Cracking for Newbies - by Dahood Target: ClockWise 3.01a Tools used: W32dasm Hview Protection: 1.Serial NOTE: This tutorial is not totally for newbies so i excpect that u know 1.how to use w32dasm 2.how to use hview (change,search,etc...) 3.Assembly open the program and try to register..write down the error message that u got... disassemble the program and search for Sorry.. and ull land here * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:0041A7FA(C) | :0041A821 6A30 push 00000030 * Possible StringData Ref from Data Obj ->"ERROR" | :0041A823 68A0F14400 push 0044F1A0 * Possible StringData Ref from Data Obj ->"Sorry, registration didn't work!" | :0041A828 68401C4500 push 00451C40 :0041A82D 8BCE mov ecx, esi :0041A82F E862C00100 call 00436896 :0041A834 6A01 push 00000001 u see the conditional jmp ..|:0041A7FA(C) go to it if u dont know how hold shift and press f12 and in the box that pops up type the add 0041A7FA click ok and ull land here... :0041A7F3 E848000000 call 0041A840 :0041A7F8 85C0 test eax, eax :0041A7FA 7425 je 0041A821 ****u land here :0041A7FC 8BCE mov ecx, esi :0041A7FE E83D020000 call 0041AA40 :0041A803 6A40 push 00000040 * Possible StringData Ref from Data Obj ->"OK" | :0041A805 6824184500 push 00451824 * Possible StringData Ref from Data Obj ->"THANK YOU for registering ClockWise" | :0041A80A 68641C4500 push 00451C64 :0041A80F 8BCE mov ecx, esi :0041A811 E880C00100 call 00436896 :0041A816 6A00 push 00000000 :0041A818 8BCE mov ecx, esi :0041A81A E8CBA10100 call 004349EA :0041A81F 5E pop esi :0041A820 C3 ret hey this looks easier than what i excpected change 0041A7FA 7425 je 0041A821 to 0041A7FA 7525 jne 0041A821 now try to register.. good the problem is when u shut it down or restart the program it unregistered again... note:make sure u change the jne back to je 0041A821 k u see the call before the je :0041A7F3 E848000000 call 0041A840 ----->go to it and u ll land here... | :0041A840 83EC0C sub esp, 0000000C :0041A843 53 push ebx :0041A844 55 push ebp :0041A845 8BE9 mov ebp, ecx scroll down till u see a ret :0041AA05 52 push edx * Reference To: KERNEL32.lstrcmpA, Ord:02FCh ------>this compares something | :0041AA06 FF150C234400 Call dword ptr [0044230C] :0041AA0C 85C0 test eax, eax :0041AA0E 750D jne 0041AA1D --------->interesting :0041AA10 5F pop edi :0041AA11 5E pop esi :0041AA12 5D pop ebp :0041AA13 B801000000 mov eax, 00000001 :0041AA18 5B pop ebx :0041AA19 83C40C add esp, 0000000C :0041AA1C C3 ret change :0041AA0E 750D jne 0041AA1D to :0041AA0E 740D je 0041AA1D open hview and open the program hit enter and f5 to go to the add u want from w32dasm at the bottom check the offset add and type it in hview for me offset is 1aa0e when u find it hit f3 change the 75 to 74 and hit f9 to save , f 10 to exit... try to register put ur name and for the serial put any number the code any number note dont leave it blank i hope i didnt confuse u and if u have any question, comments my icq# is 69518421 or u can e mail me at webcrawler28@hotmail.com i would like to say thanks to all the crackers 2 many 2 list , for helpin me also for there tutorials also a big thanks to krobar's site http://zor.org/krobar Cracking for Newbies - by Dahoodhe routine.