|
|
|
|
|
|
|
|
iNTROdUCTION :
hi there and wellcome to another tutorial ...
Maybe the worst thing that crackers ever made is tutorials, and you may ask why i'm saying this , will if crackers
DIDN't wrote any tutorials no one will be able to figure out how the crack has been made and they will not be able to
defeat it in the next version , but anyway the crackers are poeple who love knowledge and want to share it with the
world if then can !! unlike other people ( you know whom i'm talking about !! ) ...
pROTEcTION :
This program or shall i say these programz have the same protection , they all need a name and a REgistration code and today we will lean how to find our registration code and also how to write a keygen for it ....
|
o.k like allways install the prog and run it , you will be hit with a nag screen with the button register on it !! so click it and and enter you info , in may case i wrote like this :
Name : FaT[BiT] \ TNT!
Registration Number : 1234567890
i will make things short here , there is no need to see our error message , so fire up softice and set a breakpoint like this one
Bpx Hmemcpy
now press F5 , then click the o.k button and softice will break , press F11, then press F12 for 11 times , clear all the break points , and you will be at this code :
:xxxxxxxx mov eax,[ebp-04] <-- eax has our name
:xxxxxxxx call xxxxxxxx <-- get the length of our name
:xxxxxxxx test eax,eax check if it is empty
:xxxxxxxx jle xxxxxxxx <-- if yes then jump
now trace with the F10 button until you reach to this code :
:xxxxxxxx mov eax,[ebp-10] <-- eax has our name
:xxxxxxxx call xxxxxxxx <-- get the length of our name in eax
:xxxxxxxx imul eax,eax,00893FB4 <-- multiply eax with 00893FB4h = 8994740
now after you have executed the imul command see the value of eax by typing '? eax' and write it down , hols on this is part of our real serial but trace until this command by the F10 button
:xxxxxxxx call xxxxxxxx
:xxxxxxxx mov edx, [ebp-08] <-- our real code in edx
:xxxxxxxx pop eax <-- eax has our fake code
:xxxxxxxx call xxxxxxxx <-- call to check if they are equal
:xxxxxxxx jnz xxxxxxxx <-- if not jump to error message
now when we are at the last call before the jump , check the content of edx by writting 'd edx', and you will see our real code and also check the content of eax , and you will se our fake code , but wait a min , look at our real code and take a good look at it , it has the value of the multiply right !! ... here let me explain (in my case)
The Result from the Multiply : 134921100
The Content of edx :
2806134921100791
i don't have anything to add or to explain i think everything is clear !! but i will list the code for a keygen...
// a keygen for CoolStrip Designer v1.2.4 by FaT[BiT] \ TNT!
#include <stdio.h>
main ()
#include <conio.h>
{
unsigned char name[40] ;
unsigned long code = 0;
clrscr();
printf("------------------------------------------------------------------\n");
printf(" CoolStrip Designer v1.2.4 - Keymaker - by FaT[BiT] \\ TNT!\n");
printf("------------------------------------------------------------------\n\n");
printf("Enter Your Name : ");
gets(name);
if ((code = strlen(name)) != 0) printf("Registration Code : 2806%ld791", code * 8994740);
else printf("Err : No Name Entered.");
return 0;
}
now write this code and save it as xxxxxxxx.c then compile and link it ,run it enter your name and ...
NOTE : now you can try on any other product by Cfi, all you have to do is to change the begining of the registration code and also the end plus to know in what to multiply our name string length with ... that's all
|
tKC ... (for showing me the light !! )
LW2000 ... ( Thanx alot i now use my brain )
[XasX] ... (a very good founder and a very good friend also!)
AzmO ... (yes!! man we are different !! )
Sir dReAm ... (where the FUCK! r ya ? )
ASTAGA ... (i don't mind if u comment this tutorial)
BoneZ ... (thanx alot for the support !!)
BillGameZ, VaibLitzeR, MezUz , and ShaQ ... (good luck to u all !! )
and to all TNT!CRACK!TEAM! members ... (keep up the good work !!)
any comments mail me : fatzbit@linuxmail.org
See ya in another tut !!! Soon !!!
--= EOF =--