TNT!CRACK!TEAM! ---> HTML TUTORIALS ---> http://www.tntcrackers.ws

DLL Show v4.5 The Show must go on !! Best view 1024 X 768

by FaT[BiT] \ TNT!

Cracking For Beginners

Program Info Program Name : DLLShow.exe Program Type : Processes display Util. Program Location : http://www.gregorybraun.com Program Size : 150 KB

ToolZ : SoftIce v4.05

All these toolz can be found at http://w3.to/protools

Easy ( X ) Medium ( ) Hard ( ) Pro ( )

DLL Show v4.5
Cracked and Written by : FaT[BiT] \ TNT!
Tutorial No. : 33

Dedication

------------------------------------------------------------------------------------------------
-={ -- Azmo -- [XasX] -- Sir dReAM -- Astaga -- ChoRdLEss -- p0tHEAD -- Liaisons -- Sevan -- }=-
________________________________________________________________________________________________

Intoduction & Protection

iNTROdUCTION :

hi there and wellcome to another tutorial ...
Alot of ppl see what is wrong with u only , they think that they don't make any mistakes , yeah !! (GODS) , but came to think of it sometimes they are right although they have alot of mistakes in them , but again, like someone said : DON'T DO WHAT I DO, DO WHAT I SAY !!!

pROTEcTION :

Our program here needs a user name, organization and a registration code to register , and like allways in this tutorial we will find the registration code for our name .

The Essay

o.k after u install the prog. run it , then click on help/Register , as u can see it needs our name, organization and the registration code to register , so let's enter them in my case i wrote :

User Name : FaT[BiT]
Organization : TNT!CRACK!TEAM!
Registration : 1234567890

now before u click on the o.k button , set a breakpoint like this one :

bpx getdlgitemtexta

now press the F5 button to exit softice, then press the o.k button and softice will break , now press the F11 button once , then press the F12 button also one time and u will land at this code :

:0040D6CC 6A32                    push 00000032
:0040D6CE 56                      push esi
:0040D6CF 6A65                    push 00000065
:0040D6D1 55                      push ebp
:0040D6D2 E899820000              call 00415970 <-- get our name
:0040D6D7 8D7E32                  lea edi, dword ptr [esi+32] <-- we land here
:0040D6DA 6A32                    push 00000032
:0040D6DC 57                      push edi
:0040D6DD 6A66                    push 00000066
:0040D6DF 55                      push ebp
:0040D6E0 E88B820000              call 00415970 <-- get our organization
:0040D6E5 8D442430                lea eax, dword ptr [esp+30]
:0040D6E9 6800010000              push 00000100
:0040D6EE 50                      push eax
:0040D6EF 6A67                    push 00000067
:0040D6F1 55                      push ebp
:0040D6F2 E879820000              call 00415970 <-- get our registration
:0040D6F7 8D4C2440                lea ecx, dword ptr [esp+40]
:0040D6FB 51                      push ecx
:0040D6FC E8E5980000              call 00416FE6 <-- convert our reg. string to real value
:0040D701 56                      push esi
:0040D702 8BD8                    mov ebx, eax <-- put our fake code in ebx
:0040D704 E8F7810000              call 00415900 <-- calcualte first part of our reg.
:0040D709 83C438                  add esp, 00000038
:0040D70C 3D92A71901              cmp eax, 0119A792 <-- compare the result with a blacklisted
:0040D711 7518                    jne 0040D72B <-- jump if not equal (we will jump this)
...
:0040D72B 3D3CCE5F0D              cmp eax, 0D5FCE3C <-- compare the result with a blacklisted
:0040D730 750C                    jne 0040D73E <-- jump if not equal (we will jump this)
...
:0040D73E 57                      push edi <-- edi has our org. (we land here after the jump )
:0040D73F 56                      push esi <-- esi has our name
:0040D740 E85B7C0000              call 004153A0 <-- calcualte our reg. code store result in eax
:0040D745 83C408                  add esp, 00000008
:0040D748 3BD8                    cmp ebx, eax <-- compare ebx = fake code with eax = good code
:0040D74A 5F                      pop edi
:0040D74B 741D                    je 0040D76A <-- jump if equal to thank u message

o.k i think everything is clear but i will explain it anyway :

now after we set our breakpoint and pressed the o.k button we land at address 0040D6D7 , now we continue to trace until we reach the address 0040D6FB , now all of the above code is only for reading our name ,org and reg. code , now we are att address 0040D6FB , continue to trace with the F10 button , until u reach 0040D704, now what is going on is that the prog read our reg. code and convert it to real value and store it in ebx, we can make sure by writting '? ebx'.

now at 0040D704 there is a call that calcualte a code from our name and then comapre it with 2 blacklisted names and we will make the 2 jumps at address 0040D711 and 0040D730 cuz our name is not equal to them , then we come to the address 0040D73E now trace with the F10 command until u reach 0040D74A , then write '? ebx' and we will see our fake code , then write '? eax' and u will see our valid code, write it down then clear all the breakpoints and exit, now again enter ur info with the code that we got from the eax register then press the o.k button and ...

DLL Show is registered

Final WordZ

i hope u have enjoyed this tut as much as i did writing it
in the end i would like to greet the following ppl !!
FaT[BiT]_FaTz0 greetz the following :

tKC ... (for showing me the light !! )
LW2000 ... ( Thanx alot i now use my brain )
[XasX] ... (i know u work hard , this is y u r good !!)
AzmO ... (yes!! man we are different !! )
Sir dReAm ... (u r the best !! )
tabm0de ... ( thanx alot !! ur a true friend !!)
ASTAGA ... (i don't mind if u comment this tutorial)
Marilyn, VaibLitzeR , and ShaQ ... (good luck to u all !! )

and to all TNT!CRACK!TEAM! members ... (keep up the good work !!)

any comments mail me : fatzbit@gmx.net

See ya in another tut !!! Soon !!!

--= EOF =--