Web : http://kickme.to/mxbnet
Contact Me : dheeraj_xp@yahoo.com


Main | Index

Registry Crawler 2.1

Type : Windows Registry Scanner
Protection : Serial
Tech : Serial fishing


Crack : Enter fake S/N and in SICE BPX GETWINDOWTEXTA
And hit 'Ok' and trace ....

Main check ...

0x404C10 CALL 0x4048C0
0x404C15 TEST EAX,EAX
0x404C17 JZ 0x404CC8 >> BAD BOY
VVVVVV
GOOD BOY

Inside this CALL .....

0x4048E9 CMP ECX,08 >> OUR NAME LENGTH IS COMPARED WITH 08
>> SO OUR NAME SHOULD BE GREATER THAN 8 CHAR
0x4048FF PUSH 0x4437B8 >> "8267-"
......................
0x40496A MOV EAX,ESI >>
.................... >> LOOP
0x4049FC JB 0x40496A >>

0x404A46 MOV ECX,[ESP+8] >> REAL S/N
0x404A4A PUSH 0x445F20 >> FAKE S/N
0x404A4F PUSH ECX
0x404A50 CALL 0x40921E >> COMPARE BOTH
......................
0x404A5C TEST EAX,EAX
0x404A5E SETZ DL >> SET FLAG

Registration Info :

Name = DHEERAJ-GL
S/N = 8267-ZDDGHZ


HIS CALL ....
0x66ABC95D CMP BYTE PTR [EBX],18 ----> 24 CHAR
.................................................
0x66ABC96B CMP CL,AL => AL = 2D '-' ; CL = 5TH CHAR OF S/N
.................................................
0x66ABC973 CMP [EBX+0A],AL
.................................................
0x66ABC97C CMP [EBX+0F],AL
.................................................
0x66ABC985 CMP [EBX+14],AL
.................................................
0x66ABCB79 CALL 66ABCD60 ---------- LOOK UP TABLE
.................................................
0x66ABCB8C CALL 66ABCD60 ---------- LOOK UP TABLE
.................................................
0x66ABCD98 CMP BL,AL --------------- COMPARE LOOK UP TABLE COUNTS [BL] WITH AL
.................................................
------- LOOP .... GO UP ----TILL ALL CHARS OF S/N ARE FINISHED------

Registration Info :

5.0 Pro Player Key :

Name = DHEERAJ
Organization = MxB
S/N = EMXP-GJ4Q-QG2E-Q44M-5555

Future Pro Player Key :

Name = DHEERAJ
Organization = MxB
S/N = KUCA-4PG4-448D-GUDN-5555


eturns Integer: 1

Registration Info :

Name = DHEERAJ
Product ID = 3897695580138
Unlock Key = 1283792544077

Note : This is where the program is storing its 50 execution count :Inside the registry ..

[HKEY_LOCAL_MACHINE\System\ControlSet001\Control]
"winsystem"="††"
"windows"="„†zŒ‡}Œ…"

Those invalid charecters are its count if you increase it you will get 50>+ execution ..

 


0x40A6AB CMP EDI,EAX =>3C --"60" ; EDI = NO: DAYS USED
0x40A6AD JLE 40A70A = 7E 5B --> GOOD BOY OFFSET = A6AD
...........................................
NOW BPMB 5F5A78 RW --- CONTINUE
...........................................
0x40A942 PUSH 5F5A78
0x40A947 CALL [005B42A8]
0x40A94D ADD ESP,04
0x40A950 CMP EDI,EAX
0x40A952 JLE 40A973 = 7E 1F --> GOOD BOY OFFSET = A952

So all you want to do is to convert :
JLE ---> JMP i.e 74 ===> EB

 


Suppose we just try to redirect this check to an original and virgin