SERIAL NUMBER IS FISHY - DECLINE YOUR PATCH'ITCH'ING Super Text Search 2.3 A Cracking Tutorial by ASTAGA [D4C/C4A] DISCLAIMER This reading material is not intended to violate Copyrights and/or it is law, but educational purposes only. I hold no responsibility ( by all means and in any shape whatsoever ) of the mis-used of this material. Read END NOTES section at the end of this file. ABOUT THE PROGRAM Super Text Search is a utility which enables you to quickly search files for text. You can search anything from a single file to an entire drive for any text you need to find. Both plain text files (program source code, batch files, HTML files, etc.) and binary files (word processing and spread sheet documents, databases, even executable programs) can be searched, as can files archived inside Zip files. In addition to simple searches for words or phrases, the program allows you to use regular expressions (as found in Grep utilities, which will be familiar to the more technical among you) to perform more advanced searches including wild cards and various types of pattern matching. After performing a search, files containing the search text can be viewed, edited or opened in their associated applications. Search results can also be printed. WHERE TO DOWNLOAD Author : Glenn Alcott Copyright : GLENN ALCOTT SOFTWARE Homepage : http://www.galcott.com/default.htm URL : http://www.galcott.com/ts.htm http://www.galcott.com/supexp12.zip Size : 860 kb as of Dcember 17,2000 Rel Date : July 2000 HOW TO GET VALID SERIAL NUMBER by using SoftIce 1. Run SUPEREXP.EXE, in the registration dialog box type these below informations : Code : 73881050 Do not click OK button yet 2. Load SoftIce by pressing [ CTRL + D ], set a breakpoint as follow : 3. Now, click OK button... you'll return back into SoftIce! In within SoftIce press F11, confirm OK when beggar-off message pops-up. Next, you'll returned back again into SoftICe and break at USER32!MessageBoxA . Scroll up around 4-5 times ( Ctrl+PgUp ) until you see CALL instruction at 015F:00481B9F. I told you this is a shortcut. Now, do these below followings : : bd 00 [enter] ==> no longer needed : bpx 015F:004E1DA6 [enter] Press X to let SoftIce break into new location ( Press OK button in the registration dialog box if necessary ). 4. If nothing goes wrong you'll break again at these below snippet codes : ________________________________________________________________ 015F:004E1DA6 E80D7CF2FF CALL 004099B8 <== break here 015F:004E1DAB 8B45FC MOV EAX,[EBP-04] 015F:004E1DAE 50 PUSH EAX ==> D EAX 015F:004E1DAF 68201F4E00 PUSH 004E1F20 015F:004E1DB4 8D55EC LEA EDX,[EBP-14] 015F:004E1DB7 B8560C0000 MOV EAX,00000C56 015F:004E1DBC E83F81F2FF CALL 00409F00 015F:004E1DC1 FF75EC PUSH DWORD PTR [EBP-14] 015F:004E1DC4 682C1F4E00 PUSH 004E1F2C 015F:004E1DC9 8D45F0 LEA EAX,[EBP-10] 015F:004E1DCC BA03000000 MOV EDX,00000003 015F:004E1DD1 E8A224F2FF CALL 00404278 015F:004E1DD6 8B55F0 MOV EDX,[EBP-10] 015F:004E1DD9 58 POP EAX ==> D EDX 015F:004E1DDA E8E924F2FF CALL 004042C8 015F:004E1DDF 0F85DC000000 JNZ 004E1EC1 015F:004E1DE5 B201 MOV DL,01 _________________________ TEXTSRCH!CODE+000E0DA6 _______________ Break due to BPX #015F:004E1DA6 Press F10 2 times - stop at 015F:004E1DAE - display EAX register :d eax [enter] ==> your fake code appear in the Data Window at virtual address 0167:00DBB930 . Press F10 11 times - stop at 015F:004E1DD9 - display EDX register :d edx [enter] ==> there is AG3158NK again appear at 0167:00C1F504 Write down this suspicious number. You can continue tracing later on you'll see your fake code load into ECX register ( in reverse order ) and real code which also in reverse order until further you see CALL instruction for "beggar-off" message at 015F:004E1ED5 . 7. Disable all breakpoints by typing BD * [enter] Press F5 or X to return to the main program 8. Repeat registration procedure and keyed-in AG3158NK as your S/N. Click OK button ..... there you're registered. 9. Where the hell is my registration code is stored ?? The correct registration code is stored in the registry as follows : REGEDIT4 10. How can I practise with my own user name ? - I strongly recommended you not to do this ! E N D N O T E S Distributing your serial number is illegal and is no different than distributing illegal copies of the registered software. Violation of this rule may result in temporary or permanent revocation of this license and cancellation of the serial number; the original licensee will also be held responsible for damages, physical and estimated. Do not distribute your crack release based on this tutorial, because you become a LAMER(s)!!!!!!!! ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of personal computer, using Hex Editor, ripping off other group(s) crack release, repacking (distro) them under his name. Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) More about LAMER(s): lamer /n./ [prob. originated in skateboarder slang] Synonym for luser, not used much by hackers but common among warez d00dz, crackers, and phreakers. Oppose elite. Has the same connota tions of self-conscious elitism that use of luser does among hackers. < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html > Never attribute to malice that which is adequately explained by stupidity ASTAGA [D4C/C4A] tute-supertextsearch23.zip [EOF] 12/17/00 6:08:55 PMace.net/jargon/jargon_27.html >