Norton Utilities v3.0

Written by McCodEMaN

Introduction


Greetings and welcome to the noble art of reverse engineering!


This is a very nice and useful utility, the only disadvantageis that it may slow down the preformance on old computers withvery little physmb.
Norton will however solve and fix many of your problems!

The protection is the same as in the antivirus and uninstall, so if you have read any of this tuts..try to solve this one by yourself...you will learn mutch more this way!!!



Tools required

Numega Softice v3.22



Target's URL

http://shop.symantec.com/cgi-bin/trialware/



Essay



Ok! the first thing we are going to do, is to fool the program that we have been connected to symantec and recived the unlockingcode!
The reason we do that, is to get the hidden "Unlocking-window".


Step1. Run Norton Utilities and click on [Buy Now].

Step2. Then exit Norton and go to: "c:\windows " and open rsagent.
xxxxxx If you trace down in the file you will soon find:

xxxxxx mailstat=0
xxxxxx change the value to: '1'.

Step3. Run Norton again and choose [Buy Now].

Step4. Start Softice by holding down Ctrl and D.

Step5. Type: bpx getdlgitemtexta and press enter!


Step6. Press 'F5' to return to norton, back in norton type in: first name, last name and
xxxxxx this fake code: 1234567890, then press
xxxxxx [OK] and softice will break due to getdlgitemtexta.

Step7. Press 'F11' once!


Step8. Trace through the code with 'F10' intill you see...

xxxxxxxxx :100056A8xx 51xxxxxxxxxxxxxxxxxxxx PUSHxx ECX
xxxxxxxxx :100056A9xx 52xxxxxxxxxxxxxxxxxxxx PUSHxx EDX
xxxxxxxxx :100056AAxx 50xxxxxxxxxxxxxxxxxxxx PUSHxx EAX
xxxxxxxxx :100056ABxx E8D0620000xxxxxxxxxx CALLxx 1000B980
xxxxxxxxx :100056B0xx 83C40Cxxxxxxxxxxxxxxx ADDxxx ESP, 0C
xxxxxxxxx :100056B3xx 8D8C24D8000000xxxxxx LEAxxx ECX,[ESP+000000D8]

xxxxxx Type: d ecx =>The valid unlocking code!

Step9. Well...ok, now for the push!
xxxxxx Go to....

xxxxxxxxx :100056BFxx 51xxxxxx PUSHxxx ECX =>Push valid unlocking code to the stack!

xxxxxx and dump (d ecx) =>Valid unlocking code!

Step10. Type: bc* to delete all breakpoints.



OK! that`s it!

Final Notes 



When ever there is a door,
there is an entrance.
And behind an entrance can no secret hide,
when a cracker takes his knowledge for a ride


ObDuh 

The information in this essay is for educational purpose only!
 You are only allow tocrack, reverse engineer, modify code and debugg programs that you legaly bought andthen for personal use only!!
 To ignore this warning is a criminell act and can result in lawful actions! 

So please note!
I take noresponebility for how you use the information in this essay, i take NO responebilityfor what might happen to you or your computer! You use this information on your own risk!!

What i mean is: Please buy the software!





BACK



Essay written by McCodEMaN ŠTRES2000. All Rights Reserved.