WHY PATCHING WHILE SERIAL NUMBER IS FISHY

PC Security v4.11
A Cracking Tutorial 
by ASTAGA [D4C/C4A]


DISCLAIMER 

This reading material is not intended to violate Copyrights 
and/or it is law, but educational purposes only. I hold no 
responsibility ( by all means and in any shape whatsoever ) 
of the mis-used of this material.


ABOUT THE PROGRAM 

The PC Security for Windows (tm) utilities are custom designed to 
help you protect your system against such intrusions.
The PC Security for Windows (tm) offers comprehensive data 
security protection by performing the following functionality:

	FileLock.			System Lock.
	Window Lock.			Explorer Control.
	Shortcut/Program lock.	Restricted System.	
	Folder Lock.			Intruder Detection with Alarm.
	Flexible and complete password protection.



WHERE TO DOWNLOAD

Author   	: Silvio Kuczynski / Tropical Software
Homepage 	: http://tropsoft.com/
URL		: http://tropsoft.com/pcsec32.exe
Size 		: 535.497 Bytez  as of Oct 10,2000


HOW TO GET VALID SERIAL NUMBER by using SoftIce



1.  Run SECURITY.EXE, type SECURITY as your password on the screen,
     in the main program click REGISTER menu.
     In the registration dialog box type these below informations :

	Registered User : Pirates Order 
	Registration Key: 7388105099

    Do not click OK button yet


2.  Fire up SoftIce by pressing [ CTRL + D ], put a new breakpoint 
    in this regard is GetWindowTextA : 

	BPX GetWindowTextA     [enter]   and
   	F5  to return to the main program


3.  Click OK button now, you'll return back into SoftIce.
    Press F11, F5, and F11 once again to get into the main program
    codes as follows : 
    ___________________________________________________________________

	004284D1: FF15D8454400   	call      GetWindowTextA  <== you land
	004284D7: 8B4C2408       	mov       ecx,[esp][00008] <== here
	004284DB: 6AFF        	push      0FF
	004284DD: E8103B0000   	call      00042BFF2 
	004284E2: EB0C       	jmps      0004284F0 
    ___________________________________________________________________


4.  Iam not going into detail because I've been traced for you.
    The details can be read in my tute called TUTE-STEALTH33.TXT
    ( c_tkc10x.zip ) for which this program have similar protection.


5.  Now do a search string to locate the address where your valid S/N
    copied ( echoed ? ) into memory address : 

	s 0 l fffffffffffffffff e8 c7 13 00 00 59 59 85 c0  [enter]
	SoftIce will response :
	Pattern found at 0167:0040E804
	G 0167:0040E804  [enter]

    If nothing goes wrong your Code Window will look as follow : 

	0040E803: 51			push  	ecx    <== you land here
	0040E804: E8C7130000	  	call  	00040FBD0
	0040E809: 59        	  	pop  	ecx
	0040E80A: 59      	  	pop   	ecx
	0040E80B: 85C0 	  	est 	eax,eax


    Press F10 once and after jump pass CALL instruction at 
    015F:0040E804  ( or stop at 015F:0040E809 ) dump/display ECX 
    or EDX register by typing : 

	d ecx or d edx  [enter]

	Now, look at the Data Window .... what the hell is CAB8152102 
	near your fake serial number ?  It was in the memory address
	of 0167:6AEEBD0 !!!  


6.  Write down this suspected registration code and disable all break
    points : 

	bd *   [enter]
	F5     to return to registration window


7.  Soon you're return back to the program, the 'beggar-off' msg
    appear on the screen, just click OK to confirm and quit the
    application ( nice try .... Kuczynski !!!! ).

6.  Re-run the program, repeat registration procedure and keyed-in
    CAB8152102  as your serial number.
    Successful registration will appear on the screen, you're
    illegaly registered now.

7.  Where the hell is my registration code is stored ??

	-  The correct registration code is encrypted and stored
	   in the file called   GERHTS23.DRU       which located 
	   in your Windows directory ( usually C:\WINDOWS ).

8.  How can I practise with my own user name ?

	-  I strongly recommended you not to do this !




END NOTES

   This program is sold as shareware, so you can try before you buy.  
   This is convenient for you, saves expenses by dispensing with all 
   that packaging, and cuts out the middle person.  So it is cheap, 
   but it is not free.  
   If you like the program, and you will, be sure to register and pay.
   To keep shareware prices low,  users must do the right thing: 
   Register, pay up, and smile/grin at yourself in the mirror.

   Do not distribute your crack release based on this tutorial, because
   you become a LAMER(s)!!!!!!!!
   ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of
   personal computer, using Hex Editor, ripping off other group(s)
   crack release, repacking (distro) them under his name. 
   Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) 

    More about LAMER(s):
	lamer /n./ [prob. originated in skateboarder slang]
	Synonym for luser, not used much by hackers but common among warez 
	d00dz, crackers, and phreakers. Oppose elite. Has the same connota
	tions of self-conscious elitism that use of luser does among 
	hackers.
    < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html >


 _ Never attribute to malice that which is adequately explained by stupidity _


ASTAGA [D4C/C4A] tute-PCSecurity411.zip
[EOF] Sep 30,2000  01:00:08AM this !