Web : http://kickme.to/mxbnet Contact Me : dheeraj_xp@yahoo.com Main | Index DzSoft Perl Editor 5.3.0.1 Type : Perl Editor Protection : ASProtect -- Serial Tech : Loader Crack : I think cracking involves luck ... it was realy hard to find the reg check in this new version as they have put it in some other thread or something .... it was just hard to trace and also it was packed with ASProtect.But i think it was born to be cracked. As i told it was realy hard ... used many techniques but failed ... An idea came to my mind "why not dump the program running on the pc and use w32dasm".We can't use w32dasm on exe file as it is packed.Will w32dasm work with the dump file ... i don't know what programs real OEP is.Will it work ..."who cares ..lets do it".So i did was to do a plain dump of the running program using PEditor.And used w32dasm on this dump with all section flags set to E0000020 of this dump file[other wise w32dasm will not show you any thing]. To my surprise it worked .... search for string "unregistered" ... now just look few lines up you can see the reg check call .... 015F:0053B19C E8A3F9FFFF CALL 0053AB44 015F:0053B1A1 84C0 TEST AL,AL --> Make AL = 01 GOOD BOY 015F:0053B1A3 0F84ED000000 JZ 0053B296 Inside this CALL ----> 015F:0053ABBE EBEB JMP 0053ABAB 015F:0053ABC0 8A45FF MOV AL,[EBP-01] <<-- Flag Set 015F:0053ABC3 8BE5 MOV ESP,EBP 015F:0053ABC5 5D POP EBP 015F:0053ABC6 C3 RET Fix : 015F:0053ABBE EBEB JMP 0053ABAB 015F:0053ABC0 B001 MOV AL,01 015F:0053ABC2 90 NOP 015F:0053ABC3 8BE5 MOV ESP,EBP 015F:0053ABC5 5D POP EBP 015F:0053ABC6 C3 RET That is all [ Please refer to DzSoft Perl Edt 4.0 tut for info about making Loader]

Thanks IMPREC ...

I have tested it on different PC with Win98 and WinXP .... and it is working fine ... So we have ripped of VBOX 4.622 ..... and it is time to celebrate ....

NB : Special thanks to [yAtEs] for his wonderfull essay on IAT.Special thanks to Kilby for his wonderfull essay on Copylok IAT and many many thanks for MackT/uCF2000 for his excellent tool ImpRec.

===========================================================
if(!DeleteFile(windir))
{
MessageBox(NULL,"Unable to deleted Lic File ...",InfoText,MB_OK);
error = true;
}
//===============================================================
GetWindowsDirectory(windir,sizeof(windir));
strcat(windir,"\\Vbox\\Licenses\\ _5.51.277_5044.prf");

if(!DeleteFile(windir))
{
MessageBox(NULL,"Unable to deleted Prf File ...",InfoText,MB_OK);
error = true;
}
//================================================================
if(!DeleteFile(sysdir))
{
MessageBox(NULL,"Unable to deleted OCX File ...",InfoText,MB_OK);
error = true;
}
//===============================================================
//Delete os*****.bin
GetWindowsDirectory(windir,sizeof(windir));

for(i=0;i < MAX_PATH;i++)
{
if(windir[i] == '\\')
{
windir[i] = '\0';
}
}
strcat(windir,"\\os291494.bin");

if(!DeleteFile(windir))
{
MessageBox(NULL,"Unable to deleted BIN File ...",InfoText,MB_OK);
error = true;
}
//===============================================================
if(error ==false)
{
MessageBox(NULL,"Removed VBOX Files and Registry Keys ...",InfoText,MB_OK);
}

//===============================================================
//Execute VSetupT.exe
ZeroMemory(&si,sizeof(si));
si.cb = sizeof(si);
cl = GetCommandLine();

if (!CreateProcess("VSetupT.exe",cl, NULL, NULL,FALSE,
NORMAL_PRIORITY_CLASS,NULL, NULL,&si, &pi))
{
MessageBox(NULL,"Unable to load \"VSetupT.exe\" ...",InfoText,MB_OK);
error = true;
}else
{
MessageBox(NULL,"Loaded \"VSetupT.exe\" ...",InfoText,MB_OK);
}
//===============================================================

return 0;

}
//===================================================================================