WHY PATCHING WHILE SERIAL NUMBER IS FISHY HardCopy Pro v1.62 A Cracking Tutorial by ASTAGA [D4C/C4A] DISCLAIMER This reading material is not intended to violate Copyrights and/or it is law, but educational purposes only. I hold no responsibility ( by all means and in any shape whatsoever ) of the mis-used of this material. ABOUT THE PROGRAM HardCopy Pro, the professional, easy to use screen capture utility for Windows 95 / 98 and NT 4.0 or higher. It can capture rectangular screen areas and whole windows. The captured images can be cropped very easily and the color depth can be changed to any desired value from monochrome to true color. Images can be saved, copied to the clipboard, edited with any image editing program or printed. Many options allow the customization of all these actions to individual user needs. WHERE TO DOWNLOAD Author : Desktop Team Copyright : Desktop Software, Inc Homepage : http://www.desksoft.com/ URL : http://www.desksoft.com/Download/HCSetup.zip Size : 123 KB as of December 27,2000 Rel Date : December 07, 2000 HOW TO GET VALID SERIAL NUMBER by using SoftIce 1. Run HARDCOPY.EXE , click !DEMO tab, click REGISTER NOW button, in the registration dialog box type these below informations : Name : Pirates Order Code : 73881050 Do not click OK button yet 2. Load SoftIce by pressing [ CTRL + D ], set a breakpoint as follow : BPX HMEMCPY [enter] and F5 to return to the main program 3. Now, click OK button... you'll return back into SoftIce! Within SoftIce press F11 once then F12 several times until you see and break at : _____________________________________________________________ 015F:00409EA1 FFD6 CALL ESI <== break here 015F:00409EA3 83F802 CMP EAX,02 015F:00409EA6 742C JZ 00409ED4 015F:00409EA8 6A00 PUSH 00 015F:00409EAA E841FFFFFF CALL 00409DF0 ==> F8 here 015F:00409EAF 833D5C43410001 CMP DWORD PTR [0041435C],01 .... 015F:00409DF0 55 PUSH EBP 015F:00409DF1 8BEC MOV EBP,ESP 015F:00409DF3 83EC18 SUB ESP,18 015F:00409DF6 56 PUSH ESI 015F:00409DF7 8D45F4 LEA EAX,[EBP-0C] 015F:00409DFA 57 PUSH EDI 015F:00409DFB 50 PUSH EAX 015F:00409DFC 6880894100 PUSH 00418980 015F:00409E01 E831FEFFFF CALL 00409C37 015F:00409E06 8D45F4 LEA EAX,[EBP-0C] 015F:00409E09 50 PUSH EAX ==> d eax 015F:00409E0A E8DCFDFFFF CALL 00409BEB .... .... ______________________ HARDCOPY!.text+8DED ___________________ Press F10 4 times - stop at 015F:00409EAA - press F8 to follow this CALL function. ( NOTE : before step into this call, take your time to dump location 0041435C , you'll several black listed serial numbers at virtual 0167:0041435C ). After returning call you'll be drop at 015F:00409DF0. Press F10 10 times - stop at 015F:00409E09 - dump EAX register : d eax [enter] ==> did you see 1uoX1OCWNf at 0167:0064F930 ? scroll up several lines you'll see your name and fake code too. Write down this suspicious characters. 4. Disable all breakpoints by typing BD * [enter] Press F5 or X to return to the main program 5. Repeat registration procedure and keyed-in 1uoX1OCWNf as your S/N. Click REGISTER button ..... there you're registered. 6. Where the hell is my registration code is stored ?? The correct registration code is stored in the registry as follows : REGEDIT4 [HKEY_CURRENT_USER\Software\DeskSoft\HardCopy Pro] "IniFileTime"=hex:00,52,ef,d2,fe,b2,bf,01 "HardCopy Pro"=dword:00000000 "Name"=hex:50,69,72,61,74,65,73,20,4f,72,64,65,72,00,00, 00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00, 00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 "Code"=hex:6c,75,6f,58,6c,4f,43,57,4e,66,00 7. How can I practise with my own user name ? - I strongly recommended you not to do this ! E N D N O T E S Distributing your serial number is illegal and is no different than distributing illegal copies of the registered software. Violation of this rule may result in temporary or permanent revocation of this license and cancellation of the serial number; the original licensee will also be held responsible for damages, physical and estimated. Do not distribute your crack release based on this tutorial, because you become a LAMER(s)!!!!!!!! ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of personal computer, using Hex Editor, ripping off other group(s) crack release, repacking (distro) them under his name. Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) More about LAMER(s): lamer /n./ [prob. originated in skateboarder slang] Synonym for luser, not used much by hackers but common among warez d00dz, crackers, and phreakers. Oppose elite. Has the same connota tions of self-conscious elitism that use of luser does among hackers. < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html > Never attribute to malice that which is adequately explained by stupidity ASTAGA [WTF/TTM/D4C/C4A] tute-hardcopypro162.zip [EOF] 1/3/01 9:09:01 AM