Web : http://kickme.to/mxbnet
Contact Me : dheeraj_xp@yahoo.com


Ulead Photo Impact 5.0

Type : Image Editing
Protection : Date check
Tech : Patching


Crack : Trace from starting.

0x437E37 PUSH EAX >> Jump with out exec to

0x437E48 PUSH [ESI+74]

To patch : file = iedit.exe
Offset = 0x37E30[7]- 0x37E40[7] fill with NOP.
Album Crack :

0x402322 PUSH EAX >> Jump with out exec to

0x402331 LEA ECX,[ESP+118]

To patch : File offset = 0x2320[2]- 0x2330 fill with NOP.


>> WE REACH HERE ....MAKE EIP = 0x70025DD
.................................
0x70025DD POP EDI
0x70025DE POP ESI
0x70025DF POP EBX
0x70025E0 RET

I found an interesting behaviour ..if we make EIP = 0x70025DD the program runs..even if our trial
period is over.

Trace till we reach in GA_MAIN Module.....

0x4FC026 PUSH FFFFFFFF >> DUMP HERE ...
0x4FC02B CALL EAX ==>> EAX= 0x4CB41C - OEP

Use PEditor and change EP of dumped file.
EP = 4CB41C - 400000 = CB41C

Now we can run this dumped file :)


1 >> BAD BOY
....................
.................... >> SIMILAR ONE OR TWO CHECK
....................
0x411317 LEA EAX,[EBP-00D0] >> REAL S/N
0x41131D PUSH EAX
0x41131E LEA EAX,[EBP-0090] >> FAKE S/N
0x411325 CALL 48B3C0 >> ANOTHER CHECK
....................
0x41132B TEST EAX,EAX
0x41132E JZ 411340 >> GOOD BOY

May be program is using many set of S/N ... that is why registration details is checked
many times.
Our S/N seems to be working ... but after some days the program is self deleting
registration file "Uedit32.reg" ... why ??? is it a protection or bug ...

Registration Info :

Name = DHEERAJ
S/N = U5T4T-M0P4V-07Z2I-C1P00


4
015F:0041DF97 6689AEC0000000 MOV [ESI+000000C0],BP <-- Flag Set

Fix :

015F:0041DE98 66BD0200 MOV BP,0002 - Offset = 1DE98
015F:0041DE9C 90 NOP
015F:0041DE9D 90 NOP
015F:0041DE9E 6683FD02 CMP BP,02
015F:0041DEA2 0F8EEA000000 JLE 0041DF92

Name : Set your name ....

REGEDIT4

[HKEY_CURRENT_USER\Software\MGShareware\Screen Saver Builder]
"User"="DHEERAJ"

 


D EAX,000000FF
0x41715F CMP EAX,14
0x417162 JNZ 41733F

Many other interesting encryption are also there which i am not explaining .... just
go inside it and explore.

Registration Info :

Reg Key = 555555555555555555555555B8M3HH28B22B427701MDLUH0
Concurrent Users = 32
Expiration Date = None
Processors = 3
********************************************************
Reg Key = 55555555555555555555555567M3HH28B22B427701MDLUH0
Concurrent Users = 247
Expiration Date = None
Processors = 3
********************************************************
Reg Key = 55555555555555555555555567M3LD28B22B427701MDLUH0
Concurrent Users = 24700
Expiration Date = None
Processors = 1
********************************************************
Reg Key = 55555555555555555555555555555555B2MB4277BODH56HX
Concurrent Users = 3520180
Expiration Date = None
Processors = 4

 


his