SERIAL NUMBER IS FISHY - DECLINE YOUR PATCH'ITCH'ING Spam Slammer v1.1 A Cracking Tutorial by ASTAGA [WTF/TTM] DISCLAIMER This reading material is not intended to violate Copyrights and/or it is law, but educational purposes only. I hold no responsibility ( by all means and in any shape whatsoever ) of the mis-used of this material. Read END NOTES section at the end of this file. ABOUT THE PROGRAM Don't just tolerate spam - slam it! Spam Slammer generates a fake error message that causes spammers to remove your e-mail address from their lists. Features: Save/Delete Server Address and E-mail Address Auto Message Generation Choose From Two Fake Error Messages WHERE TO DOWNLOAD Author : DCM Software Copyright : DCM Software Homepage : http://www.dcmsoftware.bizland.com/software.html URL : http://www.dcmsoftware.bizland.com/slam10.zip http://members.xoom.com/websigns/slam10.zip Size : 570 KB as of Dec 30, 2000 Rel Date : September 24, 2000 HOW TO GET VALID SERIAL NUMBER by using SoftIce This is VB5 based program. Before you apply this tute, make sure that your WINICE.DAT is containing " EXP=c:\windows\system\ msvbvm50.dll " statement. If you prefer using Razzia's or CrackZ's approach then leave this tute, because you should consider ( another way ) if you may sometime cannot applied those most reliable approaches. 1. Run SPAMSLAM.EXE, in the registration dialog box type these below informations : Name : Pirates Order Code : 73881050 Do not click OK button yet 2. Load SoftIce by pressing [ CTRL + D ], set a breakpoint as follow : BPX HMEMCPY [enter] and F5 to return to the main program 3. Now, click OK button... you'll return back into SoftIce! In within SoftIce press F11, F5, F11 once followed with pressing F12 around 12 times until you see and break at : ______________________________________________________________ 015F:7B33154F E8F824FDFF CALL 7B303A4C <== here 015F:7B331554 83BFF40D000000 CMP DWORD PTR [EDI+00000DF4],00 015F:7B33155B 0F85C3B10300 JNZ 7B36C724 015F:7B331561 85C0 TEST EAX,EAX 015F:7B331563 0F8CC6B10300 JL 7B36C72F 015F:7B331569 FF7510 PUSH DWORD PTR [EBP+10] 015F:7B33156C FF75FC PUSH DWORD PTR [EBP-04] 015F:7B33156F E8EED5FDFF CALL 7B30EB62 015F:7B331574 837DFC00 CMP DWORD PTR [EBP-04],00 015F:7B331578 8BF0 MOV ESI,EAX 015F:7B33157A 7411 JZ 7B33158D ... _____________________ MSVBVM50!.text+0004054F ________________ Starting from 015F:7B33154F, press F10 and do some displaying EAX, ECX and EDX registers to see your name, fake code. If you set SoftIce's lines=60, you will encounter around 4 screens before you found these below location, and get into SPAMSLAM main program's code. 4. If you do the right thing you'll land at these below snippet codes : ______________________________________________________________ 015F:0041FE00 684C104200 PUSH 0042104C 015F:0041FE05 E866E6FFFF CALL 0041E470 <== break HERE 015F:0041FE0A 8BD0 MOV EDX,EAX ==> D EAX here 015F:0041FE0C B964104200 MOV ECX,00421064 015F:0041FE11 FFD6 CALL ESI 015F:0041FE13 A13C104200 MOV EAX,[0042103C] 015F:0041FE18 50 PUSH EAX 015F:0041FE19 FFD7 CALL EDI 015F:0041FE1B 8BD0 MOV EDX,EAX 015F:0041FE1D 8D4DE8 LEA ECX,[EBP-18] 015F:0041FE20 FFD6 CALL ESI 015F:0041FE22 8B0D64104200 MOV ECX,[00421064] 015F:0041FE28 50 PUSH EAX 015F:0041FE29 51 PUSH ECX 015F:0041FE2A FFD7 CALL EDI 015F:0041FE2C 8BD0 MOV EDX,EAX 015F:0041FE2E 8D4DE4 LEA ECX,[EBP-1C] 015F:0041FE31 FFD6 CALL ESI 015F:0041FE33 50 PUSH EAX 015F:0041FE34 FF15F4424200 CALL [004242F4] .... ______________________ SPAMSLAM!.text+0001EE00 _______________ Press F10 once - stop at 015F:0041FE0A - display EAX register registers : : d eax [enter] did you see 3.8.3.1.4.4.7.5.5.2.3.0.2. 5.7.9. at virtual address 0167: 00439D94 ??? Write it down. Remember they're all in wide format. EAX=00439D94 EBX=0043A678 ... EDX=00438988 ESI=7B30F8DA EDI=7B3CF2B5 EBP=0065FA88 ... EIP=0041FE0A odIsZaPc --------------------------------------------------------- 0167:00439D94 33 00 38 00...00 35 00 3.8.3.1.4.4.7.5. 0167:00439DA4 35 00 32 00...00 39 00 5.2.3.0.2.5.7.9. 0167:00439DB4 00 00 6D 00...00 00 A0 ..m.e.r. ...4... 4. Disable all breakpoints by typing BD * [enter] Press F5 or X to return to the main program 5. Repeat registration procedure and keyed-in 3831447552302579 as your S/N. Click OK button ..... there you're registered. 6. Where the hell is my registration code is stored ?? The correct registration code is stored in the registry as follows : REGEDIT4 [HKEY_CURRENT_USER\Software\VB and VBA Program Settings\ Spam Slammer Build 01011\Install] "Installation Date"="02<330" "Nr of Times operated"="/" "Registered User"="Pirates Order" "Registration Number"="2;757368966/18;=" 7. How can I practise with my own user name ? - I strongly recommended you not to do this ! E N D N O T E S Distributing your serial number is illegal and is no different than distributing illegal copies of the registered software. Violation of this rule may result in temporary or permanent revocation of this license and cancellation of the serial number; the original licensee will also be held responsible for damages, physical and estimated. Do not distribute your crack release based on this tutorial, because you become a LAMER(s)!!!!!!!! ( tHATDUDE (PC97) defined LAMER(s) is the guy who sits in front of personal computer, using Hex Editor, ripping off other group(s) crack release, repacking (distro) them under his name. Adopted from newsgroup alt.cracks, alt.crackers - February 1997 ) More about LAMER(s): lamer /n./ [prob. originated in skateboarder slang] Synonym for luser, not used much by hackers but common among warez d00dz, crackers, and phreakers. Oppose elite. Has the same connota tions of self-conscious elitism that use of luser does among hackers. < SOURCE: http://sagan.earthspace.net/jargon/jargon_27.html > Never attribute to malice that which is adequately explained by stupidity ASTAGA [WTF/TTM/D4C/C4A] tute-spamslam11.zip [EOF] First Edited : 1/3/01 3:01:32 PM Updated : 1/8/01 2:53:06 AM Breakpoint(s) history : 00) * BPX KERNEL!HMEMCPY 01) * BPX #015F:7B33156F 02) * BPX #015F:0041FD9F 03) BPX #015F:0041FE05 :/file : spamslam11-bpxlist.htm