WHY PATCHING WHILE SERIAL NUMBER IS FISHY



HardCopy Pro v1.62
A Cracking Tutorial 
by ASTAGA [D4C/C4A]



DISCLAIMER 

This reading material is not intended to violate Copyrights 
and/or it is law, but educational purposes only. I hold no 
responsibility ( by all means and in any shape whatsoever ) 
of the mis-used of this material.


ABOUT THE PROGRAM 

HardCopy Pro, the professional, easy to use screen capture 
utility for Windows 95 / 98 and NT 4.0 or higher. 
It can capture rectangular screen areas and whole windows. 
The captured images can be cropped very easily and the color 
depth can be changed to any desired value from monochrome to 
true color. Images can be saved, copied to the clipboard, 
edited with any image editing program or printed. 
Many options allow the customization of all these actions to 
individual user needs.



WHERE TO DOWNLOAD


Author   	: Desktop Team
Copyright	: Desktop Software, Inc
Homepage 	: http://www.desksoft.com/
URL		: http://www.desksoft.com/Download/HCSetup.zip
Size 		: 123 KB  as of December 27,2000
Rel Date	: December 07, 2000



HOW TO GET VALID SERIAL NUMBER by using SoftIce




1.  	Run HARDCOPY.EXE , click !DEMO tab, click REGISTER NOW 
	button,  in the registration dialog box type these below 
	informations :

	Name	 : Pirates Order
	Code    : 73881050

	Do not click OK button yet
    

2.  Load SoftIce by pressing [ CTRL + D ], set a breakpoint 
    as follow :
    
	BPX HMEMCPY  [enter] and
   	F5  to return to the main program


3.  Now, click OK button... you'll return back into SoftIce!
    Within SoftIce press F11 once then F12 several times 
    until you see and break at :

	_____________________________________________________________
	
	015F:00409EA1  FFD6     	   CALL      ESI  <== break here
	015F:00409EA3  83F802 	   CMP       EAX,02
	015F:00409EA6  742C      	   JZ        00409ED4
	015F:00409EA8  6A00  	   PUSH      00
	015F:00409EAA  E841FFFFFF	   CALL      00409DF0 ==> F8 here
	015F:00409EAF  833D5C43410001 CMP   DWORD PTR [0041435C],01
	....

	015F:00409DF0  55    	PUSH      EBP
	015F:00409DF1  8BEC   	MOV       EBP,ESP
	015F:00409DF3  83EC18	SUB       ESP,18
	015F:00409DF6  56      	PUSH      ESI
	015F:00409DF7  8D45F4    	LEA       EAX,[EBP-0C]
	015F:00409DFA  57     	PUSH      EDI
	015F:00409DFB  50     	PUSH      EAX
	015F:00409DFC  6880894100 	PUSH      00418980
	015F:00409E01  E831FEFFFF 	CALL      00409C37
	015F:00409E06  8D45F4    	LEA       EAX,[EBP-0C]
	015F:00409E09  50      	PUSH      EAX ==> d eax
	015F:00409E0A  E8DCFDFFFF 	CALL      00409BEB
	....
	....
	______________________ HARDCOPY!.text+8DED ___________________

	Press F10 4 times - stop at 015F:00409EAA - press F8 to follow
	this CALL function.
	( NOTE : before step into this call, take your time to dump 
	location 0041435C , you'll several black listed serial numbers
	at virtual 0167:0041435C ).

	After returning call you'll be drop at 015F:00409DF0.
	Press F10 10 times - stop at 015F:00409E09 - dump EAX register

	: d eax  [enter] ==>	did you see 1uoX1OCWNf at 0167:0064F930 ?
				scroll up several lines you'll see your
				name and fake code too.
				Write down this suspicious characters.

                               
4.  Disable all breakpoints by typing 

	BD *   [enter]
	Press F5 or X to return to the main program
     

5.	Repeat registration procedure and keyed-in 1uoX1OCWNf 
	as your S/N. 
	Click REGISTER button .....  there you're registered.


6.	Where the hell is my registration code is stored ??

	The correct registration code is stored in the registry as
	follows : 
	REGEDIT4
	[HKEY_CURRENT_USER\Software\DeskSoft\HardCopy Pro]
	"IniFileTime"=hex:00,52,ef,d2,fe,b2,bf,01
	"HardCopy Pro"=dword:00000000
	"Name"=hex:50,69,72,61,74,65,73,20,4f,72,64,65,72,00,00,
	00,00,00,00,00,00,00,\
  	00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
	00,00,00,00,00,00,\
  	00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
	"Code"=hex:6c,75,6f,58,6c,4f,43,57,4e,66,00


7.  How can I practise with my own user name ?

	-  I strongly recommended you not to do this !




 			E N D   N O T E S


Distributing your serial number is illegal and is no 
	different than distributing illegal 
		copies of the registered 
		 software. Violation of
			this rule may 
			  result in 
	temporary or permanent revocation of this
	     license and cancellation of the 
	              serial number; 
		   the original licensee
	   will also be held responsible for 
	    damages, physical and estimated.


   Do not distribute your crack release based on this tutorial, because
   you become a LAMER(s)!!!!!!!!
   ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of
   personal computer, using Hex Editor, ripping off other group(s)
   crack release, repacking (distro) them under his name. 
   Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) 

    More about LAMER(s):
	lamer /n./ [prob. originated in skateboarder slang]
	Synonym for luser, not used much by hackers but common among warez 
	d00dz, crackers, and phreakers. Oppose elite. Has the same connota
	tions of self-conscious elitism that use of luser does among 
	hackers.
      < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html >


 		Never attribute to malice that which is adequately 
				explained by stupidity


ASTAGA [WTF/TTM/D4C/C4A] tute-hardcopypro162.zip
[EOF] 1/3/01 9:09:01 AM