WHY PATCHING WHILE SERIAL NUMBER IS FISHY

HappyIcon v2.01
A Cracking Tutorial 
by ASTAGA [D4C/C4A]


DISCLAIMER 

This reading material is not intended to violate Copyrights 
and/or it is law, but educational purposes only. I hold no 
responsibility ( by all means and in any shape whatsoever ) 
of the mis-used of this material.


ABOUT THE PROGRAM 

HappyIcon is a 32 bit software for Windows 9x, 2000 and NT 4.x 
creating icons, cursors and animated cursors by converting graphic 
files or scannered documents.

HappyIcon converts the following file types:

·	AVI	Windows Audio Video Interleave
·	AVS	AVS X Image
·	BMP	bitmap Windows/OS2 (bmp, bga, dib)
·	DCM	Dicom
·	FTS	FITS – Flexible Image Transport System
·	GIF	Compuserve Graphic Interchange Format
.... AND MORE


WHERE TO DOWNLOAD

Author   	: Jean Piquemal
Homepage 	: http://www.logipole.com
URL		: http://happyicon.free.fr/happyicone.zip
Size 		:  KB  - as of  October 11,2000


HOW TO GET VALID SERIAL NUMBER by using SoftIce


1.	Run HAPPYICON.EXE, in the main program click on HELP/REGISTER
	submenu.  
	In the registration dialog box type these below informations :

	Name 		: Order 
	First		: Pirates
	Key		: 73881050

    	Do not click OK button yet


2.	Fire up SoftIce by pressing [ CTRL + D ], create a new breakpoint
	as follow : 

	BPX MessageBoxA [enter] and
   	F5  to return to the main program

3.	Now click OK button... you'll return back into SoftIce.
    	In within SoftIce press F11, then click OK to confirm 'Invalid
	Key .... ' message.  Again,  you'll return back into SoftIce and
	landed at MessageBoxA call instruction at 015F:00414127.

	Now, scroll up several line above by pressing [Ctrl+Up arrow],
      did you interesting CMP ( Compare ) instruction at 015F:00414116 ?
	Scroll up again until you see CALL instruction at 015F:00414104.

	Here you know where the call instruction being called and compari
	son between EAX and ECX register were made.

	Disable previous breakpoint and set a new breakpoint :

		bd *  [enter]
		bpx 015F:00414104  [enter]
		Press F5 to return to the main program


4.	Repeat registration procedure Step 1,  click OK button.
	If nothing goes wrong, you'll see these below following snippet
	codes : 
	___________________________________________________________________

	00414104: E873220000  	call	00041637C    <--- you land here
	00414109: 8B4C2414     	mov 	ecx,[esp][000
	0041410D: 83C404        	add 	esp,004 ;""
	00414110: 81F1F0BD6824  	xor 	ecx,02468BDF0
	00414116: 3BC1         	cmp	eax,ecx      <--- !!!!!!!!!
	00414118: 742E       	je  	000414148 
	0041411A: 6A10        	push 	010
	0041411C: 680C494200  	push 	00042490C ;
	00414121: 6864484200  	push 	000424864 ;
	00414126: 55         	push 	ebp
	00414127: FF15AC024200	call  	MessageBoxA ; <==== 3rd step
	0041412D: 6A01        	push  	001
	___________________________________________________________________


	Press F10 4 times ( stop at 015F:00414116 ), dump/display EAX and
	ECX register by typing : 

		? EAX  [enter]
		SoftIce will response :
		89AD8092   2309849234  ooops it wasn't your fake code ....
 
		? ECX  [enter]
		SoftIce will response :
		C8C0D8BC   3368081596  well... what the heck is this ?

		However, write down those two suspicious number for further 
		usage.

	Press F10 again around 6 times, you'll jump pass call instruction
	at 015F:00414127 and got beggar-off message " Invalid Key .... ".
	Click OK button, Press F5 and disable all breakpoints, press F5
	again to return to the main program.


5.	Let's think a while why at 00414118: 742E je 000414148 instruction
	we didn't get that beggar-off message ?
	Does the program doesn't have classic message " Thank you for regis
	tering .... " when the correct key is entered ?
	What will happen if we enter 2309849234 and/or 3368081596 as your
	serial number ?


6.	Just do it ! Repeat registration procedure and keyed-in 2309849234 
	and/or 3368081596 as your serial number respectively.
	Did you feel the difference ? 
	The first one you'll face beggar-off message, and the last one you
	will have just a splash screen.... but look at the title bar.....
	the "( Unregistered )" text is gone.
	Upto this step you can noticed that this program doesn't have
	" Thank you for registering .... " as we expected.


7.	To ensure you're registered or not, click HELP/ABOUT submenu.
	Yes, you're illegaly registered and your key is 3368081596 !


8.  Where the hell is my registration code is stored ??

	-  The correct registration code is encrypted and stored
	   in the file called   HAPPYICON.LIC   which located in your 
         HAPPYICON directory.

9.  How can I practise with my own user name ?

	-  I strongly recommended you not to do this !



END NOTES

   This program is sold as shareware, so you can try before you buy.  
   This is convenient for you, saves expenses by dispensing with all 
   that packaging, and cuts out the middle person.  So it is cheap, 
   but it is not free.  
   If you like the program, and you will, be sure to register and pay.
   To keep shareware prices low,  users must do the right thing: 
   Register, pay up, and smile/grin at yourself in the mirror.

   Do not distribute your crack release based on this tutorial, because
   you become a LAMER(s)!!!!!!!!
   ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of
   personal computer, using Hex Editor, ripping off other group(s)
   crack release, repacking (distro) them under his name. 
   Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) 

    More about LAMER(s):
	lamer /n./ [prob. originated in skateboarder slang]
	Synonym for luser, not used much by hackers but common among warez 
	d00dz, crackers, and phreakers. Oppose elite. Has the same connota
	tions of self-conscious elitism that use of luser does among 
	hackers.
    < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html >


 _ Never attribute to malice that which is adequately explained by stupidity _


ASTAGA [D4C/C4A] tute-happyicon201.zip
[EOF] October 11,2000  12:45:24 PM  
10/10/00 to mg37s105088, and see what happen