SERIAL NUMBER IS FISHY - DECLINE YOUR PATCH'ITCH'ING Desktop Detective v2.1 A Cracking Tutorial by ASTAGA [WTF/TTM] DISCLAIMER This reading material is not intended to violate Copyrights and/or it is law, but educational purposes only. I hold no responsibility ( by all means and in any shape whatsoever ) of the mis-used of this material. Read END NOTES section at the end of this file. ABOUT THE PROGRAM Desktop Detective brings Surviellance to your Desktop, presenting you with a detailed and graphic report of the daily activities on a PC System. Just like a Detective, the Desktop Detective operates discretely in the back ground, tracking and logging all user input and applica tion usage. Desktop Detective was developed to assist IT managers, office staff and family PC owners keep a check on how a particular PC is being operated and by whom. For what ever reason it may be, the Desktop Detective is a power ful tool which returns the information or evidence that you may need. WHERE TO DOWNLOAD Author : BITLOGIC SOFTWARE Copyright : BITLOGIC SOFTWARE Homepage : http://www.bitlogic.co.uk/software.htm URL : http://www.bitlogic.co.uk/ddinstall.exe Size : 761 KB as of January 10, 2001 Rel Date : February 13, 2000 HOW TO GET VALID SERIAL NUMBER by using SoftIce I thought i'll found something new in this new release, but, it's not !. Like or not the S/N is remain the same with previous version ..... sigh. 1. Run DDMAIN.EXE, in the registration dialog box type these below informations : Code : 738810506969 Do not click OK button yet 2. Load SoftIce by pressing [ CTRL + D ], set a breakpoint as follow : BPX hmemcpy [enter] and F5 to return to the main program 3. Now, click OK button... you'll return back into SoftIce! In within SoftIce press F11, then F12 11 times until you see and break at : ______________________________________________________________ 015F:004DC8A7 E87859F5FF CALL 00432224 015F:004DC8AC 8B45F4 MOV EAX,[EBP-0C] 015F:004DC8AF BA18C94D00 MOV EDX,004DC918 015F:004DC8B4 E87F77F2FF CALL 00404038 015F:004DC8B9 750D JNZ 004DC8C8 _________________________ DDMAIN!CODE+000DB8A7 _____________ : bd 00 [enter] ==> no longer needed : bpx 015F:00477F2C [enter] Press F10 once - stop at 015F:004DC8AF - display EAX register : d eax [enter] ==> your fake code at vrtual address 0167:00DABF28 . Press F10 2 times - stop at 015F:004DC8B4 - display EDX register : d edx [enter] ==> can you see 171200200101 at vrtual address 0167:004DC918 ?? Write it down. 5. Disable all breakpoints by typing BD * [enter] Press F5 or X to return to the main program 6. Repeat registration procedure and keyed-in 171200200101 as your S/N. Click OK button ..... there you're registered. 7. Where the hell is my registration code is stored ?? The correct registration code is stored in the registry as follows : REGEDIT4 [HKEY_LOCAL_MACHINE\Software\iteecom\ddservice] "Version"="2.0.0.0" "Installed"=hex:5a,ba,0c,2b,c1,04,e2,40 "ActivationCode"="171200200101" "System"=dword:0000000 8. How can I practise with my own user name ? - I strongly recommended you not to do this ! E N D N O T E S Distributing your serial number is illegal and is no different than distributing illegal copies of the registered software. Violation of this rule may result in temporary or permanent revocation of this license and cancellation of the serial number; the original licensee will also be held responsible for damages, physical and estimated. Do not distribute your crack release based on this tutorial, because you become a LAMER(s)!!!!!!!! ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of personal computer, using Hex Editor, ripping off other group(s) crack release, repacking (distro) them under his name. Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) More about LAMER(s): lamer /n./ [prob. originated in skateboarder slang] Synonym for luser, not used much by hackers but common among warez d00dz, crackers, and phreakers. Oppose elite. Has the same connota tions of self-conscious elitism that use of luser does among hackers. < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html > Never attribute to malice that which is adequately explained by stupidity ASTAGA [WTF/TTM/D4C/C4A] tute-ddetective21.zip [EOF] 1/11/01 1:30:24 AM