Cracking for Newbies - by Dahood Target: Custom Startup v 2.02 Tools used: W32dasm Hview Protection: 1.Serial NOTE: This tutorial is not totally for newbies so i excpect that u know 1.how to use w32dasm 2.how to use hview (change,search,etc...) 3.Assembly open the program and try to register.. write down the error message that u got and lets get to work..... Disassemble the programand search for the message and u should be here * Possible StringData Ref from Code Obj ->"Invalid Registration Key!" | :00451038 A16C3C4500 mov eax, dword ptr [00453C6C] :0045103D E812B2FEFF call 0043C254 scroll down a bit til u see * Possible StringData Ref from Code Obj ->"This Product Is Registered" | :00451083 8B15703C4500 mov edx, dword ptr [00453C70] :00451089 E8CAEEFCFF call 0041FF58 :0045108E EB18 jmp 004510A8 * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:00450FAF(C) | :00451090 A17C3E4500 mov eax, dword ptr [00453E7C] :00451095 8B00 mov eax, dword ptr [eax] :00451097 8B80F0010000 mov eax, dword ptr [eax+000001F0] * Possible StringData Ref from Code Obj ->"This Product Is Registered" | :0045109D 8B15703C4500 mov edx, dword ptr [00453C70] :004510A3 E8B0EEFCFF call 0041FF58 well for me when i first saw this i knew that this must be in the about box casue now it says unregistered and i also know that when the program starts it must check if we are registered if u are jmp if not continue let go to the * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:00450FAF(C)****** | :00451090 A17C3E4500 mov eax, dword ptr [00453E7C] :00451095 8B00 mov eax, dword ptr [eax] :00451097 8B80F0010000 mov eax, dword ptr [eax+000001F0] * Possible StringData Ref from Code Obj ->"This Product Is Registered" | :0045109D 8B15703C4500 mov edx, dword ptr [00453C70] :004510A3 E8B0EEFCFF call 0041FF58 and u should be here :00450FAD 84C0 test al, al :00450FAF 0F85DB000000 jne 00451090 ****** u should be here :00450FB5 A17C3E4500 mov eax, dword ptr [00453E7C] :00450FBA 8B00 mov eax, dword ptr [eax] :00450FBC 8B80F0010000 mov eax, dword ptr [eax+000001F0] * Possible StringData Ref from Code Obj ->"UNREGISTERED" | :00450FC2 8B15583C4500 mov edx, dword ptr [00453C58] :00450FC8 E88BEFFCFF call 0041FF58 :00450FCD A1943E4500 mov eax, dword ptr [00453E94] :00450FD2 8B00 mov eax, dword ptr [eax] jne 00451090 if not equal jmp to :00451090 A17C3E4500 mov eax, dword ptr [00453E7C] :00451095 8B00 mov eax, dword ptr [eax] :00451097 8B80F0010000 mov eax, dword ptr [eax+000001F0] * Possible StringData Ref from Code Obj ->"This Product Is Registered" | :0045109D 8B15703C4500 mov edx, dword ptr [00453C70] :004510A3 E8B0EEFCFF call 0041FF58 other wise continue :00450FB5 A17C3E4500 mov eax, dword ptr [00453E7C] :00450FBA 8B00 mov eax, dword ptr [eax] :00450FBC 8B80F0010000 mov eax, dword ptr [eax+000001F0] * Possible StringData Ref from Code Obj ->"UNREGISTERED" | :00450FC2 8B15583C4500 mov edx, dword ptr [00453C58] :00450FC8 E88BEFFCFF call 0041FF58 :00450FCD A1943E4500 mov eax, dword ptr [00453E94] :00450FD2 8B00 mov eax, dword ptr [eax] i dont think i can put it in any easier was than this so as far as we now when the program starts it should jmp staright in and we should be registered!!!!!!Right lets hope so open the program in hview and go to the offset add which 503Af and change the jne 00451090 to je 00451090 save and exit fire up the program and check the about box DONE!!! i hope i didnt confuse u and if u have any question, comments my icq# is 69518421 or u can e mail me at webcrawler28@hotmail.com i would like to say thanks to all the crackers 2 many 2 list , for helpin me also for there tutorials also a big thanks to krobar's site http://zor.org/krobar Cracking for Newbies - by Dahood