SERIAL NUMBER IS FISHY - DECLINE YOUR PATCHING Shred-X v1.0 A Cracking Tutorial by ASTAGA [D4C/C4A] DISCLAIMER This reading material is not intended to violate Copyrights and/or it is law, but educational purposes only. I hold no responsibility ( by all means and in any shape whatsoever ) of the mis-used of this material. ABOUT THE PROGRAM Shred-X is a security file shredder. Its purpose is to prevent others from breaching your privacy or stealing your secrets by securely removing all traces of any sensitive files from your hard disk. Shred-X does this by using sophisticated overwriting algorithms which obliterate latent data on your hard disk, making your deleted files irrecoverable, even by expensive equipment. The user interface was designed with safety and ease of use as prime criteria. Multi-pass file deletion, (including the Windows SwapFile) is combined with effective disk cleaning. WHERE TO DOWNLOAD Program: Shred-X File and Data Shredder Ver: 1.0 Date: September 24, 2000 Copyright : Business Software Web : http://www.bsoft.ic24.net/shredx.htm Download : http://www.bsoft.ic24.net/shredx10.zip Author : Eddie Bond Status : Shareware Evaluation (30 days) Restrictions : Delayed 'Nag' after extended unregistered period. Platform : Windows 98 or 95 HOW TO GET VALID SERIAL NUMBER by using SoftIce 1. Run SHREDX.EXE, in the registration dialog box type these below information : User Name : Pirates Order Company : Caribbean Buccaneer Reg Key : 73881050 Do not click OK button yet 2. Fire up SoftIce by pressing [ CTRL + D ], create a new breakpoint as follow : BPX hmemcpy [enter] and F5 to return to the main program 3. Now click OK button... you'll return back into SoftIce. In within SoftIce press F11, F5, F11 followed with pressing F12 several (12)times until you these below snippet codes : _______________________________________________________________ 015F:0044FBE2 E80540FCFF CALL 00413BEC 015F:0044FBE7 8B55F0 MOV EDX,[EBP-10] <== break here 015F:0044FBEA 58 POP EAX .... _______________________SHREDX!CODE+0004EBE2____________________ Clear previous breakpoint since you don't need anymore, set a new breakpoint for further usage : : bc * [enter] : bpx 015F:0044FBE2 [enter] Now, do a search string as follows : : s 0 l fffffffffffffffffff E8 79 46 FC FF 8B 45 [enter] SoftIce will response : Pattern found at 0167:0044F56E (0044F56E) Create a new breakpoint again at the new searched memory address : : bpx 0167:0167:0044F56E [enter] : X or F5 to let SoftIce break in this new location ( note : if SoftIce doesn't break at 0044F56E , disable previous breakpoint of 0044FBE2 . Repeat registration procedure if necessary ) 4. If nothing goes wrong you'll break at these below snippet codes : _______________________________________________________________ 015F:0044F568 8B80D0010000 MOV EAX,[EAX+000001D0] 015F:0044F56E E87946FCFF CALL 00413BEC <== break here 015F:0044F573 8B45F4 MOV EAX,[EBP-0C] 015F:0044F576 33D2 XOR EDX,EDX 015F:0044F578 E8FB68FBFF CALL 00405E78 015F:0044F57D 3BF8 CMP EDI,EAX ? edi ? eax ..... ..... ______________________SHREDX!CODE+0004E568____________________ Break due to BPX #0167:0044F56E Press F10 2 times - stop at 015F:0044F576 - display EAX register : d eax [enter] ==> lookie the Data Window, your fake code appear at virtual address 0167:0112E3A0. Press F10 2 times again - stop at 015F:0044F57D - yeah whatta classic CMP instruction ... Let's check it out what are their contents : : ? edi [enter] 00C0CE98 0012635800 " " ==> posible valid reg.code, Write it down ! : ? eax [enter] 046755DA 0073881050 " gU " ==> your fake code 5. Disable all current existing breakpoint(s) : : bd * [enter] : x or F5 to return to registration dialog box 6. Repeat registration procedure, and keyed-in 12635800 as your registration key. Click OK button ....... you're registered ! see that your trial period is gone. 7. Where the hell is my registration code is stored ?? The correct registration code is stored in the registry as follow : 8. How can I practise with my own name and reg. key ? - I strongly recommended you not to do this ! END NOTES Do not distribute your crack release based on this tutorial, because you become a LAMER(s)!!!!!!!! ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of personal computer, using Hex Editor, ripping off other group(s) crack release, repacking (distro) them under his name. Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) More about LAMER(s): lamer /n./ [prob. originated in skateboarder slang] Synonym for luser, not used much by hackers but common among warez d00dz, crackers, and phreakers. Oppose elite. Has the same connota tions of self-conscious elitism that use of luser does among hackers. < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html > Never attribute to malice that which is adequately explained by stupidity ASTAGA [D4C/C4A] tute-shredx10.zip [EOF] 11/9/00 11:44:09 PM