Name      : HTML (Un)Compress

Version   : 5.0

Target    : HTMLcomp.exe

s/n saved : HKEY_LOCAL_MACHINE\Software\HTML(Un)Compress\Registration

Tools     : W32Dasm
            Hiew
            Brain
            
Cracker   : LW2000

Tutorial  : No.43




---
DISCLAIMER
For educational purposes only!
I hold no responsibility of the mis-used of this material!
---



1.      Ok, go to the registration screen and enter the following details:

        Name: LW2000
        Password: 1230099

        *BOOM* 'There seems to be a problem...'

        Mhmm, are all those programs stupid? 1230099 is my personal serial
        numer and should be always correct...
        And if not, i'll make my s/n correct =)

2.      Load W32Dasm with 'HTMLComp.exe' and make a deadlisting in the SDR.
        Doublecklick on 'There seems to be a problem...'.


* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00466D4F(C)  <<-- here we go!
|
:00466DA0 6A00 push 00000000
:00466DA2 668B0DF46D4600 mov cx, word ptr [00466DF4]
:00466DA9 B201 mov dl, 01

* Possible StringData Ref from Code Obj->"There seems to be a problem with"
->"either the name or the password. "
->"Make sure there are no spaces "
->"in front or after you name and/of "
->"password. Pay also special attention "
->"to the differance between O and "
->"0. If the problem persists, please "
->"contact me immediately."

3.      To see from where the error msg is called, we take a close look
        at the reference... 00466D4F. So lets go there.


:00466D48 E8336FFFFF call 0045DC80 <<-- check routine
:00466D4D 3C01 cmp al, 01          <<-- test
:00466D4F 754F jne 00466DA0        <<-- s/n check

        
        So what will we do? Let the call always return al=1! This is much
        better than a change like jne/je.
        How to do this (short description):

        Go inside the call, note the offset. Open hiew, go to the offset,
        F3, F2, then enter: 

        mov al, 1   [Enter]
        ret         [Enter]
                    [Esc]

        All done? Let's try our bugfix!

        Name: LW2000
        Password: 1230099

        
Congratulation! You are a registered user.

As I said before, 1230099 will always work ;)


FINISH! Easy, or?

cu LW2000
Any comments? Mail me LW2000@gmx.net !!!
----
tKC, thx for your tutors!
I started with tutor 1 and i still read them... they are the best!