version 4.05 ) or TRW2000.
             Visual Basic 6.0 ( to code the keygen ).

This is a shareware , to use it with full version , you must pay : $25.

Now, we start .
 First install this program , then you run it.
 Oh, you will see the Nag Screen, You must enter the Register Code If you want Register 
this program.
 Enter the fake Register Code : 123456789. 
 Now, I press Ctrl+D to pop up SoftIce.Then I set the breakpoint on Hmemcpy, so type : 
' Bpx Hmemcpy ' , press Enter.
 Then , press F5 to return  the BombMail, and Click the ' Register ' button.
 You will kicked into SoftIce.And you will see this code :

	KERNEL!HMEMCPY
	PUSH BP
	MOV BP,SP
	PUSH DS
	PUSH EDI
  ...........and more......... ( this part of code not important )
                 
 Now , press F11 : 1 time , you will see this code :

	CALL KERNEL!HMEMCPY
	PUSH WORD PTR[DI]
	CALL KERNEL!LOCALUNLOCK
	MOV AX,SI
	POP SI
	POP DI
........ and more........... ( this part of code not important )

 Then press F12 : 11 times, you will this code :

	CALL 00432594
	CMP DWORD PTR [EBP-04],00
	JNZ 004B07DE
	PUSH 02
......... and more ......... ( this part of code not important )

 Now, you press F10 to trace the code until you see your code look like this code :

	MOV EAX,[004B4080]
	MOV EAX,[EAX]
	MOV EDX, [EBP-04] <===  your fake register code is moved to EDX.
	CALL 0049D880 <=== Press F8 to trace into the code. 
..........and more..........

 At this CALL , you press F8 to trace into the CALL , you will see this code :
	
	PUSH EBP
	MOV EBP,ESP
	PUSH 00
..........and more.........( not important )

Now press F10 until you see this code : 

	CALL 00484DD4
	CMP DWORD PTR [EBP-08],00
	JZ 0049D997
	MOV EAX, [ EBP-08]
	CALL 00484B84<===  Press F8 to trace into the CALL
	TEST AL, AL
	JZ 0049D965
 ......... and more ........
 
 At this CALL , you use F8 to trace into this CALL , and you will see this code :
 
	PUSH EBP
	MOV EBP, ESP
	ADD ESP, -08
...........and more .........

Press F10 until you see this code :
	
	CALL 00403EC4 <== ? EAX , you will see : EAX=9 =  length of your fake ( 123456789 ).
	CMP EAX, 10 <=== Compare EAX with 10h (= 16 ). 
			Is  the lenght of your register code  = 16 charecters ? .
	JNZ 00484BF7 <=== If not, jump to the bad meassage.
                 ...........................
 	CMP BYTE PTR [ EAX+01],32 
	JNZ 00484BF7
	..........................
	CMP BYTE PTR [ EAX+02],35
	JNZ 00484BF7
	..........................
	CMP BYTE PTR [ EAX+05],32
	JNZ 00484BF7
	..........................
	CMP BYTE PTR [ EAX+07],35
	JNZ 00484BF7
	..........................
	CMP BYTE PTR [ EAX+09],30
	JNZ 00484BF7
	..........................
	CMP BYTE PTR [ EAX+0B],31
	JZ 00484BF8
	.........................
             
 Look this code , the program compare your fake register code with this method : 
 
	 1----->?
	 2----->must = 2
	 3----->must= 5
	 4----->?
	 5----->?
	 6----->must = 2
	 7----->?
                     8----->must = 5
	 9----->?
 	10---->must = 0
	11---->?
	12---->must = 1
	13---->?
	14---->?
	15---->?
	16 ---->?
  Now, when you  understand this method ,  I think very easy to register this program.
  And there are  some Register code :
	5250523560213565 
	8256526570813431
	0253126530314120
	...............................
 And this is source code of the keygen :

 Private Sub Command1_Click()
       Dim yourserial As String
       Dim ran As String
       Dim songaunhien As Integer
       Dim i As Integer

       For i = 1 To 16
 	     songaunhien = Int(0 + 9 * Rnd)
 	     ran = Str(songaunhien)
	      If i = 2 Then ran = "2"
	      If i = 3 Then ran = "5"
	      If i = 6 Then ran = "2"
	      If i = 8 Then ran = "5"
	      If i = 10 Then ran = "0"
	      If i = 12 Then ran = "1"
	      ran = Trim(ran)
	      yourserial = yourserial + ran
      Next i

    Text1.Text = yourserial
End Sub