How to code a valid *keyfile* for SolSuite v5.X by FaT[BiT] \ TNT!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
dedication :
to Xasx ( the man with the biggest phone bill ) !!
]-={ HAPPY ANIVERSERY }=-[
{ FOR }
[\/]-={ TNT!CRACK!TEAM! }=-[\/]
Welcome to my 6th tut , in this tut we will learn how to :
1st) crack solsuite <-- my first crack and tut
2nd) make a valid keyfile
NOTE : This is a very long tut !!! so god be with u !!!
ToolZ :
~~~~~~~
Win32Dasm ----- v8.93
Hiew ---------- v6.20
Turbo Pascal -- v7.00
Any Ascii Table
o.k here we go :
1) Now what we need first is to crack Solsuite !!!!
( offcourse this is what the tut is all about )
i will do a quick refresh if u don't unerstand u can
read my first tut on how to crack Solsuite !!!!
2) Run Solsuite and click on help \ Enter registration Code
to enter a dummy Code .... click o.k and *boom*
--> This is not a valid Registeration code , please try again <--
THE ERROR MESSAGE
3) o.k copy the file solsuite.exe to crack.exe and dasm the file
and look for the error message and u will be here :
Note : this is all the check routine !!!!!
*Referenced by a call at address :
:004D19EE , : 004D2DD8 , :004D2F1E <-- we check these !!!!
:004CB694 cmp eax,00000001
:004CB697 jne 004CB6A4
*Possible StringData Ref from Code Obj -> " Please enter all of your information "
-> " into the Registration code dialog "
-> " box. " <--- if u didn't enter any code
:004cb699 mov eax,004CB6D0
:004CB69E call 00472A48
:004CB6A3 ret
:004CB6A4 cmp eax,00000002
:004CB6A7 jne 004CB6B5
*Possible StringData Ref from Code Obj -> " This is not a valid Registtration "
-> " code , please try again." <-- error message
:004CB6A9 mov eax,004CB724
:004cb6AE call 00472A48
:004CB6B3 jmp 004CB6C4
*Referenced by (U)conditional or (C)onditional jump at address :
|:004CB6A7(c)
:004CB6B5 cmp eax,00000003
:004CB6B8 jne 004CB6C4
*Possible StringData Ref from Code Obj -> " The previous registration code "
-> " you have entered is not valid, "
-> " please try again. " <-- previous version code
:004CB6BA mov eax,004CB768
:004CB6Bf call 00472A48
-as u can see our err message is in the middel take a good look at
line 004CB6A4 cmp eax,00000002 <-- it comapres the eax register
with 2 , so.. and at line 004CB694 <-- comapres the eax register
with 1 , s0.. and at line 004CB6B5 <-- comapres the eax register
with 3 , hmmm ... look above we have there calls so one of them
put 2 into eax register and we end up at this nasty message ....
so to make the story short it is the call at address 004D2F1E
that put 2 in eax ( u can check it urself cuz this tut is not
about tracing the code !!! Sorry !!!)
4) so go to 004D2F1E and u will see something like this :
:004D2F12 E8B110F3FF call 00403EB8 <-- check the serial
:004D2F17 745A je 004D2F73 <-- if it's good then jump
:004D2F19 B802000000 mov eax,00000002 <-- else put 2 in eax
:004D2F1E E87187FFFF call 004CB694 <-- call the error message
5) o.k yes u r right !!! open hiew and go to 004D2F17 press
F3 and change the 74 to EB so that 745A will be EB5A , this
way no matter what serial u enter (good or bad ) Solsuite
will be register
6) Now from here begins the tut !!!
o.k so u changed the bytes at address 004D2F17 , let's try it
run solsuite click on register and enter any serial u want and
yes a dialog to put ur name , enter ur info , then it is fully
registered , kool !!! but wait , when i was cracking this game
and after i changed the byts and copy file solsuite bake to the
installed folder and try it !!! and register it ... i close it
and cuz i was on the same installed folder i saw that there was
a file created under the name of Solsuite.cl5 !!!!
