SuperCool Bookmark 1.62
"HOW TO" tutorial by Sir dReAm of TNT!
SuperCool Bookmark is an internet bookmark utility. It can collect ,organize, browse and search Internet bookmarks. It can be exacuted on Windows 98, Windows Me,Windows NT, Windows 2000.
You can find this cool proggy here : http://www.supercoolbookmark.com
Size of supercoolbookmark162.zip 844.399 k
================================
Ok...first we try to find the damn good serial number...
Like usualy BPX HMEMCPY ..a fake name and serial..F5 once..then F12.....etc :-)
Hmm...seems the serial is hard to find damn..
SO we begin to understand that a patch should be more easy :)
After examine the program with W32DASM AND with SICE...
I understand that the little bastard USE your name and fake serial for some encryption-decryption operation...
So..finality is here :
:0050A507 8B45E4 mov eax, dword ptr [ebp-1C]
* Possible StringData Ref from Code Obj ->"CuiWei"
|
:0050A50A BA50A75000 mov edx, 0050A750
:0050A50F E8809EEFFF call 00404394
:0050A514 0F85CE000000 jne 0050A5E8
:0050A51A 6A00 push 00000000
:0050A51C A154FB5000 mov eax, dword ptr [0050FB54]
:0050A521 8B4030 mov eax, dword ptr [eax+30]
The bastard check to see IF the result of your encrytpted name ( using the serial for key ) is CuiWei
IF you follow the call with F8 in SICE you can see THIS :
::00404394 53 push ebx
:00404395 56 push esi
:00404396 57 push edi
:00404397 89C6 mov esi, eax
:00404399 89D7 mov edi, edx
:0040439B 39D0 cmp eax, edx
:0040439D 0F848F000000 je 00404432
Here is the comparation made it... CMP EAX with damn EDX...
Where EDX is ALLWAYS CuiWei..:) ( remember ? ) and EAX the result of encrytion who ofcourse is NOT CuiWei if you don't have the right serial for your name....So this means the proggy will need allway to have the result of your encryted name and serial equal with CuiWei..:)
Now to crack this proggy you can do many things...
First of all you can try to find the right serial... ( Nice try he :) )
Second..IF you are lazy and don't want to waste your time you can only modify your registry file...Yeap..The number of try you have to evaluate the program is stored in registry and is NOT encrypted...:) So easily you can modifi it..
[HKEY_USERS\.DEFAULT\SOFTWARE\supercoolbookmark\reg]
"number"="35"
"username"=""
"password"=""
You can modify 35 in my case with a big big number..:-) BUT still you will have a nag when you close the proggy..:)
Ofcourse other solution will be to try to crack the expiration..the nag...etc... [ and is NOT very easy believe me :) ]
BUT enough with craps..HERE you will have the easiest solution I think ... AND more elegant way..:)
Remember that CMP EAX with EDX ? Well this will be the point of attack... Enter a name and a fake serial first...AFTER that go to SICE ( CTRL-D ) and set BPX HMEMCPY... Now press register button...and you are inside the beast..:-)
Now...press F5 once...to jump over name routine..than F12 7 times to land inside the beast... :-) Ok..now trace the damn beast woth F10...You should press F10 32 times....and here is that CALL...( just loock up..is RED...) .. Now go inside the call by pressing ONE time F8...Now trace the data...F10 for 5 times I think...AND BOOM here is the comparation.. cmp eax, edx.... Ok ? NOW let's take a look on EAX and EDX.... Press D EAX and you will see in DATA window the result of encryption... for my name Sir dReAm and 999999 code the result was jPK.]k
I strongly suggest you to copy the result in HEX mode becouse there can be some strange ascii codes...for example that . in my name is NOT really a point..:) SO my result in HEX was : 6A 50 4B 19 5D 6B
Ofcourse when you type D EDX the result will be CuiWei .. :)
NOW is the fun part... WE will change in the program that CuiWei with the result of OUR name and fake serial...SO go to and HexEditor ( HIEW is the BEST ) and change the CuiWei with 6A 50 4B 19 5D 6B ( remember that was the result for my name and my fake code )...
NOW open the cracked proggy enter your fake code and name ( Sir dReAm and 999999 for me ) and DAMN..the BEAST is DOWN !!!!!!
YOU JUST CRACK IT !!! :-) Yes is working...BUT remember..IS WORKING ONLY for your name and your fake code.. :) A nice way to release a crack he ? :)
I really hope this help you a little..:) and maybe we can try to apply this to other similar protection...:-))))
=========================================
The crack can be find it in our main page... http://www.tntcrackers.ws
You can reach us also on EFNET #tntcrackers
Finnaly I wanna greet some people...Sorry if someone is omited..:-)
Xasx - the best commander that I ever seen...
