How to find the real serial 

Astack version 2.1

a Cracking tutorial By Nemesis] TNT

DISCLAIMER

This reading material is not intended to violate Copyrights
and/or it is law, but educational purposes only. I hold no
responsibility ( by all means and in any shape whatsoever )
of the mis-used of this material.

About The Program

The object of the game is to arrange similar figures into trains by sorting them from random sequence.
There are several sorting ways and one special buffer. This buffer is connected only with one way. Moving figures from one way to buffer and from buffer to another way you should make up seven similar figures on the one way. This is train. For every train you get bonus and increase score. Also you get special figure with image of crown. You can use it instead of any figures. Time for making the train is limited and depends of level of the game.
Your task is to make up as more trains as possible.

WHERE TO DOWNLOAD

Homepage :http://www.xt-infomatics.com
Size : 860kb

Tool: numega Softice 4.5 [can be download at http://www.eccentrix.com/computer/protools/

HOW TO GET VALID SERIAL NUMBER for your name By Using [Softice]

lets get started run  Astack now enter your name and  fake serial click register button message box say Invaild Key ! ok now do this ctrl D bring softice , now we should put breakpoint like this bpx hmemcpy and enter press F5 to get out off softice, type your fake serial in the edit click register now you are back in softice, now lets search for real serial ;-) ok press F5 1 time F12 9 times until we land at this address below, now press F10 to go down .

* Reference To: USER32.GetDlgItemTextA, Ord:00F5h
|
:0040DF42 FF15BCD44100                     Call            dword ptr [0041D4BC]
:0040DF48 6850BA4100                           push           0041BA50 <---- we land here

* Reference To: KERNEL32.lstrlenA, Ord:029Ch
|
:0040DF4D FF15C8D34100                     Call            dword ptr [0041D3C8]
:0040DF53 83F801                                    cmp            eax, 00000001
:0040DF56 0F8D0F000000                       jnl              0040DF6B
:0040DF5C C7051825410004000000       mov            dword ptr [00412518], 00000004
:0040DF66 E9B2000000                           jmp            0040E01D

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040DF56(C)
|
:0040DF6B 6850BA4100                          push            0041BA50 <---- type d eax for real serial
:0040DF70 E8A7010000                          call              0040E11C
:0040DF75 83C404                                   add              esp, 00000004
:0040DF78 50                                           push             eax
:0040DF79 68E8C74100                          push             0041C7E8

now remember the serial you have fond enter it and is registered !

easy or ??? the program is registered  ;-) hope you find it useful ?

END NOTES

Special Thanks go to All [TNT MEMBERS] Keep it Real guys.

Nemesis]