How to find the real serial
Trillian v0.61
a Cracking tutorial By Nemesis] TNT
DISCLAIMER
This reading material is not intended to violate Copyrights
and/or it is law, but educational purposes only. I hold no
responsibility ( by all means and in any shape whatsoever )
of the mis-used of this material.
About The Program
Trillian is a chat client ;-)
WHERE TO DOWNLOAD
Homepage :http://www.ceruleanstudios.com
Size : 1.71mb
Tool: numega Softice 4.5 [can be download at http://www.eccentrix.com/computer/protools/
HOW TO GET VALID SERIAL NUMBER for your name By Using [Softice]
lets get started run Trillian now enter your Name and fake serial click register button message box saying Incorrect key/username combination ;-) ok now do this ctrl D bring softice , now we should put breakpoint like this bpx hmemcpy and enter press F5 to get out off softice, type your name and fake serial and click register now you are back in softice, now lets search for real serial ;-) ok pressF5 1time because we need the serial F12 8 times until we land at this address below, now press F10 to go down .
* Possible Reference to Dialog: DialogID_00A7, CONTROL_ID:0440, ""
:0040F051 6840040000 push 00000440
:0040F056 53 push ebx
:0040F057 FFD6 call esi
:0040F059 50 push eax
:0040F05A FFD7 call edi
:0040F05C 833D10A242000A cmp dword ptr [0042A210], 0000000A <--you land here
:0040F063 0F8D91000000 jnl 0040F0FA
:0040F069 8D542410 lea edx, dword ptr [esp+10]
:0040F06D 8D842410010000 lea eax, dword ptr [esp+00000110]
:0040F074 52 push edx your name stored here
:0040F075 50 push eax your fake serial is here
:0040F076 E8A56E0000 call 00415F20
:0040F07B 83C408 add esp, 00000008
:0040F07E 83F801 cmp eax, 00000001
:0040F081 7577 jne 0040F0FA
:0040F083 A318A24200 mov dword ptr [0042A218], eax
:0040F088 8DBC2410010000 lea edi, dword ptr [esp+00000110]
:0040F08F 83C9FF or ecx, FFFFFFFF
:0040F092 33C0 xor eax, eax
:0040F094 F2 repnz
:0040F095 AE scasb
:0040F096 F7D1 not ecx
:0040F098 2BF9 sub edi, ecx
:0040F09A 53 push ebx
:0040F09B 8BD1 mov edx, ecx
:0040F09D 8BF7 mov esi, edi
:0040F09F BF5C864200 mov edi, 0042865C
:0040F0A4 C1E902 shr ecx, 02
:0040F0A7 F3 repz
:0040F0A8 A5 movsd
:0040F0A9 8BCA mov ecx, edx
:0040F0AB 83E103 and ecx, 00000003
:0040F0AE F3 repz
:0040F0AF A4 movsb
:0040F0B0 8BCD mov ecx, ebp
:0040F0B2 E829FEFFFF call 0040EEE0
:0040F0B7 8B7514 mov esi, dword ptr [ebp+14]
* Reference To: KERNEL32.WritePrivateProfileStringA, Ord:02E5h
:0040F0BA 8B3D88104200 mov edi, dword ptr [00421088]
:0040F0C0 8D4C2410 lea ecx, dword ptr [esp+10]
:0040F0C4 8B4608 mov eax, dword ptr [esi+08]
:0040F0C7 50 push eax
:0040F0C8 51 push ecx
* Possible StringData Ref from Data Obj ->"Key"
:0040F0C9 6850624200 push 00426250
* Possible StringData Ref from Data Obj ->"Register"
:0040F0CE 6844624200 push 00426244
:0040F0D3 FFD7 call edi
:0040F0D5 8B5608 mov edx, dword ptr [esi+08]
:0040F0D8 8D842410010000 lea eax, dword ptr [esp+00000110]
:0040F0DF 52 push edx
:0040F0E0 50 push eax
* Possible StringData Ref from Data Obj ->"Name"
:0040F0E1 683C624200 push 0042623C
* Possible StringData Ref from Data Obj ->"Register"
:0040F0E6 6844624200 push 00426244
:0040F0EB FFD7 call edi
:0040F0ED 5F pop edi
:0040F0EE 5E pop esi
:0040F0EF 5D pop ebp
:0040F0F0 5B pop ebx
:0040F0F1 81C400050000 add esp, 00000500
:0040F0F7 C20800 ret 0008
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0040F063(C), :0040F081(C)
:0040F0FA 6A00 push 00000000
* Possible StringData Ref from Data Obj ->"Incorrect input: Please try again."
:0040F0FC 6818624200 push 00426218
* Possible StringData Ref from Data Obj ->"Incorrect key/username combination "
->"or number of tries exceeded (max "
->"tries = 10 per load of trillian)."
:0040F101 68B0614200 push 004261B0
:0040F106 53 push ebx <---------type d edx to see our real serial
* Reference To: USER32.MessageBoxA, Ord:01BEh
:0040F107 FF1508124200 Call dword ptr [00421208]
now remember the serial you have fond enter it and is registered !
easy or ??? the program is registered ;-) hope you find it useful ?
END NOTES
Special Thanks go to All [TNT MEMBERS] Keep it Real guys.
for more tutorials go here http://nemesis.lgg.ru
Nemesis]