Singulator v1.41
2 keyz in 1 algo.
Best view 1024 X 768
by FaT[BiT] \ TNT!
Cracking For Beginners
 
Program Info
Program Name : Single.exe
Program Type : Music Util.
Program Location : http://www.AIPL.com
Program Size : 656 KB
 
ToolZ :
SoftIce v4.05
C/C++ Compiler


All these toolz can be found at http://w3.to/protools
Easy ( X ) Medium (  ) Hard (  ) Pro (  )


Singulator v1.41
Cracked and Written by : FaT[BiT] \ TNT!
Tutorial No. : 29


Dedication

------------------------------------------------------------------------------------------------
-={ -- Azmo -- [XasX] -- Sir dReAM -- Astaga -- ChoRdLEss -- p0tHEAD -- Liaisons -- Sevan -- }=-
________________________________________________________________________________________________

Intoduction & Protection

iNTROdUCTION :

hi there and wellcome to another tutorial ...
Life is worthless, this is the way i see it, people allways run for money and power , thinking that if they have them , it'll save them from alot of things . but as everyday goes by, life shows us there is nothin' to care about, cuz no matter what life gives, soon it will take it away ... this is why it is worthless ...

pROTEcTION :

O.k this program needs a name and ID to register , so in this tutorial we learn how to find an ID for our name and also how to make a keygen !! so let's begin ...

The Essay

o.k like allways install the program and run it , as soon as it runs , it'll diaply a window with 4 buttons, one of them labeled register, click on it , it will display a window to enter a name and ID , so let's enter our info , in my case i worte :

Name : FaT[BiT] \ TNT!
ID : 1234567890

now before u click on the o.k button set a breakpoint like this one :

bpx getwindowtexta

then press the F5 button to exit softice, then press the o.k button, softice will break , press F11 once then clear all the breakpoints and trace with the F10 button until u reach this code :


:00402C51 83F902                  cmp ecx, 00000002 <-- ecx has the length of our name and compare it with 2
:00402C54 7E43                    jle 00402C99 <-- jump if less to error
:00402C56 33FF                    xor edi, edi <-- clear the edi register
:00402C58 33DB                    xor ebx, ebx <-- clear the ebx register
:00402C5A 33D2                    xor edx, edx <-- clear the edx register
:00402C5C 85C9                    test ecx, ecx <-- check the ecx register
:00402C5E 7E1F                    jle 00402C7F <-- jump if less or equal to error
:00402C60 0FBEB41424020000        movsx esi, byte ptr [esp+edx+00000224] <-- esi has a char. from our name ( * )
:00402C68 8BC6                    mov eax, esi <-- copy the char. to eax
:00402C6A 0FAFC6                  imul eax, esi <-- multiply eax by esi , result in eax
:00402C6D 0FAFC6                  imul eax, esi <-- mutilply the result by the esi
:00402C70 8BF0                    mov esi, eax <-- move the result back to esi
:00402C72 03C2                    add eax, edx <-- add to eax the value of edx (edx is the counter)
:00402C74 2BF2                    sub esi, edx <-- substract from esi the value of edx (edx is the counter)
:00402C76 03D8                    add ebx, eax <-- add to ebx the value of eax 1st ID
:00402C78 03FE                    add edi, esi <-- add to edi the value of esi 2nd ID
:00402C7A 42                      inc edx <-- add one to edx
:00402C7B 3BD1                    cmp edx, ecx <-- check if the counter = the length of the name
:00402C7D 7CE1                    jl 00402C60 <-- jump if less to ( * )


hmm !! this is a nice alog. let's study it :
o.k at first we take a char. from our name and it is in esi, then we make a copy of it in eax , and mutilply them , now we have a result in eax, and still the same char. in esi , so we again multiply the result by the char in esi , and we get the final result in eax, now we copy the final result to esi, so now we have eax equal to esi , then we add to eax the content of edx (which is the counter) , and we also subtract the content of esi by the content of edx , now in this case we have two results one is in eax and the other in esi , now we add the content of eax to ebx, and also add the content of esi to edi , then at last we add one to edx and see if it's equal to to the length of our name , if less we do the same thing with the next char ....

now after we finish this loop we end up with a value in edi and in ebx , now trace with the F10 button until u reach this code :


:00402D29 3BFE                    cmp edi, esi <-- compare edi with esi (esi has our dummy code)
:00402D2B 7444                    je 00402D71 <-- jump if equal to thank you message
:00402D2D 3BDE                    cmp ebx, esi <-- compare ebx with esi (esi has our dummy code)
:00402D2F 7440                    je 00402D71 <-- jump if equal to thank u message


hmmm !! this is nice , now our dummy code is compared by the 2 values that we got from the algo. above , but since it is not equal to any one of them it will give us the error message , so when u are at address 00402D29 and 00402D2D ,write '? edi' and '? ebx' respectivly , to see there contents and write them down then exit the softice , now let's think ...

the algo. gave us 2 numbers and these 2 numbers are compared with our dummy code , so both of them are true but what is the diff. , now let's again enter our info and one of these numbers , in my case i tried at first the number that i got from edi and it worked, it gave me the thank u message , then i unregistered the program by deleting the file "aisin.rg" , and tried the one that i got from edi , and it gave me the thank u message but it said thank for registering the pro. ver. of Singulator , so it is all clear that the algo. calcualte 2 values and one of these values are for normal registration and the other is for the pro. registration

now that we got the idea of this algo. let's code a keygen to give us the 2 keys one for the normal registration and the other for the Pro. Ver. Registration , so here is my code i wrote it in C :


// a keygen for Singulator v1.41 by FaT[BiT] \ TNT!

#include <stdio.h>
#include <conio.h>

main ()
{
    unsigned char name[40];
    unsigned long res = 0;
    unsigned long norcode = 0;
    unsigned long procode = 0;
    unsigned long i; unsigned char ch ;
    clrscr();
    printf("======================================================\n");
    printf(" Singulator v1.41 - keymaker - by FaT[BiT] \\TNT!\n");
    printf("======================================================\n\n");
    printf("Enter Name : ");
    gets(name);
    if (strlen(name) > 2)
      { for (i = 0; i < strlen(name) ; i++)
        {
          ch = name[i];
          res = (ch * ch);
          procode = procode + ((res * ch) + i);
          norcode = norcode + ((res * ch) - i);
        }
      printf("Your ID : %lu\n", norcode);
      printf("Your ID for Pro. Version : %lu", procode);
      exit (1);
    }
    printf("Error : Name is to short. Enter 2 char. at least.");
    return 0 ;
}


after u write, compile, and run this keygen , enter ur name and copy the generated key , run the prog. enter ur info and ...

Singulator is Registered

Final WordZ

i hope u have enjoyed this tut as much as i did writing it
in the end i would like to greet the following ppl !!
FaT[BiT]_FaTz0 greetz the following :

tKC ... (for showing me the light !! )
LW2000 ... ( Thanx alot i now use my brain )
[XasX] ... (i know u work hard , this is y u r good !!)
AzmO ... (yes!! man we are different !! )
Sir dReAm ... (u r the best !! )
tabm0de ... ( thanx alot !! ur a true friend !!)
ASTAGA ... (i don't mind if u comment this tutorial)
Marilyn, VaibLitzeR , and ShaQ ... (good luck to u all !! )

and to all TNT!CRACK!TEAM! members ... (keep up the good work !!)

any comments mail me : fatzbit@gmx.net

See ya in another tut !!! Soon !!!

--= EOF =--