------------ HOW TO FIND REAL SERIAL NUMBER BY USING SOFTICE --------------- Program : Flash 32 Version 3.10 File Size : 1.76MB Web-site : http://www.logipole.com/indexe.html Cracked By : Ex3cutor Email : Ex3cutor@hotmail.com About the program : Flash 32 is a powerful screen, image and sound capture tool. Use your mouse to capture a portion of the screen (any shape, any size), an individual window component, an entire window or a full screen. Capture from scanner, from your audio card (save under WAV, MP3), from files (exe, dll, ani, cur, bmp, ico, icl...), from the clipboard, include the cursor or not, or even another cursor. Captures can be saved in a wide variety of image formats (97 different, including jpeg, gif, tif, tga, eps, vrml, png, pcd, psd...) You can even capture web sites, images from the Internet cache, images from webcams all over the Internet and produce videos clips. Other neat features include image resizing, cropping, filters, color adjustment, definable hotkeys, automated captures, printing, animation production (avi, mpeg, fli, flc). Flash 32 produces buttons, screen savers, animated cursors, wallpapers, desktop themes, windows logos... Flash 32 is a handy tool for anyone who needs to capture, create animations or convert images easily. ******************** START SEARCHING FOR THE REAL LICENCE KEY ***************************** 1) Start Flash 32 Version 3.10 Show the registration box Key in as follows : Name : First Name : Ex3cutor Key : 1234567890 2) Press 'OK' .... An error message will appear to say that your key is INVALID ! This is expected as our key is FAKE ! What we do now is to remember the error message : "Invalid Key Please enter your name and key as they have been delivered to you" 3) Now, disassemble the program and do a dead listing by W32Dasm ... Go to 'Refs' -> 'String Data References' and search for our error message "Invalid Key" It will lead you to the following codes : * Possible StringData Ref from Data Obj ->"Invalid key" | :0041FC42 68C8C04500 push 0045C0C8 :0041FC47 55 push ebp 4) Trace the codes a bit backward, and stop at * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:0041FBF2(C) | :0041FC13 8B442410 mov eax, dword ptr [esp+10] :0041FC17 8D9424BC000000 lea edx, dword ptr [esp+000000BC] :0041FC1E 35F0BD6824 xor eax, 2468BDF0 :0041FC23 52 push edx :0041FC24 A398A94600 mov dword ptr [0046A998], eax :0041FC29 E8E3010200 call 0043FE11 :0041FC2E 8B0D98A94600 mov ecx, dword ptr [0046A998] :0041FC34 83C404 add esp, 00000004 :0041FC37 3BC1 cmp eax, ecx :0041FC39 742E je 0041FC69 :0041FC3B 6A10 push 00000010 * Possible StringData Ref from Data Obj ->"Register" | :0041FC3D 6830A24500 push 0045A230 * Possible StringData Ref from Data Obj ->"Invalid key" | :0041FC42 68C8C04500 push 0045C0C8 :0041FC47 55 push ebp See the code at 0041FC37 ? It is a comparison !!! (cmp eax, ecx) This is a good place where we start ! We can assume this is where the FAKE key and the REAL key are compared ! If they are equal, it will jump directly to the code 0041FC69. Otherwise, just print out the error message ! So, remember this code address : 0041FC13 5) Ok ! Let's start to fnd the REAL key by SOftIce now ! Repeat step (1) However, do NOT press 'OK' this time ! Fire up SoftIce by pressing "Ctrl D" and set a breakpoint as follow : bpx getdlgitemtexta [Enter] then press F5 to return back to the program 6) Now, click "OK" to go back to SoftIce. Type bc * [Enter] to clear our breakpoint Then, press F12 ONCE to reach to the following codes : :0041FA9E 85C0 test eax, eax :0041FAA0 7538 jne 0041FADA :0041FAA2 6A10 push 00000010 If nothing goes wrong, you'll be stopped at :0041FA9E 85C0 test eax, eax 7) Set another break point by typing bpx 0041FC13 [Enter] Press F5 ONCE ! If nothing goes wrong, you'll stop at the following codes : :0041FC13 8B442410 mov eax, dword ptr [esp+10] :0041FC17 8D9424BC000000 lea edx, dword ptr [esp+000000BC] :0041FC1E 35F0BD6824 xor eax, 2468BDF0 :0041FC23 52 push edx :0041FC24 A398A94600 mov dword ptr [0046A998], eax :0041FC29 E8E3010200 call 0043FE11 :0041FC2E 8B0D98A94600 mov ecx, dword ptr [0046A998] :0041FC34 83C404 add esp, 00000004 :0041FC37 3BC1 cmp eax, ecx :0041FC39 742E je 0041FC69 :0041FC3B 6A10 push 00000010 8) Press F10 twice to reach :0041FC1E 35F0BD6824 xor eax, 2468BDF0 Type d edx [Enter] What did you see ?? it's our FAKE key ! (which is 1234567890 at this case) 9) Press F10 4 more times to reach :0041FC2E 8B0D98A94600 mov ecx, dword ptr [0046A998] Type ? eax [Enter] What did you see this time ??? It's our FAKE key again ! 10) Press F10 1 more time to reach :0041FC34 83C404 add esp, 00000004 In order to retrieve the REAL key, what we need to do is just to type ? ecx [Enter] HeHeHe .... Here we go - the REAL key ! (which is 3368081549) 11) Exit SoftIce and register again with the REAL key ! Go to 'About' Wow ! This software is now registered !!! Enjoy :) ******************************** END ***************************************