WHY PATCHING WHILE SERIAL NUMBER IS FISHY InfoClip v1.1.0 A Cracking Tutorial by ASTAGA [D4C/C4A] ABOUT THE PROGRAM InfoClip is a flexible, convenient utility program that enables you to save selected text into user-defined project categories. It was designed to work with your Web browser to enable you to save text from Web pages into related text files -- simply and easily. InfoClip provides a fast, easy way for you to gather selected blocks of text as they're copied (with Ctrl-C or Ctrl-X) from any application -- without the need for tediously switching to a text editor, creating a file, inserting the text, saving the file and switching back. With InfoClip, the blocks of text are automatically collected and saved together in the InfoClip content files that you specify. InfoClip's features include: * A button for toggling the program between active and suspended states, allowing you to easily control InfoClip's cut/copy monitoring activity. * A choice of visual dividers (None, a Blank Line, Custom or Date/Time) for clearly showing separation between blocks of saved text. * An Auto-Save option which lets you specify whether InfoClip, while in the active state, will ask you each time where you want to save the block of text or will automatically save it for you. * Easy creation of your own content files with names that have meaning to you. BACKGROUND INFORMATION Program Name: InfoClip.exe Platforms: Windows 95/98/NT Free trial period: 30 days Registration cost: $15 US$. Current version: 1.1.0 Version date: 18-Jan-2000 (c)Copyright 2000 - Donth Technology Group Web site: www.donth.com Author : Joseph L. Donth HOW TO FISH SERIAL NUMBER by USING SOFTICE 1. Run the program, click REGISTER button and keyed-in fake reg code = 73881050 Do not click OK button yet. 2. Load SoftIce and create a new breakpoint : bpx hmemcpy Press F5 3. Click OK button now, and you'll break in SoftIce again. Press F11 once and press F12 several times until you see this below snippet codes. __________________________________________________________________ 015F:0044BF7E E8F9EDFDFF CALL 0042AD7C <== break here 015F:0044BF83 8B55D8 MOV EDX,[EBP-28] 015F:0044BF86 8B45F8 MOV EAX,[EBP-08] <== d edx 015F:0044BF89 E8167AFBFF CALL 004039A4 015F:0044BF8E C645F701 MOV BYTE PTR [EBP-09],01 ........ ........ ________________________INFOCLIP!CODE+0004AF7E_____________________ Break due to BPX KERNEL!HMEMCPY Break due to G : bd * [enter] : BPX 015F:0044BF7E [enter] : Press F10 2 times and display EDX register, your fake reg code appear in the Data Window at virtual address 0167:00BCBEF0 . : BPM 0167:0167:00BCBEF0 [enter] : Press X or F5 You'll break again in SoftIce and see these below snippet codes : _________________________________________________________________ 015F:00403D05 8B0E MOV ECX,[ESI] break 015F:00403D07 8B1F MOV EBX,[EDI] <== here 015F:00403D09 39D9 CMP ECX,EBX <=== ? EBX 015F:00403D0B 7558 JNZ 00403EED ..... ..... __________________________ INFOCLIP!CODE+2D05 ___________________ Break due to BPMB #0167:00BCBEF0 RW DR3 Press F10 once : ? ecx [enter] : 38383337 0943207223 "8837" ==> part of your fake code : ? ebx [enter] : 33363130 0859189552 "3610" ==> part of the real code : d esi [enter] ===> your fake code at : d edi [enter] ===> did you see 0163-2526-5556-8145 at 0167:00BCAB24 . Write down this potential reg code. Scroll up one line above you will see your own product ID ( in my case is 5550-9687-1223-8379 ) . : bd * : F5 to return to registration dialog box 4. Repeat registration procedures, and keyed-in 0163-2526-5556-8145 as your registration code. You're registered. 5. Where the hell is my registration info is stored ?? - The correct registration code is stored in the HKCR and HKLM registry as follows ( before it's registered ) : 6. How can I practise with another registration key ? - I strongly recommended you not to do this ! END NOTES This program is sold as shareware, so you can try before you buy. This is convenient for you, saves expenses by dispensing with all that packaging, and cuts out the middle person. So it is cheap, but it is not free. If you like the program, and you will, be sure to register and pay. To keep shareware prices low, users must do the right thing: Register, pay up, and smile/grin at yourself in the mirror. Do not distribute your crack release based on this tutorial, because you become a LAMER(s)!!!!!!!! ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of personal computer, using Hex Editor, ripping off other group(s) crack release, repacking (distro) them under his name. Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) More about LAMER(s): lamer /n./ [prob. originated in skateboarder slang] Synonym for luser, not used much by hackers but common among warez d00dz, crackers, and phreakers. Oppose elite. Has the same connota tions of self-conscious elitism that use of luser does among hackers. < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html > _ Never attribute to malice that which is adequately explained by stupidity _ ASTAGA [D4C/C4A] tute-InfoClip110.zip [EOF] 10/31/00 6:32:06 PM