Name      : Text Cleaner

Version   : 1.0.1

Editor    : CFL (Computers for Learning)

Target    : Text Cleaner.exe

s/n saved : [HKEY_CURRENT_USER\Software\Computers for Learning\
            Text Cleaner\Settings]

Tools     : Softice
	    Brain
	    
Cracker   : LW2000

Tutorial  : No.10

www.comp4learn.com/cleaner


Please excuse my poor english, its not my mother language....

---
DISCLAIMER
For educational purposes only!
I hold no responsibility of the mis-used of this material!
---

Overview of Text Cleaner
~~~~~~~~~~~~~~~~~~~~~~~~
Text Cleaner is a program to clean up badly formatted text from
a variety of sources, such as:
  - Removal of unwanted line breaks.
  - Removal of extra spaces at the beginning of lines.
  - Removal of extra spaces in between words.
  - Cleaning up spacing between sentences.
  - Identifying and formatting lists within the text.
  - Removal of e-mail reply marks (> symbols).
  - Multiple, simultaneous, find and replace.



1.      Text CLeaner, a nag appears. There's an interesting button...
	'Register...' *g*. Let's do so. 
	
2.	Name: LW2000
	Company: (leave blank)
	Serial: 1230099
	*BOOM* The information you entered is not correct....
	Press OK. Wrong serial? Typical program bug ;)

3.	[Ctrl]+[d] to Softice and set a Breakpoint on getwindowtexta:
	bpx getwindowtexta
	[F5] to retur to the application.

4.	Name: LW2000
	Company: (leave blank)
	Serial: 1230099
	*BOOM* Softice pops up.
	[F5] First textfield (name)
	[F5] second textfield (company)
	Now we are @ the third textfield.
	Now press [F11] to get the Caller.

0177:00430C33  50                  PUSH      EAX
0177:00430C34  56                  PUSH      ESI
0177:00430C35  FF15C4DB4500        CALL      [USER32!GetWindowTextA]
0177:00430C3B  8B4D10              MOV       ECX,[EBP+10]
0177:00430C3E  6AFF                PUSH      FF
0177:00430C40  E8DD47FFFF          CALL      00425422 
0177:00430C45  EB0B                JMP       00430C52
0177:00430C47  8B4510              MOV       EAX,[EBP+10]
0177:00430C4A  FF30                PUSH      DWORD PTR [EAX]
0177:00430C4C  56                  PUSH      ESI

5. Press [F10] to trace till you are on:


0177:0040A69B  89642420           MOV     [ESP+20],ESP
0177:0040A69F  53                 PUSH    EBX
0177:0040A6A0  C744243000000000   MOV     DWORD PTR [ESP+30],00000000
0177:0040A6A8  E8F9A70100         CALL    00424EA6
0177:0040A6AD  8D442418           LEA     EAX,[ESP+18]
0177:0040A6B1  B958864500         MOV     ECX,00458658
0177:0040A6B6  50                 PUSH    EAX
0177:0040A6B7  C7442430FFFFFFFF   MOV     DWORD PTR [ESP+30],FFFFFFFF
0177:0040A6BF  E8BC330000         CALL    0040DA80      <- mhmm...
0177:0040A6C4  8B742410           MOV     ESI,[ESP+10]  <- looks very
0177:0040A6C8  8B475C             MOV     EAX,[EDI+5C]  <- interesting *g*

6.	Let's look what we've got:
	'd esi' nothing important
	Press once more [F10].

	You should me on this line now:

0177:0040A6C8  8B475C              MOV       EAX,[EDI+5C]  	

	'd esi' take a look on the Data Window!!!!
	Looks like a serial... 7f59ddc4


	Ok, so check it out! Type 'db *' to disable the breakpoints.

	[F5] to return to the application.

	Name: LW2000
	Serial: 7f59ddc4
	Press OK.

*BOOM* 'Your software has been registered.'



Congratulation! You are a registered user!

FINISH! Easy, or?



cu LW2000
Any comments? Mail me LW2000@gmx.net !!!
----
tKC, thx for your tutors!
I started with tutor 1 and i still read them... they are the best!