About Hex Workshop

This program is a hex modifier utility. It's very simple to use and very useful too.
We will use Hex Workshop to crack Hex Workshop :-)

In the cold of the night, in the warmth of the breeze,
I'll come cracking around, with tutorials like this! ;-)

It won't be an hard work, but get ready for the SoftIce lesson!!
Ready?? Go!!
Start the Hex Workshop 2.54, and then click "Demonstration version" on the menu bar. It will show a window, that wants ur serial number: let's give it! The max number of chars that the proggie can get, is 12 chars, so put the serial 123456789012. Don't press ENTER!! CTRL-D to enter Sice, and set a breakpoint that blocks the readin of the content of the text box (bpx getdlgitemtexta). To do this breakpoint, you MUST load symbols using Symbol Loader, loading USER32.DLL and KERNEL32.DLL, everything before setting the breakpoint. OK, let's return on our work. Set the breakpoint press F5 to return to Hex Workshop and press Register. Wait... a window pops-up saying that the serial number is wrong. Damn. Back in SoftIce, clear all breakpoints (bc *), and setting an another breakpoint that is similar the the other one (bpx getwindowtexta), press F5 and press Register again. Sice pops up. YEAH!! Press F11 one time, and you will be in HWORKS32. Fine :-)
Pressing F10 (step over) some times, you will land here:

  CS:004262A3 JMP 004262AF
  CS:004262A8 MOV DWORD PTR [EBP-14], 00000000
  CS:004262AF CMP DWORD PTR [EBP-14], 00 ;mmm... I don't like this line
  CS:004262B3 JZ 00426332

I never liked that line, because the line before sets EBP-14 to 0, and then it compares it: it should be a control with a conditional jump. I was right. Looking some lines before you can see a conditional jump to 004262A8, but that aren't our business now. Press F10 until you will be on the conditional jump, and you'll see that the zero flag is active. I don't want any flag: you too? Fine, then kill it :-). Move ur mouse on the Z, and then press Ins (insert key), and the zero flag won't be shown anymore. Click on the window the showes you the source, and u will see that the jump will be annullated. OK: delete all the press F5, delete the breakpoints (bc *, but u can do it before pressing F5), repress F5 and an another window pops up: the right one :-)
Insert your User Name and your Organization and it will register you.
Everything is done now!!!



...

Nope.
Not everything.
Close the Hex Workshop and reload it. It doesn't show you Demonstration Version. It's right you can think... but it's not. Not for me. Click on Help and then on About Hex Workshop...: ta da da dan!! Your username is shown after the Serial number. Shit. Why???
Check the Hex Workshop directory, and you will find "Hex Workshop.REG": open it with Hex Workshop ( now you're registered, so you can use it ;-) ). It will display something like this:

Here's why!!! The user name starts at the position 15, so the position 14 is for the char 00. Change our serial number, put 00 at offset 0D (14), save and restart Hex Workshop. This sweet program shows you the button Demonstration Version. Shit. Well, it doesn't matter: we should only redo the cracking process with a serial number that must be shorter than twelve chars. I've choiced "I cracked u" :-)
Now is really all done.