How to crack Really Good TIMER v2.7.0.6 by _PIRO_ toolz: W32dasm, Hiew, Regmon, Regedit Target: Really Good TIMER Target Address: http://reallygood-software.com HEDDOO! and welcome again to another one on my TUTZ, i think this is like 6 or 7. Well today im gunna teach you on how to crack a program that has a Time Trial and Name & Serail protection. And make a REG file so that anyone can register it. Enough shit lets getta crackin :) Ok d/l RGTIMER and install it, Run the bitch and we get our usual Time Nag, since it minimzed itself to your taskbar right-click on it and hit the REGISTER button. Fill in you dummy info and hit "Register Now" and what do we get our mean old "Sorry, The Registration Key is Invalid." No worries we'll fix it :) ok first make a copy of it then decompile it with W32Dasm is it done? ok good now hit your STRN button and go down to "Sorry, The Registration Key is Invalid." double click on it and you should see this .0045FEB3: 8D55F4 lea edx,[ebp][-000C] .0045FEB6: E83D70FAFF call .000406EF8 .0045FEBB: 8B45F4 mov eax,[ebp][-000C] .0045FEBE: 8B55F8 mov edx,[ebp][-0008] .0045FEC1: E8BE3DFAFF call .000403C84 .0045FEC6: 741A je .00045FEE2 .0045FEC8: 6A00 push 000 .0045FECA: 668B0D3C004600 mov cx,[00046003C] .0045FED1: B202 mov dl,002 * Possible StringData Ref from Code Obj ->"Sorry, The Registration Key is" ->"Invalid." .0045FED3: B848004600 mov eax,000460048 .0045FED8: E82763FDFF call .000436204 .0045FEDD: E91D010000 jmp .00045FFFF * Refferenced by a (U)nconditional or (C)onditional Jump at Address: |:0045FEC6(C) | .0045FEE2: 6A00 push 000 .0045FEE4: 668B0D3C004600 mov cx,[00046003C] .0045FEEB: B202 mov dl,002 * Possible StringData Ref from Code Obj ->"Thank you for registering." .0045FEED: B878004600 mov eax,000460078 .0045FEF2: E80D63FDFF call .000436204 .0045FEF7: 8D55EC lea edx,[ebp][-0014] Well it was pretty simple to, to change the JE to JNE, this only werked because the program actually put the right # to match you NAme in the REG file so next time you open up RGTIMER it reads the actual correct code! Stupid programmer *HUH* so lets open up HIEW and select RGTIMER and change the JE to JNE, save it and open RGTIMER up, put in your Name & DUMMY code hit "Register Now" *BOYAH* we get our lovely "Thank you for registering." But lets check if it stays registered. Close it and open RGTIMER back up, right click on it and hit ABOUT button....WOOHOO...its still registered, OK thats good right? Of course it is, but we get tired of making PATCHES right? so lets make a REG file to post on your site. Well then lets get cookin, go and open up REGMON and then open up our registered version of RGTIMER. Once RGTIMER loads go back to REGMON and hit your second button in your toolbar which is AUTOSCROLL now scroll up a bit in REGMON till you see HKLM\SOFTWARE\Adaptec\SCSIF01\Reg-name SUCCESS HKLM\SOFTWARE\Adaptec\SCSIF01\Reg-name SUCCESS "Ủ¡¦á" HKLM\SOFTWARE\Adaptec\SCSIF01\Reg-key SUCCESS HKLM\SOFTWARE\Adaptec\SCSIF01\Reg-key SUCCESS "ECB79BBA4EBEA6071041072B8DF2924A" HKLM\SOFTWARE\Adaptec\SCSIF01\Ld SUCCESS 0 0 0 0 80 D8 E1 40 HKLM\SOFTWARE\Adaptec\SCSIF01\Ld SUCCESS 0 0 0 0 80 D8 E1 40 Well Ủ¡¦á and ECB79BBA4EBEA6071041072B8DF2924A will be different, double click on HKLM\SOFTWARE\Adaptec\SCSIF01\Reg-key SUCCESS "ECB79BBA4EBEA6071041072B8DF2924A" and REGEDIT should open up and take you to HKLM\SOFTWARE\Adaptec\SCSIF01\Reg-key so now since thats done in your left hand Menu single click on your SCSIF01 folder then hit Registry up top then EXPORT REGISTRY FILE, export it to wherever you want and save it. So when you post this on your site people will d/l the REG file open it up and it'll be registered, just like a SERIAL :) I tried to go slow and explain what is goin on so that you may be able to apply this knowledge to another program...I hope you found this helpful but if you didnt follow a certain part just E-mail me or ICQ message me with your question....bye for now...L8terz Email xx_piro_xx@hotmail.com ICQ# 38754864 *Greetz to C4A and Bruteforce* db 512 dup (?)