=======================================================================
Target: WinRAR 2.71
Where:  http://rarsoft.com/
Tools:  w32dasm 8.9x, any hex editor
=======================================================================
Hi crackers!
This time the target is WinRAR 2.71 (the last version).
Winrar let's you pack files in .rar format, the best compression ratio,
better than .zip and .ace
The program has a time limit trial period: 40 days.
Passed these days, when U open a file a message shows saying:
"Please register" and must be closed before go on.
Now U'll see how remove this little nag.

1) Remember what the nag says: "Please register"
2) Open w32asm, dissamble WinRAR.exe, and search "Please register".
3) Do you found it? Good. And U note it's a Control, which name is
   "REMINDER"
4) Again search, now for "REMINDER". And you're here:

* Possible StringData Ref from Data Obj ->"REMINDER"
                                  |
:00401544 68E73B4600              push 00463BE7
:00401549 8B0D20CC4600            mov ecx, dword ptr [0046CC20]
:0040154F 51                      push ecx

5) Nothing, but scroll up a bit and U see:

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00401529(C)
|
:0040152F C6057430460001          mov byte ptr [00463074], 01
:00401536 6A00                    push 00000000
:00401538 68A8BA4000              push 0040BAA8
:0040153D 8B1524B94600            mov edx, dword ptr [0046B924]
:00401543 52                      push edx

* Possible StringData Ref from Data Obj ->"REMINDER"
                                  |
:00401544 68E73B4600              push 00463BE7
:00401549 8B0D20CC4600            mov ecx, dword ptr [0046CC20]
:0040154F 51                      push ecx

6) Hey! The REMINDER message is referenced by a jump at :00401529
   Again scroll up a bit until :00401529 and you find:

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004011B2(C)
|
:00401506 833DC0CC460000          cmp dword ptr [0046CCC0], 00000000
:0040150D 7546                    jne 00401555
:0040150F 803D7430460000          cmp byte ptr [00463074], 00
:00401516 753D                    jne 00401555
:00401518 803DCC6C460000          cmp byte ptr [00466CCC], 00
:0040151F 7534                    jne 00401555
:00401521 A1A8F54600              mov eax, dword ptr [0046F5A8]
:00401526 83F828                  cmp eax, 00000028
:00401529 7F04                    jg 0040152F            ----->    HERE
:0040152B 85C0                    test eax, eax
:0040152D 7D26                    jge 00401555

7) There's the jg (jump if greater). Only U must do is nop this jump.
   Open the file with your favorite hex editor, in hex mode search
   7F04 and change to 9090
   Here u go, no more nags!

=======================================================================
                               Contact
                          matias921@come.to
=======================================================================		   ..::Jok3r [Global Hacking Alliance]::..