WHY PATCHING WHILE SERIAL NUMBER IS FISHY HappyIcon v2.01 A Cracking Tutorial by ASTAGA [D4C/C4A] DISCLAIMER This reading material is not intended to violate Copyrights and/or it is law, but educational purposes only. I hold no responsibility ( by all means and in any shape whatsoever ) of the mis-used of this material. ABOUT THE PROGRAM HappyIcon is a 32 bit software for Windows 9x, 2000 and NT 4.x creating icons, cursors and animated cursors by converting graphic files or scannered documents. HappyIcon converts the following file types: · AVI Windows Audio Video Interleave · AVS AVS X Image · BMP bitmap Windows/OS2 (bmp, bga, dib) · DCM Dicom · FTS FITS – Flexible Image Transport System · GIF Compuserve Graphic Interchange Format .... AND MORE WHERE TO DOWNLOAD Author : Jean Piquemal Homepage : http://www.logipole.com URL : http://happyicon.free.fr/happyicone.zip Size : KB - as of October 11,2000 HOW TO GET VALID SERIAL NUMBER by using SoftIce 1. Run HAPPYICON.EXE, in the main program click on HELP/REGISTER submenu. In the registration dialog box type these below informations : Name : Order First : Pirates Key : 73881050 Do not click OK button yet 2. Fire up SoftIce by pressing [ CTRL + D ], create a new breakpoint as follow : BPX MessageBoxA [enter] and F5 to return to the main program 3. Now click OK button... you'll return back into SoftIce. In within SoftIce press F11, then click OK to confirm 'Invalid Key .... ' message. Again, you'll return back into SoftIce and landed at MessageBoxA call instruction at 015F:00414127. Now, scroll up several line above by pressing [Ctrl+Up arrow], did you interesting CMP ( Compare ) instruction at 015F:00414116 ? Scroll up again until you see CALL instruction at 015F:00414104. Here you know where the call instruction being called and compari son between EAX and ECX register were made. Disable previous breakpoint and set a new breakpoint : bd * [enter] bpx 015F:00414104 [enter] Press F5 to return to the main program 4. Repeat registration procedure Step 1, click OK button. If nothing goes wrong, you'll see these below following snippet codes : ___________________________________________________________________ 00414104: E873220000 call 00041637C <--- you land here 00414109: 8B4C2414 mov ecx,[esp][000 0041410D: 83C404 add esp,004 ;"" 00414110: 81F1F0BD6824 xor ecx,02468BDF0 00414116: 3BC1 cmp eax,ecx <--- !!!!!!!!! 00414118: 742E je 000414148 0041411A: 6A10 push 010 0041411C: 680C494200 push 00042490C ; 00414121: 6864484200 push 000424864 ; 00414126: 55 push ebp 00414127: FF15AC024200 call MessageBoxA ; <==== 3rd step 0041412D: 6A01 push 001 ___________________________________________________________________ Press F10 4 times ( stop at 015F:00414116 ), dump/display EAX and ECX register by typing : ? EAX [enter] SoftIce will response : 89AD8092 2309849234 ooops it wasn't your fake code .... ? ECX [enter] SoftIce will response : C8C0D8BC 3368081596 well... what the heck is this ? However, write down those two suspicious number for further usage. Press F10 again around 6 times, you'll jump pass call instruction at 015F:00414127 and got beggar-off message " Invalid Key .... ". Click OK button, Press F5 and disable all breakpoints, press F5 again to return to the main program. 5. Let's think a while why at 00414118: 742E je 000414148 instruction we didn't get that beggar-off message ? Does the program doesn't have classic message " Thank you for regis tering .... " when the correct key is entered ? What will happen if we enter 2309849234 and/or 3368081596 as your serial number ? 6. Just do it ! Repeat registration procedure and keyed-in 2309849234 and/or 3368081596 as your serial number respectively. Did you feel the difference ? The first one you'll face beggar-off message, and the last one you will have just a splash screen.... but look at the title bar..... the "( Unregistered )" text is gone. Upto this step you can noticed that this program doesn't have " Thank you for registering .... " as we expected. 7. To ensure you're registered or not, click HELP/ABOUT submenu. Yes, you're illegaly registered and your key is 3368081596 ! 8. Where the hell is my registration code is stored ?? - The correct registration code is encrypted and stored in the file called HAPPYICON.LIC which located in your HAPPYICON directory. 9. How can I practise with my own user name ? - I strongly recommended you not to do this ! END NOTES This program is sold as shareware, so you can try before you buy. This is convenient for you, saves expenses by dispensing with all that packaging, and cuts out the middle person. So it is cheap, but it is not free. If you like the program, and you will, be sure to register and pay. To keep shareware prices low, users must do the right thing: Register, pay up, and smile/grin at yourself in the mirror. Do not distribute your crack release based on this tutorial, because you become a LAMER(s)!!!!!!!! ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of personal computer, using Hex Editor, ripping off other group(s) crack release, repacking (distro) them under his name. Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) More about LAMER(s): lamer /n./ [prob. originated in skateboarder slang] Synonym for luser, not used much by hackers but common among warez d00dz, crackers, and phreakers. Oppose elite. Has the same connota tions of self-conscious elitism that use of luser does among hackers. < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html > _ Never attribute to malice that which is adequately explained by stupidity _ ASTAGA [D4C/C4A] tute-happyicon201.zip [EOF] October 11,2000 12:45:24 PM 10/10/00 to mg37s105088, and see what happen