7) So.. (u found a file the windows is full with them so What !!! )
hmmm ... something is fishy about this file ( yeaa!!! i smell it
2 !!!1 ) , o.k edit this file with notepad , hmmm nothin' there
just a bunch of ascii char. hmmm o.k then cut the file from the
folder and keep it in a safe place ( i know where !!!! ) , run the
game , and *boom* it is back to UNREGISTERED !!!! , o.k copy back
the file to the folder and *boom* it is back to Registered !!!!
8) So.. this game has also a keyfile protection !!!! (yes yes !!! )
o.k ... let's play with solsuite.cl5 a littlebit and c how it's
decrypted !!! u can open it with hiew or with notepad to take
alook at it !!! and this is what u will get :
`ec`cbdbe`cbhabbe
dhefcbedgdaabfehg
dab``ccv1Ñãr9ÑçPå
PÑ~ÑQPPPPPPPPPPPP
PPPPPPPPPPPPPPPPP
PPPPPP
Note : when i was asked to enter my name i put
FaT[BiT] \ TNT!
9) let's play with line no.1 and change the (c) for example
to anything u like o.k save it !! run the game !!!*boom*
UNREGISTERED VERSION !!! ,hmmm ..!! o.k let's play with
the last (P) , again change it to anything u want !!! ...
in may case i put it (1) , save the file and run the game
*boom* u will see a little (a) far from ur name at the
splash screen !!! hmmm !!!! , to make sure again let's
change the char. (P) the one before the last to (1) also
and save the file , run the game , and !!! another (a)
appear !!! hmm !!! ......
10) So... when we put 1 on the file the screen will put
a , so what is the thing between a and 1 , hmm !!!!
o.k let's take a rest now and read that ASCII table
let's see !!! now :
1 = 31h and a = 61h , so when i put on the file
the char (1) it will say (a) so .... !!!
* * * * * * * * K A B O O O O O M * * * * * * * * *
it simply adds 30h to the char (1) to make it (a) ...
and in reverse it subtract 30h <-- hint for the coding
but let's ask a question upon this thing !!!
so if i want to put (1) on the scrren , i should write
(a) on the file ???? , let's try it !!! yes yes yes !!!
so... depending on this i can do the following:
there is alot of (P)'s in the file and on the screen
there is nothin (upon our theory !!) , will not nothin'
it is spaces !!!! so .... back to the ASCII table !!!
we see this :
P = 50h and (space) = 20h
s0... this time it subtract 30h ,
and in reverse it adds 30h <-- hint for the coding
so if i want to print
(P) on the screen i right on the file (space) !!! let's
try !!! kool it worked !!! (what the hell are u talking
about i'm lost here !!!! )
11) o.k so let's put all these things in an if statement :
if (i want to write a small letters on the screen for
example the (a))
then i should write on the file
( ASCII (a) - 30h = 61h - 30h = 31h --> (1) then i write it
on the file )
else if (i want to write captial letters on the screen
for example the (A))
then i should write on the file
( ASCII (A) + 30h = 41h + 30h = 71h --> (q) then i write it
on the file )
so... there u go !!!! (yeah right !!!put from where
dose my name start) !!! hmmm good question !!!
my screen shows FaT[BiT] \ TNT! and the file shows
`ec`cbdbe`cbhabbe
dhefcbedgdaabfehg
dab``ccv1Ñãr9ÑçPå
PÑ~ÑQPPPPPPPPPPPP
PPPPPPPPPPPPPPPPP
PPPPPP
and we know that the P is a space so if i changed the Q
i must change the last letter in my name !!! let's try it
change the (Q) to (2) ( upon your theroy it should display
(b) y? cuz 2 = 32h and we said if i want to show a lower
case letter i add 30h so 30h+32h = 62h --> (b) ) o.k kool
do it !!! and that last letter in ur name is changed !!!
now all u have to do is to count ur name and count the
letters on the file and u will find where ur name starts
in my case it starts at the char (v) ( v = 76h , F = 46h )
there u go (yeah right !!! but if i want to put my nick name
on the screen and my nick name has numbers and special letters
how can i do it !!!! ) yes it is another good question !!!
