Introduction:
Well, everyone knows what Winamp is and what it does by now so let's get straight on with it shall we?

The Protection:

The 'protection' involves entering a name and regcode when clicking on the 'Enter registration info' button on the 'Shareware' tab. This one is slightly trickier in that you cannot click on OK until the valid regcode has been entered. But there's a way around that...........read on..

Tools Needed: Soft-Ice

The Crack

Ok, when entering text into text windows such as these there is are various windows functions that read the inputted data. They are; GetDlgItemTexta, GetWindowTexta, GetDlgItem, GetDlgItemInt, etc. The one we need to look at is GetDlgItemTexta.
In this particular case every character is read after it is entered and a regcode generated as you continue to type. So we have to set a breakpoint at this particular function.

So, with softice in memory, start winamp 2.22 and right click on the top bar and select 'Nullsoft Winamp', now select 'Shareware' then click on the button 'Enter registration info'. You will now have a small dialog box where you can enter your details. Enter a name but stop before you enter the last digit/letter. Go into softice, ctrl-d, and type bpx getdlgitemtexta to set up a breakpoint, pres x to return to Winamp. Are you with me so far?..............good, continue to enter the last letter/digit of your name and softice will pop up in front of you. Now press F12 to return to the program code and you should be at 401EB9. Press F10 until you get to 401ED0, then stop.

:00401EB7 FFD6 call esi
:00401EB9 6A00 push 00000000 ---------------------------> You should end up here.
:00401EBB 6A00 push 00000000
:00401EBD 53 push ebx
:00401EBE 57 push edi

* Reference To: USER32.GetDlgItemInt, Ord:0103h
|
:00401EBF FF1534F34300 Call dword ptr [0043F334]
:00401EC5 8BF0 mov esi, eax
:00401EC7 8D4580 lea eax, dword ptr [ebp-80] -----> Your name
:00401ECA 50 push eax
:00401ECB E8313D0200 call 00425C01 --------------> Calculate regcode and put it in eax
:00401ED0 3BC6 cmp eax, esi --------------------------> Stop when you get to here
:00401ED2 59 pop ecx
:00401ED3 750A jne 00401EDF

If you now type ? eax then the real regcode value will be shown, Mine was 0025148492 for KrazyK.
Make a note of the value shown and then type bc * to clear all breakpoints. Now enter the code )including leading zeroes) into the the reg# box and the OK button will become selectable. That's it................you've just registered Winamp.