|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
iNTROdUCTION :
hi there and wellcome to another tutorial ...
i think sometimes there is nothin fare in this crazy world , maybe u been in some places where some ppl have alot of luck
and still they through it away , when u really need it , today i have been in this situation where some ppl have it all , but
came to think it , we don't really need luck we can make it !! ... trust me we can !!
pROTEcTION :
o.k this proggy needs a name and a code to register , and plus it will give unlock code to send it to the company to send you back the code ... but in this tutorial we will find our code and we also gona make a keygen to generate any code for any name and unlock code .... so let the show begin !!
|
|
o.k install the prog and run it , then click on register , u will see a window with 2 textboxes one for the name and one for the code , and u will also see that there is a code on the 2nd textbox , and if read the blue text under u will see that this code is our unlock code , now u can copy this code and keep it in a safe place , and then enter ur info , in my case i wrote :
Name : FaT[BiT] \ TNT!
Code : 1234567890
now before u click on the register button set a breakpoint like this one :
bpx hmemcpy
then exit softice and press the register button , softice will break so press F11 then press F12 for 11 times , and u will land at this code below :
:0045FCA2 8B85F0FEFFFF mov eax, dword ptr [ebp+FFFFFEF0] <-- eax has our name
NOTE : the (...) means trace with the F10 until u reach the code.
:0045FCA8 E88739FAFF call 00403634 <-- get the length of our name
...
:0045FCEA 8B85F0FEFFFF mov eax, dword ptr [ebp+FFFFFEF0] <-- eax has our name
:0045FCF0 8A4430FF mov al, byte ptr [eax+esi-01] <-- al has a char. from our name
:0045FCF4 3C20 cmp al, 20 <-- compare it with 20h = 32 = space
:0045FCF6 7502 jne 0045FCFA <-- if it is not space then jump
:0045FCF8 B064 mov al, 64 <-- if it is space then replace it with 64h = "d"
:0045FCFA 25FF000000 and eax, 000000FF <-- clear the eax register except the al
:0045FCFF 03F8 add edi, eax <-- add it to edi
:0045FD01 81C796000000 add edi, 00000096 <-- add to edi 96h = 150
:0045FD07 46 inc esi
:0045FD08 FF4DF4 dec [ebp-0C]
:0045FD0B 75CC jne 0045FCD9 <-- check if it's the end of our name if not loop again
:0045FD0D BA80004600 mov edx, 00460080 <-- edx has the string = "A10-24F-"
...
:0045FD3D 8BC7 mov eax, edi <-- eax has the value from the upper algo.
:0045FD3F E87C5FFAFF call 00405CC0 <-- this call convert the value to string
:0045FD44 8B95ECFEFFFF mov edx, dword ptr [ebp+FFFFFEEC] <-- and put the result in edx
...
:0045FD68 8B95E8FEFFFF mov edx, dword ptr [ebp+FFFFFEE8] <-- edx have our unlock code
:0045FD6E 58 pop eax
:0045FD6F E8C838FAFF call 0040363C <-- concatinate 'A10-24F-' + 'our name value + 'our unlock code'
:0045FD74 8B95F0FEFFFF mov edx, dword ptr [ebp+FFFFFEF0] <-- and store the result in edx
...
:0045FDAA 8B95E8FEFFFF mov edx, dword ptr [ebp+FFFFFEE8] <-- edx has our real code
:0045FDB0 58 pop eax <-- eax has our dummy code
:0045FDB1 E88E39FAFF call 00403744 <-- check if they are equal
:0045FDB6 0F855D020000 jne 00460019 <-- if they are not equal jump to error
i can feel right now some ppl are angry cuz i didn't explan the alog. but here it is again : ( this time in english)
o.k at first we take a char. from our name and put it in al , then we chek if it is space , if yes we replace it with the char "d" and then we add it to edi , if no we add it to edi , then we add the value 96h = 150 to edi , then we do the same with the next char.
now afer we finish this alog. we end with a value in edi, then we take this value and attached it to the string 'A10-24f-' and we also attached to it , but this time from the end with our unlock code , and we have a code .... in other words :
Calcualted value (in my case) : 3511
my unlock code is : 543366127
so my code will be : A10-24F-3511543366127
now i think evey thing is easy so let's code a keygen for this prog. here is my code for a keygen ...
// a keygen for Auto Site Builder v1.09 by FaT[BiT] \ TNT!
#include <stdio.h>
main ()
// if the unlock code length is not 9 then change it
#include <conio.h>
{
unsigned char name[40];
unsigned char unlock[40];
long int code = 0 ; int i;
unsigned char ch;
clrscr();
printf("------------------------------------------------------------------\n");
printf(" Auto Site Builder v1.09 - Keymaker - by FaT[BiT] \\ TNT!\n");
printf("------------------------------------------------------------------\n\n");
printf("Enter Your Name : ");
gets(name);
if (strlen(name) == 0)
{ printf("Err : No Name Entered.");
return 0;
}
printf("Enter Unlock Code : ");
gets(unlock);
if (strlen(unlock) != 9)
{ printf("Err : Unlock Code Must Be 9 Char.");
return 0 ;
}
for (i = 0; i < strlen(name); i++)
{ ch = name[i];
if (ch == 0x20) ch = 0x64;
code += ch + 0x96;
}
printf("Registration Code : A10-24F-%ld%s", code, unlock);
return 0 ;
}
now write this code and save it as xxxxxxxx.c then compile and link it ,run it enter ur name and ur unlock code ...
|
|
tKC ... (for showing me the light !! )
LW2000 ... ( Thanx alot i now use my brain )
[XasX] ... (a very good founder and a very good friend also!)
AzmO ... (yes!! man we are different !! )
Sir dReAm ... (where the FUCK! r ya ? )
ASTAGA ... (i don't mind if u comment this tutorial)
BoneZ ... (thanx alot for the support !!)
BillGameZ, VaibLitzeR, MezUz , and ShaQ ... (good luck to u all !! )
and to all TNT!CRACK!TEAM! members ... (keep up the good work !!)
any comments mail me : fatzbit@linuxmail.org
See ya in another tut !!! Soon !!!
--= EOF =--