SERIAL NUMBER IS FISHY - DECLINE YOUR PATCH'ITCH'ING
Customizer 2000 v5.7
A Cracking Tutorial
by ASTAGA [D4C/C4A]
DISCLAIMER
This reading material is not intended to violate Copyrights
and/or it is law, but educational purposes only. I hold no
responsibility ( by all means and in any shape whatsoever )
of the mis-used of this material.
Read END NOTES section at the end of this file.
ABOUT THE PROGRAM
Customizer 2000 is a special utility which is designed to
optimize Windows 95/98/Me performance. The program lets
you explore the many hidden settings in Windows, and make
changes. Modifying a setting simply involves reading a
helpful description, and clicking a checkbox. Customizer
2000 allows you to change boot-up options, as well as
your registered name and organization, and the location
of the Windows directory. You can also have unknown file
types automatically opened with Notepad; enable a CD-ROM
cache; customize the Start Menu; and remove the arrows
from your desktop shortcuts. In addition, the program
includes an Internet optimization function which can
improve your modem throughput.
What's new in version 5.7 ?
* Fully compatible with RAM Idle v3.1
* Fix a few small problem which found in the previous
version.
WHERE TO DOWNLOAD
Author : Priyo Hutomo
Copyright : Priyo Hutomo ( Antapani Software )
Homepage : http://www.tweaknow.com
URL : http://www.tweaknow.com/Cstmiz/cstmiz.zip
Size : 580 KB as of December 17,2000
Rel Date : November 2000
HOW TO GET VALID SERIAL NUMBER by using SoftIce
1. Run CUSTOMIZER.EXE, in the registration dialog box type these
below information :
Code : 738810509
Let your cursor remain in the regisrtation field box.
2. Load SoftIce by pressing [ CTRL + D ], set a breakpoint as follow :
BPX hmemcpy [enter] and
F5 to return to the main program
3. Now, press BACKSPACE once, you'll return back into SoftIce!
In within SoftIce press F11, F5, F11, followed with F12
13 times until you see and break at :
______________________________________________________________
015F:00460345 E87ADDFCFF CALL 0042E0C4
015F:0046034A 8B45FC MOV EAX,[EBP-04] <== break here
015F:0046034D BA78044600 MOV EDX,00460478
015F:00460352 E8ED39FAFF CALL 00403D44
015F:00460357 0F85E6000000 JNZ 00460443
...
___________________ CUSTOMIZER!CODE+0005F345 _______________
Break due to BPX KERNEL!HMEMCPY
Create a new breakpoint by typing :
: bc 00 [enter] ==> no longer needed
: BPX 015F:00460345 [enter]
Press F10 once - stop at 015F:0046034D - display EAX register
: d eax [enter] see that fake code at virtual address
0167:00C141FC ???
Press F10 once - stop at 015F:00460352 - display EDX register
: d edx [enter] there is 18121981 at virtual address
0167:00460478 , don't you think this one
is a reg code ??? Write it down.
5. Disable all breakpoints by typing
BD * [enter]
Press F5 or X to return to the main program
8. Repeat registration procedure and keyed-in 18121981 as your S/N.
Click OK button ..... there you're registered.
9. Where the hell is my registration code is stored ??
The correct registration code is stored somewhere in the
CONFIG.DAT file. In addition valid s/n is hardcoded within
.EXE at hex offset #5F878.
Here is the fact in CONFIG.DAT file after registered :
Difference(s) between config.org & config.dat
config.org <==== original config.dat file
00000000: 01 00 ***
00000004: 01 00
0000000C: 13 0B ***
00000010: 00 FD
00000011: 00 FF
00000012: 00 FF
00000013: 00 FF
10. Now let's play a fool with the program by using Hex Editor.
Make a backup of CUSTOMIZER.EXE say CUSTOMIZER.ORG .
Make a backup of CONFIG.DAT ( unregged ) say CONFIG.ORG .
Open up that EXE with Hex Editor ( iam using HIEW ), goto
hex offset #5F878 and replace 18121981 with 11111111, then
save your work.
Run the program and register with 11111111 ... of course
it will accepted and CONFIG.DAT will be updated with new
reg code. Quit the program and delete CUSTOMIZER.EXE ,
rename .ORG back to CUSTOMIZER.EXE.
Run the program, he's still registered ! Strange right ?
and here are the fact in the CONFIG.DAT ... some infoS
were missing ( indicated with *** ) but file size is still
20 bytes long.
Difference(s) between config.org & config.dat
config.org
00000004: 01 00
00000010: 00 FF
00000011: 00 FF
00000012: 00 FF
00000013: 00 FF
I didn't explore this modified program, so, if something
happen with your PC it is your own responsibility !
11. How can I practise with my own user name ?
- I strongly recommended you not to do this !
E N D N O T E S
Distributing your serial number is illegal and is no
different than distributing illegal
copies of the registered
software. Violation of
this rule may
result in
temporary or permanent revocation of this
license and cancellation of the
serial number;
the original licensee
will also be held responsible for
damages, physical and estimated.
Do not distribute your crack release based on this tutorial, because
you become a LAMER(s)!!!!!!!!
( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of
personal computer, using Hex Editor, ripping off other group(s)
crack release, repacking (distro) them under his name.
Adopted from newsgroup alt.cracks, alt.crackers - February 1997 )
More about LAMER(s):
lamer /n./ [prob. originated in skateboarder slang]
Synonym for luser, not used much by hackers but common among warez
d00dz, crackers, and phreakers. Oppose elite. Has the same connota
tions of self-conscious elitism that use of luser does among
hackers.
< SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html >
Never attribute to malice that which is adequately
explained by stupidity
ASTAGA [D4C/C4A] tute-customizer2000v57.zip
[EOF] 12/17/00 6:08:55 PM