Cracking Tutorial 33

Cracking Tutorial #33:
CrAcKiNG QuickMemo 1.5 & WorkLog4All 3.26 by hardcoded serials
[cracked bY:] sLeEpY¿[FWA/NWA/FTPR8Z] iN 05/2002
[difficulty:] beginner
[where:] http://www.image-integration.com
[tOOLz:] W32dasm 8.93, Hiew 6.1

QuickMemo 1.5
1.84M

License Agreement for Unregistered Version
You are licensed to use this program for evaluation purposes without charge for a
period of 30 days, beginning from the first installation. After this trial period,
you must register the software or remove it from your system. Unregistered use of
QuickMemo after the 30-day evaluation period is in violation of international copyright
law.

The shareware version of QuickMemo is full-featured. No capabilities have been limited
nor removed.

Well ok, i have 30 days by law that i can crack this prog or not crack it, well im only
gonna use this prog for a few mins before i delete it, just to see the protection. And
it is very sad.

Try to reg the prog and no error message, erg..Open it in w32dasm.

Disassembled lets look at the SDR, interesting stuff:

"\Registered"
"\RegisteredE.rtf"
"GZ3-12003" <--HMM...

So we can save a lot of time and put in GZ3-12003 as our code and we are registered!
Another hardcoded serial.

Lets crack this another way too using w32dasm:

* Possible StringData Ref from Data Obj ->"GZ3-12003"
|
:004013CA BBF0A04000 mov ebx, 0040A0F0

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004013EB(C)
|
:004013CF 53 push ebx
:004013D0 FFB600020000 push dword ptr [esi+00000200]

* Reference To: MSVCRT.strcmp, Ord:02B8h
|
:004013D6 E84B410000 Call 00405526
:004013DB 59 pop ecx
:004013DC 85C0 test eax, eax
:004013DE 59 pop ecx
:004013DF 740E je 004013EF <-our jump
:004013E1 83C31F add ebx, 0000001F
:004013E4 47 inc edi
:004013E5 81FB64A24000 cmp ebx, 0040A264
:004013EB 7CE2 jl 004013CF
:004013ED EB6A jmp 00401459

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004013DF(C)
|

* Possible StringData Ref from Data Obj ->"\RegisteredE.rtf"

:004013EF 689CA04000 push 0040A09C
:004013F4 8D4DF0 lea ecx, dword ptr [ebp-10]

Ok open up this file, its in the programs directory: RegisteredE.rtf
Notice it says:
*** Registered Version ***
Thank you for your purchase

So this would mean that we need to take the jump here:
:004013DF 740E je 004013EF
to get to that point, because it we take any of the other jumps:
:004013EB 7CE2 jl 004013CF
:004013ED EB6A jmp 00401459
We will be past that to not regged.

So change this:
:004013DF 740E je 004013EF (offset 13DF)
to this:
:004013DF EB0E jmp 004013EF

Now any keycode works, er any letter or number. Registration stays so app is cracked!

Well on that site is another prog that can be downloaded called WorkLog4All 3.26

Disassmble and check out the SDR on this one, we know the last had a hardcoded serial
so why not this one:

In the SDR window we notice these:
"375-elf-376"
"375-iez-973"
"375-luy-111"

Try one, free reg codes! I would almost bet that all the progs on that page have
hard-coded serials. Nothing like that for a 1 minute crack.

laters

email me if you are bored: sleepy@linuxwaves.com

._Tutorialz_.
[ 1. Cracking Cosmi's Generic Installshield Protection ]
[ 2. CRACKING(?) MATH WORKSHOP 2.0 ]
[ 3. CrAcKiNG DLSuperCBT Resynchronizing Byte Compare Program ]
[ 4. CrAcKiNG the nag on DLSuperCBF - Dir Binary File Compare Program ]
[ 5. CrAcKiNG n)0(va crackme v3 (crazy approach) ]
[ 6. CrAcKiNG mIRC(R) v5.91 Internet Relay Chat Client ]
[ 7. CrAcKiNG Actionizer 1.4 ]
[ 8. CrAcKiNG Tag Wizard 4.3.0 ]
[ 9. CrAcKiNG Freecell for Win2k and WinXP ]
[10. CrAcKiNG Netrace 1.0a ]
[11. CrAcKiNG Winrar 3 Beta 2 THROUGHLY ]
[12. CrAcKiNG Aditor Pro 3.05 build 1 ]
[13. CrAcKiNG EasyType 1.0 ]
[14. CrAcKiNG The Psychedelic Screen Saver v2002.0215 ]
[15. CrAcKiNG Applet Headline Factory Version 4.0 ]
[16. CrAcKiNG Codewhiz Editor Version 1.7 (build 1.01b) ]
[17. CrAcKiNG iuVCR 4.0.0.205 beta5 Trial (R_02-28-2002) ]
[18. CrAcKiNG The Weakest Link -NOCD- ]
[19. CrAcKiNG Blowfish 2000 V2.3 by finding a valid serial ]
[20. CrAcKiNG the CD Check in Tony Hawk Pro Skater 3 ]
[21. CrAcKiNG DLL Show 4.7 bY Turning it Into its Own Keygen ]
[22. CrAcKiNG Opera 6.01 bY making a valid serial and manually unpacking Aspack ]
[23. CrAcKiNG Tickle 2.8 with w32dasm, & finding a valid serial with SI hmemcpy ]
[24. CrAcKiNG AxMan 3.12 with a valid serial using softice Hmemcpy ]
[25. CrAcKiNG Acid_Cool_178 Assembler Crackme01 using W32dasm ]
[26. CrAcKiNG Mirc 6.1 bY finding a valid serial using Softice Hmemcpy ]
[27. CrAcKiNG Bitmap to Icon 3.5 two ways with w32dasm & Softice ]
[28. CrAcKiNG Power Edit 1.1 by unpacking UPX w/procdump and using w32dasm, then]
[ finding a valid serial with Softice ]
[29. CrAcKiNG Blackboard Encrypt 1.1 using w32dasm and resource hacker ]
[30. CrAcKiNG Wine Label 3 by changing 6 bytes in the program ]
[31. CrAcKiNG WinRescue XP 1.07.06 with a hardcoded serial ]
[32. CrAcKiNG Artgem 1.2 ]
[33. CrAcKiNG QuickMemo 1.5 & WorkLog4All 3.26 by hardcoded serials ]

gReEtz: MiNioN, GreycZ, KlutCh, KiNgEr, MidNight, FWA, NWA, FTPiRatEz! HAR! BEASTFXP!
This one was cracked on request from TJ.

CopyLeft:
sLeEpY¿
[all rights reversed]
Boredom causes crackers and babies.
Visit http://zor.org/sleepy