SERIAL NUMBER IS FISHY - DECLINE YOUR PATCH'ITCH'ING EmEditor v3.12 A Cracking Tutorial by ASTAGA [WTF/TTM] DISCLAIMER This reading material is not intended to violate Copyrights and/or it is law, but educational purposes only. I hold no responsibility ( by all means and in any shape whatsoever ) of the mis-used of this material. Read END NOTES section at the end of this file. ABOUT THE PROGRAM EmEditor is an easy-to-use text editor that offers tons of advantages over the Windows Notepad applet. It can open files of unlimited size (depending on available me mory), with unlimited undo and redo. Its array of potent features includes word wrap, autowrap, no-wrap words, and highlight words; clickable URLs and email addresses; system-tray support; OLE drag-and-drop; and keyboard, toolbar, font, and color customization. More-advanced features include macro recording, custom highlighting parameters for programmers, and full Unicode multilanguage support. In addition, the main window can be split into as many as four panes, the program is compatible with Microsoft IntelliMouse and double-byte characters, and it can define multiple configurations and associate file extensions. Furthermore, it can find and replace text in standard text files, and it has a grep-like function that lets you search for text in any file. Features : o EmEditor v3 supports Unicode, which is a satisfactory encoding method to edit multiple languages. Not only can you open Unicode files but also you can edit files as Unicode so you can display multiple languages at the same time. Moreover, the new EmEditor supports UTF-8 and UTF-7 encodings and foreign language code pages available on Windows. o EmEditor v3 supports Plug-Ins, which extend the funct ions of EmEditor. The Plug-Ins are DLL files and when you use EmEditor these Plug-Ins can be used by moving them into the Plug-Ins folder which was installed with EmEditor. The Plug-Ins help is available so that you can make your own plug-ins for your needs. o FAQ / HELP : http://www.emurasoft.com/emeditor3/hilite.htm o PLUGINS : http://www.emurasoft.com/emeditor3/plugins_kksoft ware.htm WHERE TO DOWNLOAD Author : Yutaka Emura Copyright : EmuraSoftware Homepage : http://www.emurasoft.com/emeditor3/index.htm URL : http://www.emurasoft.com/software.htm Size : KB as of Rel Date : 23 Jan 2001 HOW TO SELF REGISTERING THIS PROGRAM by using SoftIce 1. Run EMEDITOR.EXE, in the registration dialog box type these below information : Code : 7388-1050-2000-2001 Do not click OK button yet 2. Load SoftIce by pressing [ CTRL + D ], set a breakpoint as follow : BPX GETDLGITEMINT [enter] and F5 to return to the main program 3. Now, click OK button... you'll return back into SoftIce! In within SoftIce press F5 3 times, then F11 until you see and break at : ______________________________________________________________ 015F:004179C0 FF157C434300 CALL [USER32!GetDlgItemInt] 015F:004179C6 668907 MOV [EDI],AX 015F:004179C9 46 INC ESI 015F:004179CA 47 INC EDI 015F:004179CB 47 INC EDI 015F:004179CC 83FE04 CMP ESI,04 015F:004179CF 7CE3 JL 004179B4 015F:004179D1 8D45F4 LEA EAX,[EBP-0C] 015F:004179D4 50 PUSH EAX 015F:004179D5 E8F5FEFFFF CALL 004178CF 015F:004179DA 3BC3 CMP EAX,EBX 015F:004179DC 5F POP EDI 015F:004179DD 742A JZ 00417A09 (NO JUMP) <== !!!! 