12) o.k.... now we know where our name starts and where it ends
and u said u want to write ur nick that has alot of special
char. and numbers and anything else !!! o.k simple.........
open the file solsuite.cl5.....
NOTE : now u know where ur name starts don't u !!!!
o.k go to the first letter of ur name and count
how many char. to know where it ends , then delete
them , then write ur nick name as u write it (aaaa !!! so
ur gona make solsuite do the calcualtions for us ) yes that
is right !!! so in my case my file will look like this :
`ec`cbdbe`cbhabbe
dhefcbedgdaabfehg
dab``ccFaT[BiT] \
TNT!PPPPPPPPPPPP
PPPPPPPPPPPPPPPPP
PPPPPP
then run the game , click on Help \ About , to see what u
should write on the file !!! and write it down , exit the
game , open solsuite.cl5 and change the letters of ur nick
name back to write ones , save the file , run the game !!!
and it is registered !!! under u nick or fav. name !!!
13) wof !!!! that was a long one right (yeah so is my d*** !!! )
o.k now we have the idea for the decreption ( no we don't !! )
i know i left something to calcualte for urself !!! (ohh shit !! )
don't worry look at the source code of to know alot about the
calcualtions of ur name !!!
so.... !!! let's make a program to take our name as an
input and give us the keyfile (solsuite.cl5) as an output
and when we put it in the same folder solsuite to make
it run registered !!!
here is the code :
--------------------------rip it from here------------------------------------
program keygen;
uses
crt ;
var
i,
ascii : integer ; { i --> counter , ascii ---> char to write on the file }
head : string[41] ; { header of the file (serial number)}
name : string[50] ; { your entered name }
key : file of char ; { the output file solsuite.cl5 }
ch : char ; { the char that we enter }
begin
clrscr;
textcolor(green);
head := '`ec`cbdbe`cbhabbedhefcbedgdaabfehgdab``cc'; {we put the header of the file }
for i:=1 to 91 do
name[i]:= ' '; {make the file full of spaces }
writeln('TNT!CRACK!TEAM! --> http://kickme.to/tnt or /tntgfx ');
writeln('======================================================');
writeln('SolSuite 2000 v5.X *KEYFILE* maker by FaT[BiT] \ TNT! ');
writeln('======================================================');
write('Enter Your Name : ');
readln(name);
assign(key,'solsuite.cl5');
rewrite(key);
for i:=1 to 41 do
begin
ch := head[i];
write(key,ch); {write the head to the file }
end;
for i:=1 to 50 do
begin
ch := name[i] ; {read a char of the name }
if ((ch>='a') and (ch<='z')) then
begin
ascii := ord(ch);
ascii := ascii-48 ;
ch := chr(ascii);
write(key,ch); {if it's a small letter we only subtract 30h = 48d }
end
else
begin
ascii := ord(ch);
ascii := ascii+48 ;
ch := chr(ascii) ;
write(key,ch); { else we just add 30h = 48d }
end; { that is the little thing that i have left }
end; { u can test it for any char to know how it worx ! }
writeln('your keyfile has been generated');
end.
---------------------------end of ripping-------------------------------
14) there u have it !!! how to crack with the source code i hope u
have learned something out of this !!!! cya all in another
tut !!!!
NOTE : i hope u know how to compile this code !!!! and let me tell
u one thing .... if it is a lowercase subtract 30h else
add 30h , that is all to it !!! i wrote this cuz i know some
ppl will come to me after reading this shit saying we didn't
understand !!!! (ohhhh !!! u !!!! )
FaT[BiT]_FaTsO greetz gose to :
tKC -------> ( ur tuts ROX!! , i have them all!!!!!)
LW2000 ----> ( Thank u for showing me how to use my brain!!!! )
R!SC ------> ( if only ur tut is more compleX !! man !! u rox !!)
XasX ------> ( ur toolz is great , best founder i have ever known !! )
karlitoxZ -> ( u r a true friend !!!)
wishmaker--> ( u r good !!! keep it up )
BoneZ -----> ( thanx for ur support !! it ment alot !!)
and happy aniversey to all TNT!CRACK!TEAM! members !!!
written on 7:33 PM 5/20/00
*eof -----------