Cracking for Newbies  - by Dahood
                

Target: ClockWise 3.01a

Tools used: W32dasm
	    Hview
	     

Protection:
1.Serial


NOTE: This tutorial is not totally for newbies so i excpect that u know
1.how to use w32dasm
2.how to use hview (change,search,etc...)
3.Assembly

open the program and try to register..write down the error message that u got...
disassemble the program and search for Sorry.. and ull land here


* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0041A7FA(C)
|
:0041A821 6A30                    push 00000030

* Possible StringData Ref from Data Obj ->"ERROR"
                                  |
:0041A823 68A0F14400              push 0044F1A0

* Possible StringData Ref from Data Obj ->"Sorry, registration didn't work!"
                                  |
:0041A828 68401C4500              push 00451C40
:0041A82D 8BCE                    mov ecx, esi
:0041A82F E862C00100              call 00436896
:0041A834 6A01                    push 00000001

u see the conditional jmp ..|:0041A7FA(C) go to it

if u dont know how hold shift and press f12 and in the box that pops up type the add 0041A7FA
click ok and ull land here...

:0041A7F3 E848000000              call 0041A840
:0041A7F8 85C0                    test eax, eax
:0041A7FA 7425                    je 0041A821  ****u land here
:0041A7FC 8BCE                    mov ecx, esi
:0041A7FE E83D020000              call 0041AA40
:0041A803 6A40                    push 00000040

* Possible StringData Ref from Data Obj ->"OK"
                                  |
:0041A805 6824184500              push 00451824

* Possible StringData Ref from Data Obj ->"THANK YOU for registering ClockWise"
                                  |
:0041A80A 68641C4500              push 00451C64
:0041A80F 8BCE                    mov ecx, esi
:0041A811 E880C00100              call 00436896
:0041A816 6A00                    push 00000000
:0041A818 8BCE                    mov ecx, esi
:0041A81A E8CBA10100              call 004349EA
:0041A81F 5E                      pop esi
:0041A820 C3                      ret


hey this looks easier than what i excpected 
change 0041A7FA 7425                    je 0041A821
to     0041A7FA 7525                    jne 0041A821


now try to register.. good
the problem is when u shut it down or restart the program it unregistered again...
note:make sure u change the jne back to je 0041A821

k u see the call before the je

:0041A7F3 E848000000              call 0041A840 ----->go to it and u ll land here...

|
:0041A840 83EC0C                  sub esp, 0000000C
:0041A843 53                      push ebx
:0041A844 55                      push ebp
:0041A845 8BE9                    mov ebp, ecx

scroll down till u see a ret

:0041AA05 52                      push edx

* Reference To: KERNEL32.lstrcmpA, Ord:02FCh ------>this compares something
                                  |
:0041AA06 FF150C234400            Call dword ptr [0044230C]
:0041AA0C 85C0                    test eax, eax
:0041AA0E 750D                    jne 0041AA1D  --------->interesting
:0041AA10 5F                      pop edi
:0041AA11 5E                      pop esi
:0041AA12 5D                      pop ebp
:0041AA13 B801000000              mov eax, 00000001
:0041AA18 5B                      pop ebx
:0041AA19 83C40C                  add esp, 0000000C
:0041AA1C C3                      ret


change :0041AA0E 750D                    jne 0041AA1D
to     :0041AA0E 740D                    je 0041AA1D

open hview and open the program hit enter and f5 to go to the add u want 
from w32dasm at the bottom check the offset add and type it in hview for me
offset is 1aa0e 
when u find it hit f3 change the 75 to 74 and hit f9  to save , f 10 to exit...

try to register put ur name and for the serial put any number the code any number 
note dont leave it blank


i hope i didnt confuse u and if u have any question, comments
my icq# is 69518421 or u can e mail me at webcrawler28@hotmail.com

i would like to say thanks to all the crackers 2 many 2 list , for helpin me also for there 
tutorials
also a big thanks to krobar's site http://zor.org/krobar
 
			Cracking for Newbies  - by Dahoodhe routine.