015F:004179DF 33C9 XOR ECX,ECX 015F:004179E1 83F802 CMP EAX,02 015F:004179E4 0F95C1 SETNZ CL 015F:004179E7 49 DEC ECX 015F:004179E8 6A30 PUSH 30 015F:004179EA 83E103 AND ECX,03 015F:004179ED 81C154040000 ADD ECX,00000454 __________________ EMEDITOR!.text+000169C0 ___________________ Break due to BPX USER32!GetDlgItemInt Press F10 12 times - stop at 015F:004179DD - let's change this JZ into JNZ instruction. Do this following steps : : A [enter] 015F:004179DD JNZ 00417A09 [enter] 015F:004179DF Press [ESC] key Did you see the difference ? Now at 015F:004179DD has jump indicator at the right side. Step pass ( press F10 ) this JNZ instruction, you are now dropped at these below snippet codes : 015F:00417A09 C605CC09440001 MOV BYTE PTR [004409CC],01 015F:00417A10 E8A9FDFFFF CALL 004177BE ... ... 015F:00417A42 50 PUSH EAX 015F:00417A43 6A03 PUSH 03 _________________________ EMEDITOR!.text+00016A04 _______________ Keep continue pressing F10 until you these below following snippet codes : 015F:00417A43 6A03 PUSH 03 015F:00417A45 8D45D4 LEA EAX,[EBP-2C] 015F:00417A48 53 PUSH EBX 015F:00417A49 50 PUSH EAX 015F:00417A4A 56 PUSH ESI 015F:00417A4B FF1510404300 CALL [ADVAPI32!RegSetValueExA] 015F:00417A51 3BC3 CMP EAX,EBX 015F:00417A53 7406 JZ 00417A5B 015F:00417A55 50 PUSH EAX 015F:00417A56 E8E6ACFFFF CALL 00412741 015F:00417A5B 56 PUSH ESI 015F:00417A5C FF1504404300 CALL [ADVAPI32!RegCloseKey] 015F:00417A62 6A40 PUSH 40 015F:00417A64 6855040000 PUSH 00000455 015F:00417A69 E854ACFFFF CALL 004126C2 ===> ***** 015F:00417A6E 6A01 PUSH 01 015F:00417A70 EB89 JMP 004179FB 015F:00417A72 FF7508 PUSH DWORD PTR [EBP+08] ____________________ EMEDITOR!.text+00016A43 _________________ Start from 015F:00417A43 - press F10 15 times - when you step pass CALL instruction at 015F:00417A69 you'll return to the main program and a classic message " Thank you for registering " will appear on your screen. Just click OK to confirm, soon afterward you'll back again into SoftIce and dropped at 015F:00417A6E. 7. Disable all breakpoints by typing BD * [enter] Press F5 or X to return to the main program 8. In the main program clik HELP/ABOUT submenu, ..... there you're registered. 9. Where the hell is my registration code is stored ?? The correct registration code is stored in the registry as follows : REGEDIT4 [HKEY_LOCAL_MACHINE\Software\EmSoft\Regist] "EmEditor-2-tm"=hex:20,23,f4,b3,ff,8e,c0,01 "EmEditor-2"=hex:ae,06,5e,22,f0,1e,c1,00 Note : Deletion over these 2 keys may caused the program returned into UnRegistered. 10. How can I practise with my own user name ? - I strongly recommended you not to do this ! E N D N O T E S Distributing your serial number is illegal and is no different than distributing illegal copies of the registered software. Violation of this rule may result in temporary or permanent revocation of this license and cancellation of the serial number; the original licensee will also be held responsible for damages, physical and estimated. Do not distribute your crack release based on this tutorial, because you become a LAMER(s)!!!!!!!! ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of personal computer, using Hex Editor, ripping off other group(s) crack release, repacking (distro) them under his name. Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) More about LAMER(s): lamer /n./ [prob. originated in skateboarder slang] Synonym for luser, not used much by hackers but common among warez d00dz, crackers, and phreakers. Oppose elite. Has the same connota tions of self-conscious elitism that use of luser does among hackers. < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html > Never attribute to malice that which is adequately explained by stupidity ASTAGA [WTF/TTM/D4C/C4A] tute-emedit312.zip [EOF] 2/5/01 2:25 AM