=======
Program Name: Expeditor
     Version: generic (as of May 2000)
  Programmer: Jok3r <Jok3r@gha.zzn.com>
      WHERE?: Http://superwin.com
       Tools: W32DASM 8.93 | Hacker's View 6.16
Tutorial No.: 31
========

1.      Ok, try to register the program. *BOOM*
        'WARNING - Incorrect Key Entered'
        Mhmm, seems that we have found a bug, lets fix it!
        (Kinda like the last program... [Winrescue98])

        Load the Program into W32Dasm and search in the SDR for the string.



* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0043E0D2(C)  <-- here we go
|

* Possible StringData Ref from Code Obj ->"WARNING - Incorrect Key Entered"
                                  |
:004E3151 B89CE24300              mov eax, 0043E29C
:004E3156 E85529FFFF              call 00430AB0


2.      OK, go to 0043E0D2


* Possible StringData Ref from Code Obj ->"E3rD64aI09y2E84G" <--hmmm? ;)
                                  |
:0043E0CD BAFCE14300              mov edx, 0043E1FC
:0043E0C8 E8DA54FCFF              call 004035AC
:0043E0D2 757D                    jne 0043E151 <-- badboy ['killa']

* Possible StringData Ref from Code Obj ->"Registration Key Accepted"
                                  |
:0043E145 B85CE24300              mov eax, 0043E25C
:0043E14A E86129FFFF              call 430AB0
:0043E14F EB14                    jmp 0043E165


3.      Mhmm, 'E3rD64aI09y2E84G' what could this be *g*.
        You could also NOP at address 00439D2 (Offset 003D4D2).
        Why...You've just saved yourself $29 bucks....
        
[ DONE! ]

once again, you have saved money and time (sort of). hey, that's the 2nd 
'SUPERWIN' program we've cracked so far...yeah. hi'z to my peepz in LA, 
OAKLAND, and ('can ya here me?') Compton ... 
from da only place to be...california

--
jok3r <jok3r@gha.zzn.com>
jok3r.cjb.net -- all my tutorials plus more

'cuz i wuz b0rn straight out of da streetz of compton'
:00401506 833DC0CC460000          cmp dword ptr [0046CCC0], 00000000