WHY PATCHING WHILE SERIAL NUMBER IS FISHY
Font Creator Program v3.0
A Cracking Tutorial
by ASTAGA [D4C/C4A]
DISCLAIMER
This reading material is not intended to violate Copyrights
and/or it is law, but educational purposes only. I hold no
responsibility ( by all means and in any shape whatsoever )
of the mis-used of this material.
ABOUT THE PROGRAM
The Font Creator Program puts font creation within the grasp
of the average PC user, would-be typographers and graphic
designers.
With this application you can create and edit TrueType font
files. You can use the modified fonts in Windows 3.11 and
higher. Features include the ability to convert (scanned)
bitmaps (.bmp files) to TrueType outlines, thus enabling you
to create your own signature, logo and handwriting.
In addition, unlimited undo and redo and repeat options are
available. The modified fonts can be saved and then used in
popular word processing and illustration programs.
The editor lets you easily select any installed font, display
ing the entire character set complete with descriptions of
every letter, number, and special character. Once you've
perfected your work of art, a click on the program's toolbar
will install your creation.
The Font Creator Program allows would-be typographers to load
existing ttf files and modify them until the desired results
are achieved.
The modified fonts can be saved and then used in popular word
processing and illustration programs.
WHERE TO DOWNLOAD
Author : High-Logic The Netherlands
Homepage : http://www.high-logic.com/
URL : http://www.high-logic.com/download.html
http://www.high-logic.com/fcp3.exe
Size : 1.4 MB - as of October 18,2000
Release : Version 3.0 [October 7, 2000]
HOW TO GET VALID SERIAL NUMBER by using SoftIce
1. Run FCP3.EXE, in the main program click on HELP/REGISTER
button.
In the registration dialog box type these below informations :
Name : High Steppin' Hip Dressin' Fella
Company : Pirates Order
Reg Password: 738-810-507-361
Do not click OK button yet
2. Fire up SoftIce by pressing [ CTRL + D ], create a new breakpoint
as follow :
BPX HMEMCPY [enter] and
F5 to return to the main program
3. Now it's time to click OK button... you must returned back into
SoftIce!
In within SoftIce press F5, F11, F5,and F11 once again.
F12 several times until you see the main progs code and landed
at :
_____________________________________________________________________
004F5598: E8EFF7F3FF call 000434D8C <==== YOU LAND HERE
004F559D: FF75F0 push d,[ebp][-0010]
004F55A0: 8D55EC lea edx,[ebp][-0014]
004F55A3: 8B8314030000 mov eax,[ebx][000000314]
004F55A9: E8DEF7F3FF call 000434D8C
004F55AE: FF75EC push d,[ebp][-0014]
004F55B1: 8D45FC lea eax,[ebp][-0004]
004F55B4: BA04000000 mov edx,000000004 ;"
004F55B9: E856EBF0FF call 000404114
004F55BE: 8D55E4 lea edx,[ebp][-001C]
004F55C1: 8B830C030000 mov eax,[ebx][00000030C]
004F55C7: E8C0F7F3FF call 000434D8C
004F55CC: 8B45E4 mov eax,[ebp][-001C]
004F55CF: BA03000000 mov edx,000000003 ;"
004F55D4: 4A dec edx
004F55D5: 3B50FC cmp edx,[eax][-0004]
004F55D8: 7205 jb 0004F55DF <==== jump
004F55DA: E8C5D9F0FF call 000402FA4
004F55DF: 42 inc edx <=== YOU LAND HERE
004F55E0: 8A4410FF mov al,[eax][edx][-0001]
004F55E4: 50 push eax
004F55E5: 8D55E0 lea edx,[ebp][-0020]
004F55E8: 8B83E0020000 mov eax,[ebx][0000002E0]
004F55EE: E899F7F3FF call 000434D8C
004F55F3: 8B45E0 mov eax,[ebp][-0020]
004F55F6: 8D4DE8 lea ecx,[ebp][-0018] <====
d eax HERE
004F55F9: 5A pop edx
004F55FA: E88DF7FFFF call 0004F4D8C
004F55FF: 8B45E8 mov eax,[ebp][-0018]
004F5602: 50 push eax <==== d eax HERE
004F5603: 8D55DC lea edx,[ebp][-0024]
____________________________________________________________________
4. Clear the current existing breakpoint since we don't need anymore
bd 00 or bd * [enter]
Now we are in the main program codes.
5. Create a new breakpoint at the new location ;
bpx 015F:004F5598 [enter]
Note : In case of different address do a search string ( as long
as you're within main program codes; pls check your lower right
corner for sure - the .exe file name SHOULD BE THERE )as follow :
s 0 l fffffffffffffffff E8 EF F7 F3 FF FF 75 F0 [enter]
SoftIce will report :
Address found at 0XYZ:000XXXXXXXXXXX --> bpx this location.
6. Press F10 26 times - until you reach and stop at 015F:004F5602
and dump EAX register by typing :
D EAX [enter]
Look at the Data Window, at virtual address 0167:00EB6B8C did you
see C1V8476R7KPQ ?
And several line below - at virtual address 0167:00EB6C7C is your
fake S/N.
Write it down, that's the reg code you're looking for.
8. Disable all breakpoints :
bd * [enter]
Press F5 to return to the registration window
9. Repeat registration procedure and keyed-in C1V8476R7KPQ as your
registration code.
Click OK button ..... you'll get this classic message " Thank you
for registering .... " .
YOU'RE REGISTERED now... da hast Du Dich aber anscheißen lassen !.
However, as a matter of fact it's ILLEGAL REGISTRATION!!!!!
10. Where the hell is my registration info is stored ??
- The correct registration code is stored in the registry
as follows :
REGEDIT4
[HKEY_CURRENT_USER\Software\High-Logic\Font Creator Program\3.0]
"RegData"=hex:f0,33,61,42,df,95,26,cb,9a,06,d0,e3,e0,f9,3e,00,d7,
e4,a4,93,e1,\67,6b,25,05,bd,8c,ea,d7,d2,a1,70,2a,01,44,e6,3a,df,
d7,15,23,5c,52,f0,ce,6f,\51,35,0a,c0,92,61,e2,07,47,2c,c4,.....
......
......
11. How can I practise with another registration key ?
- I strongly recommended you not to do this !
END NOTES
This program is sold as shareware, so you can try before you buy.
This is convenient for you, saves expenses by dispensing with all
that packaging, and cuts out the middle person. So it is cheap,
but it is not free.
If you like the program, and you will, be sure to register and pay.
To keep shareware prices low, users must do the right thing:
Register, pay up, and smile/grin at yourself in the mirror.
Do not distribute your crack release based on this tutorial, because
you become a LAMER(s)!!!!!!!!
( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of
personal computer, using Hex Editor, ripping off other group(s)
crack release, repacking (distro) them under his name.
Adopted from newsgroup alt.cracks, alt.crackers - February 1997 )
More about LAMER(s):
lamer /n./ [prob. originated in skateboarder slang]
Synonym for luser, not used much by hackers but common among warez
d00dz, crackers, and phreakers. Oppose elite. Has the same connota
tions of self-conscious elitism that use of luser does among
hackers.
< SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html >
_ Never attribute to malice that which is adequately explained by stupidity _
ASTAGA [D4C/C4A] tute-fontcreatorprogram30.zip
[EOF] 10/20/00 9:51:44 AM