WHY PATCHING WHILE SERIAL NUMBER IS FISHY Private Pix v1.30 A Cracking Tutorial by ASTAGA [D4C/C4A] DISCLAIMER This reading material is not intended to violate Copyrights and/or it is law, but educational purposes only. I hold no responsibility ( by all means and in any shape whatsoever ) of the mis-used of this material. ABOUT THE PROGRAM Private Pix (tm) is the ultimate tool to insure your privacy of your pictures. Private Pix (tm) uses advanced encryption to protect your pictures and keep your data safe. Private Pix also encrypts the name of your pictures and allows the user to view them while they are encrytped! Private Pix also offers a hot key for quick escape using your keyboard. WHERE TO DOWNLOAD Author : Silvio Kuczynski / Tropical Software Homepage : http://www.tropsoft.com/privpix/main.htm URL : http://www.tropsoft.com/privpixd.exe Size : KB HOW TO GET VALID SERIAL NUMBER by using SoftIce Unlike the other product ( i.e Private Desktop, ErgTimer, Stealth ) from the same Author, Private Pix is visual basic (VB5) based program. To my surprise Razzia's tute doesn't work here ( do you remember his magic search string to locate where the EDI and ESI register being compared ? ) and I decide to not patching my own MSVBVM50.DLL as described in the CrackZ's BPINT 3 approach. However, I suggest you to read those two usefull tutorials, which possibly can be downloaded from : http://www.shield.or.jp/crackz/Index2.htm or http://www.idca.com/~thesandman 1. Run PRIVP.EXE, type PRIVATE as your default password to enter the main program, then click on the REGISTER menu. In the registration dialog box type these below informations : Name : Pirates Order Code : 7388105099 Do not click OK button yet 2. Fire up SoftIce by pressing Ctrl + D , create a new breakpoint by typing : bpx __vbaStrToAnsi [enter] Press F5 to return to the main program. Note : 1. at the first time I create two breakpoints that are bpx __vbastrcomp and bpx __vbahresultcheckobj simul taneously and took around 30 times of pressing F10 to get correct serial number. 2. You will not find suspected S/N in wide format as their should be ( which common in VB prog ) except your User Name. That was strange to me ..... it's your turn to check it out Bud ..... 3. Click OK button now, you'll return back into SoftIce. Press F11, F5, and F11 once again to get into the main program codes as follows : ___________________________________________________________________ 00450C88: FFD6 call esi 00450C8A: 50 push eax <==== you land HERE 00450C8B: E8A8AAFBFF call 00040B738 00450C90: 8BF0 mov esi,eax _______________________PRIVP! . text + 0004FC88____________________ Just press F10 2 times, and after you jump pass the CALL instruction at 015F:00450C8B ( or stop at 015F:00450C90 ) dump/display EDX register by typing : D EDX [enter] Did you see 0A7597C904 ( located at the memory address 0167:0069F96C ) in the Data Window ?? Scroll up one line above you'll see your fake S/N together with the real one. 4. Write down this posible valid serial number. 5. Now, disable current existing breakpoint ( BD * [enter ), press F5 to return to the main program. 6. Soon you're return back to the program, the 'beggar-off' msg appear on the screen, just click OK to confirm and quit the application ( nice try .... Kuczynski !!!! ). 7. Re-run the program, repeat registration procedure and keyed-in 0A7597C904 as your serial number. Successful registration will appear on the screen, you're illegaly registered now. 8. Let's recap your job with the following question : - where the hell is my registration code is stored ?? 9. Take this following answer : - The correct registration code is encrypted and stored in the file called GERPVIRP.DRU which located in your Windows directory ( usually C:\WINDOWS ). END NOTES This program is sold as shareware, so you can try before you buy. This is convenient for you, saves expenses by dispensing with all that packaging, and cuts out the middle person. So it is cheap, but it is not free. If you like the program, and you will, be sure to register and pay. To keep shareware prices low, users must do the right thing: Register, pay up, and smile/grin at yourself in the mirror. Do not distribute your crack release based on this tutorial, because you become a LAMER(s)!!!!!!!! ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of personal computer, using Hex Editor, ripping off other group(s) crack release, repacking (distro) them under his name. Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) More about LAMER(s): lamer /n./ [prob. originated in skateboarder slang] Synonym for luser, not used much by hackers but common among warez d00dz, crackers, and phreakers. Oppose elite. Has the same connota tions of self-conscious elitism that use of luser does among hackers. < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html > _ Never attribute to malice that which is adequately explained by stupidity _ ASTAGA [D4C/C4A] tute-privatepix130.zip [EOF] Sep 30,2000 01:00:08AM dow ...