        ---------------------------------------------------
 ----------        DnNuke´s CRACKING TUTORIAL #9        ----------
// // //   Getting a serial from pop3connector ver. 4.10   \\ \\ \\
------------------------------------------------------------------  
\ ---------     -------------------------
 |  About  | - / Location - Download.com \
  ---------\   ---------------------------
|-----------------------------------------\ 
| Tools required: Softice                  |
|                                          |
| Difficult level:                         |
| Easy (  X  )  Medium (   )  Hard (    )  |
|_________________________________________/  
  
-Finding the Correct Key------

Ok cRACKERS, LTNS=(Long Time No See :P). Let´s see if the software dudes has gotten any better of hiding the serial from us young/beautiful crackers/gfxers :P


First open up the program goto "Help/Registration" enter 
"User Name - Whatever"
"E-mail - whatever"
"Product Key - 1133557799" DON´T click on the registerbutton button..
First goto softice "ctrl-D" and make a breakpoint on hmemcpy like this "bpx hmemcpy" wow hi-tech :)
now you hit the button.

And you land in sice!

Press F11 once and then F12 until you see yer pass lenght in EAX..

that means 1133557799 = 10 char 10 = 0A in hex...

so when EAX=0000000A "and lighted" wich means that the EAX has been updated..

so now we trace down "F10" and come to a nice code that looks like:
  

:004AAFAD 8D45F0                  lea eax, dword ptr [ebp-10]
:004AAFB0 50                      push eax
:004AAFB1 8B4DF8                  mov ecx, dword ptr [ebp-08]
:004AAFB4 8B55FC                  mov edx, dword ptr [ebp-04]
:004AAFB7 8BC3                    mov eax, ebx
:004AAFB9 E81EFEFFFF              call 004AADDC
:004AAFBE 8B45F0                  mov eax, dword ptr [ebp-10] ---> eax = the right key? try it and find out..
:004AAFC1 8B55F8                  mov edx, dword ptr [ebp-08] ---> edx = your fake key
:004AAFC4 E8278FF5FF              call 00403EF0  ---> The checking of what the right serial is..
:004AAFC9 0F85F5000000            jne 004AB0C4  ---> if serial wrong = 0 then show bad nag else show good :)


to see what´s in eax or edi the only thing you have to do is having the blue marker on it "trace on it" and write d eax or, d edx.

 ||
 ||
\||/
 \/

so the "eax" key was right :( that sux. That means we cracked it... 2 bad.. 
oh well enjoy this nice app. And remember if you realy like it you should give the coder..
So that he can make a better protection :D


-Endings------

Hope You´ve Learned Something From This Tutor.. 

Bye For Now 
/DnNuke 
DnNuke.Net

-Closing-------------