==-->Tutorial number 5<--== Name : Add/Remove Cleaner Version : 2.3 Target : AddRmClr.exe Tools : SoftICE : Brain Cracker : KlimaX ...---===This tut is best viewed in full screen===---... ==>DISCLAIMER<== For educational purposes ONLY! I hold absolutely NO responsibility for the misuse of this material! _____=====_____=====_____=====_____=====_____=====_____=====_____=====_____=====_____=====_____=====_____=====_____=====_____ ===== ===== ===== ===== ===== ===== ===== ===== ===== ===== ===== ===== Add/Remove Cleaner is another drop in the ocean of the endless amount of Uninstall Managers available on the shareware market. It seems like only yesterday I counted number 234, well instead of complaining, I'll take up the challenge find the valid serial using SoftICE. And as the "unknown" cracker once said: "Don't cry - crack" (taken from the wise words of the "KlimaX" ;) ----====The cracking part====---- Let's start cracking and most important learning!!! Start by opening AddRmClr.exe, and select "OK..I'll Register Later". Now your at the main menu so press, guess what, "Register". Fill in the boxes with whatever you want. Registrations Name: KlimaX Serial Number : 12345 Don't press "Done" yet, cause now it's time for SICE, so press Ctrl+D and set a breakpoint on hmemcpy BPX HMEMCPY Press F5 to get back to the prog. and now you may press "Done". OK, now keep hold on your hat and glasses, cause you need to press following: F11, F5, F11, F5, F11, F5, F11 Got it? Hope so ;) Now let's move on. Press F12 about 10 times till you see EAX=00000005 in top-right corner. Now press F10 5 times to get past the RET's, and you should see this: :00448F71 E8F6E2FDFF CALL 0042726C :00448F76 8B45F4 MOV EAX, [EBP-0C] <=-You'll land here :00448F79 8D55E4 LEA EDX, [EBP-1C] :00448F7C E847E6FBFF CALL 004075C8 :00448F81 8B55E4 MOV EDX, [EBP-1C] :00448F84 58 POP EAX :00448F85 E87EACFBFF CALL 00403C08 <=-We want to trace into this one (F8) :00448F8A 0F85B3000000 JNZ 00449043 :00448F90 B201 MOV DL, 01 :00448F92 A1605C4400 MOV EAX, [00445C60] Press F10 till you get to the CALL on address :00448F85, when there you'll need to press F8 to step/trace into the CALL. When done you should bee at the following snippet: :00403C05 8D4000 LEA EAX, [EAX+00] :00403C08 53 PUSH EBX <=-You'll land here :00403C09 56 PUSH ESI :00403C0A 57 PUSH EDI :00403C0B 89C6 MOV ESI, EAX <=-D EAX for valid s/n :00403C0D 89D7 MOV EDI, EDX ;D EDX for our fake s/n :00403C0F 39D0 CMP EAX, EDX :00403C11 0F848F000000 JZ 00403CA6 Press F10 3 times to get to the MOV on the address :00403C0B. Type D EDX to see your fake serial, and D EAX to see the valid one ;) You see, that wasn't so difficult, so if your a newbie like me, don't loose patience cause it's the essential part of "learning and practising the art of cracking". _____=====_____=====_____=====_____=====_____=====_____=====_____=====_____=====_____=====_____=====_____=====_____=====_____ ===== ===== ===== ===== ===== ===== ===== ===== ===== ===== ===== ===== --==>Please bear in mind that shareware programs are a commercial benefit, because it gives you the opportunity to "Try before you Buy". Therefore, if you like a shareware program, please be sure to pay the authors/makers, so they don't stop minking them. -=>LAST WORDS: If you have any comments on this tut, feel free to mail at KlimaX_v2000@mail.com _ _ _ _ _ _ _ _ Special thanks to tKC for releasing those great tut's, keep on making 'em!. They are the BEST!!!!! and the TNT Crack Team, as they have the ultimate cracking site, you simply have to try it!!!!!!!!