Fat[BIT] - I wainting for you to come HERE ..:)
+DzaCracker - the crackme man...( someday someone will crack YOU ) :-)))))))))))
and ALL TNT!Crackers....really ALL ...WE CAN CRACK ALL ..:)
Ofcourse I MUST greet my Miss L.....
In the final some words about KeyGens...taken from an Astaga tut..:
" Do you keygen ... ?
NO and never! I will not let you register the program
using your own name. Three years ago I talked with Ian
D. Mead and took an empathy how much the Auhor(s) lost
their potential income due to keygen.
( I cracked his crippleware MEDIT - embryo of UltraEdit
... he was just remind me .. whatta wise man )
But keygen is LeetZ !?! yes and no, it depends on your
point of view."
Yeap..I really AGREE with this point of view...Keygens I think is begining to be no more fun..Begining to be some WAR...I think a serial number is enough for you to "evaluate" the proggy...A keygen..I think is too muck...NO MORE money for the authors..and this will mean SOON ..NO MORE shareware... :( Just try to IMAGINE that swareware will stop existing...Sucks , he ?
---------------------------------end of file --------------------------------------
Genuine TNT! tutorial ( copy the lines that is down this to a new created file like a new txt empty file and rename it to anything.com .. IF is not a working TNT com file..YOU have a faked file IN your hand...MY cracks should ALSO contain ALWAYS a TNT!Crackers.COM file)
XPSQVWP2D50D52D5PYAQX2D50D52D5XPH5555JJPYXP500502H4NPZQX404X0G05
CXP400G0C0G0CQX404X0G0CC4X0G0CCQX0G0CXP400G0CCQX404X0G0CXP404XP5
X0G0CCC4X0G0CQX400G0CQX0G0C400G0CXP400G0CQX400G0C4X0G0C4X0G0CQH5
X0G0CXP400G0CQX400G0CQX0G0XV02WAKW949EEAABJRP8PBNMMAC00000LOIMAC
LPAAABLBALDBNLKMJICMDAHCPKDMCKHEBODMAKHCACCMAHNDOAAJMDIAOJAFIAPJ
ADHPOEIAMBAIIIPIIINPDANLKKOLNIFPFOFJFLIJNIPPOG!*TNT!TNT!*TNT!*NK
T0F05FT30EOSHQ3O024HB2350I1SE1F2UEO17J8GN0I13CO1PK8BG050HR0BLMG3
TIK0GT7RNUHG6CVMN74012OT4Q03G8JK0Q54A116H008MH825FC761S1OD003Q1I
024HQ9KA4246A10ASHQGFK700G72D200GF3GB0E6800U5I787G0EG1O1MG0SQ5JK
LIQ01J8MN01G1J8GOES9OMU1O01GA1O0KE2021DP6M0GD401KMGC23KG043J7KLT
800VFT950S0412A50B1VS1KB0U02D2O70DQIH2PMS00QO2M0EK2BS802LGU20SOC
HBGAP2UGMG135VUD22M8IDN006TI405K1R6H1GV2041H281040G208061LRNETPE
EHN78ORIC5HMMPBIECN7ESP04042081040G2081040G2081040G2081040G20810
40G2081040G2010H40G20810AG2148109OG08490AGG2081003G20880OERFBTG3
0C14000003TDIDO400001044VG49I8D53QCHN8OOKKAPI8D552CIUVFUVG281G3T
VG88R43TVP7G4JO2CC14U0ID09HG501MIC1G2T8B6FVUG1O08U1VU0RLUV1ONNUH
SE5RET02VQ6P80RLU738B50312M3OVBL1JV8R803EJQONDSQ0FLUUF7SEK5QP245
K01OJDSQ0FLU0F7UEK38NDRE0BLTCK5CQ30D1Q3J0Q48B503TC3OLO5G83K7I02O
4HVN8D2GHAIPE0TGM3K6K02OVR435P5J1JRF72UOO7LGFGF0185OES03H2IPE0S0
PGG8LM5GM3K4E05GK25E7Q20038UF2DLEG1D3RU3N00I1Q1J02S0G0785K0BHFE0
T0JG0CVVNORG5Q0A033480O8T01G1FI208PTN2K7H01OK878100470VR1DPF2HU3
0F3RL203TRMEPR7CVR18LH7EVR5BI500TJHFRGQN05LG3081J00R00EA07IG20G2
401420J30A3G4813811M0OS0GFGE7G00040G200000Z