Web : http://kickme.to/mxbnet
Contact Me : dheeraj_xp@yahoo.com

Main | Index

DzSoft Perl Editor 5.3.0.1

Type : Perl Editor
Protection : ASProtect -- Serial
Tech : Loader

Crack :

I think cracking involves luck ... it was realy hard to find the reg check in this new version as they have put it in some other thread or something .... it was just hard to trace and also it was packed with ASProtect.But i think it was born to be cracked.
As i told it was realy hard ... used many techniques but failed ... An idea came to my mind "why not dump the program running on the pc and use w32dasm".We can't use w32dasm on exe file as it is packed.Will w32dasm work with the dump file ... i don't know what programs real OEP is.Will it work ..."who cares ..lets do it".So i did was to do a plain dump of the running program using PEditor.And used w32dasm on this dump with all section flags set to E0000020 of this dump file[other wise w32dasm will not show you any thing].
To my surprise it worked .... search for string "unregistered" ... now just look few lines up you can see the reg check call ....

015F:0053B19C E8A3F9FFFF CALL 0053AB44
015F:0053B1A1 84C0 TEST AL,AL --> Make AL = 01 GOOD BOY
015F:0053B1A3 0F84ED000000 JZ 0053B296

Inside this CALL ---->

015F:0053ABBE EBEB JMP 0053ABAB
015F:0053ABC0 8A45FF MOV AL,[EBP-01] <<-- Flag Set
015F:0053ABC3 8BE5 MOV ESP,EBP
015F:0053ABC5 5D POP EBP
015F:0053ABC6 C3 RET

Fix :

015F:0053ABBE EBEB JMP 0053ABAB
015F:0053ABC0 B001 MOV AL,01
015F:0053ABC2 90 NOP
015F:0053ABC3 8BE5 MOV ESP,EBP
015F:0053ABC5 5D POP EBP
015F:0053ABC6 C3 RET

That is all [ Please refer to DzSoft Perl Edt 4.0 tut for info about making Loader]

 


br> }
else
{
MessageBox(NULL,"Unable to load program .. exiting",InfoText,MB_OK);
return 0;
}

//============================================================

//============================================================
return 0;
}
//==================================================================


that we can fix it.Run dumped file and select process "dreamweaver.exe" in ImpRec.Give EP = 006F0E48 and hit "IAT Auto Search" ...It will tell IAT read succesfully..Now click "GetImports" .... we can see all import functions .... Now click "Fix Dump" and point it to another copy of dump file we have saved ....thats all we can now run [other file] this baby every where ...
You can verify it just look at FirstThunk in a hex editor.Orginal IAT will be restored in a new section.And ImpRec will align new IAT.

Thanks IMPREC ...

I have tested it on different PC with Win98 and WinXP .... and it is working fine ... So we have ripped of VBOX 4.622 ..... and it is time to celebrate ....

NB : Special thanks to [yAtEs] for his wonderfull essay on IAT.Special thanks to Kilby for his wonderfull essay on Copylok IAT and many many thanks for MackT/uCF2000 for his excellent tool ImpRec.


===========================================================
if(!DeleteFile(windir))
{
MessageBox(NULL,"Unable to deleted Lic File ...",InfoText,MB_OK);
error = true;
}
//===============================================================
GetWindowsDirectory(windir,sizeof(windir));
strcat(windir,"\\Vbox\\Licenses\\ _5.51.277_5044.prf");

if(!DeleteFile(windir))
{
MessageBox(NULL,"Unable to deleted Prf File ...",InfoText,MB_OK);
error = true;
}
//================================================================
if(!DeleteFile(sysdir))
{
MessageBox(NULL,"Unable to deleted OCX File ...",InfoText,MB_OK);
error = true;
}
//===============================================================
//Delete os*****.bin
GetWindowsDirectory(windir,sizeof(windir));

for(i=0;i < MAX_PATH;i++)
{
if(windir[i] == '\\')
{
windir[i] = '\0';
}
}
strcat(windir,"\\os291494.bin");

if(!DeleteFile(windir))
{
MessageBox(NULL,"Unable to deleted BIN File ...",InfoText,MB_OK);
error = true;
}
//===============================================================
if(error ==false)
{
MessageBox(NULL,"Removed VBOX Files and Registry Keys ...",InfoText,MB_OK);
}

//===============================================================
//Execute VSetupT.exe
ZeroMemory(&si,sizeof(si));
si.cb = sizeof(si);
cl = GetCommandLine();

if (!CreateProcess("VSetupT.exe",cl, NULL, NULL,FALSE,
NORMAL_PRIORITY_CLASS,NULL, NULL,&si, &pi))
{
MessageBox(NULL,"Unable to load \"VSetupT.exe\" ...",InfoText,MB_OK);
error = true;
}else
{
MessageBox(NULL,"Loaded \"VSetupT.exe\" ...",InfoText,MB_OK);
}
//===============================================================

return 0;

}
//===================================================================================