؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟
00000 00000000 0000 0000
377O 00000 J77t 30000000 O7J t7W 000Q 0000 H0000
d00000000 00000 00000000 0000; 0000000000 000 J000 0000
0003 0000 00000 W0000 0000 0000 W0000 00000 000W000
0000 ,0 0000O 0000 c0000 0000000d 0000 0000 c000000 0ZZ 0000
000000 00000 0000000000 0000000 0000 0000U 200000 0000000000
W00000 0000Q 0000 00000 0000 0000 U0000 00000 0000
W 0000 00000 0000d 0000 :0000 00000 0000Q 0000; 00000
0000t 000; 0000St0 0000 3000 00000 0d 0000 0000 t0000 0000Q 0000
000000000 00000000 00000000, 00000000 S000000000 00000 c0000 00000
HZZH 00ZZZZ0 HZWZ 00ZZZZZH 0000 QQ, :0QW0 U0000000000
t077H H0000U
Cracking Tutorial #6:
CrAcKiNG mIRC(R) v5.91 Internet Relay Chat Client
[cracked bY:] sLeEpY؟[FWA/NWA/FTPR8Z] iN 01/2002
[difficulty:] beginner
[where:] http://www.mirc.com
؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟
tOOLz: w32dasm
Hiew or ultraedit 9
Regmon (www.systeminternals.com) -optional
--------------
[Part 1]
--------------
OK, time to reg this program like its been done a million times before
it seems. When will they ever get a better protection system, never probably
because they relize it will be trashed like all the rest of em...
Well first thing to do is open mirc32 and try to reg it, write down your
error message when it doesnt work.
Make 3 copies of mirc32.exe, name one mirc32.W32 and one mirc32.bak
use w32dasm and load up mirc32.exe, check the
SDR (string data reference) for your error message.
Once found double click it and you'll be dropped here:
* Possible blah balh from: "The registration name and number you have entered
do not match.
:004B0BCF
:004B0BD4
:blah blah blah
So we go up cause the code reads down, now we find that this code was called from:
:004B0ACE (only one call so thats kool)
So lets goto the call location 004B0ACE, a conditional jump..
:004B0AC7 E889FBFFFF call 004B0655
:004B0ACC 85C0 test eax, eax
:004B0ACE 0F84B7000000 je 004B0B8B <-jump if reg info is bad
:
:
<continue to happy land good reg code>
hmm... a call and a test, then a jump to the crap, we dont want to jump
into crap so.........
change:
:004B0ACE 0F84B7000000 je 004B0B8B
to nop
:004B0ACE 909090909090 nop
Save and exit with HIEW or whatever, try to register MIRC.
Mirc is regged with any code!, woohoo...
Take a break, drink a beer, have a coffee, water, whatever, im broke so
it sucks right now for me...suppose i shouldnt crack at work..maybe i'll
sell more stuff and make some bonus cash..blah....boring!
--------------
[PART 2]
--------------
Now restart the prog and make sure it stays working.
When you restart it isnt regged anymore..hmm
It makes these keys in the registry, then deletes em after restarting.
That must mean that it checks and validates the code in other places
when it restarts. (you can find these keys with regmon)
------------------------------------------------
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\mIRC]
[HKEY_CURRENT_USER\Software\mIRC\DateUsed]
@="980018610"
[HKEY_CURRENT_USER\Software\mIRC\License]
@="1234567"
[HKEY_CURRENT_USER\Software\mIRC\UserName]
@="sleepy909090909090909090909"
------------------------------------------------
go back to where you nopped it and check the call out above it:
:004B0AC7 E889FBFFFF call 004B0655<--follow this
:004B0ACC 85C0 test eax, eax
:004B0ACE 0F84B7000000 je 004B0B8B (allready nopped)
When we go there scrollup a little bit in w32dasm and you'll see..
:004B07F3, 004B08CD, and 004B0AC7
ok hmm check it out, our routine is called from 3 places total...
:004B07F3, 004B08CD, and 004B0AC7 <--(the one we were at and took care of)
so we goto the first one
:004B07F3
and see what we can see...
:004B07F3 E85DFEFFFF call 004B0655
:004B07F8 85C0 test eax, eax
:004B07FA 7418 je 004B0814
ok this one is more of a educated guess, a call to our routine, test eax
with 0 (i think but im still newbie so i may be wrong), if it equals then
jump to shitty craphole
so we goto the second one
:004B08CD
and see what we can see...
:004B08CD E883FDFFFF call 004B0655
:004B08D2 85C0 test eax, eax
:004B08D4 7445 je 004B091B
:
possible Ref to Menu: MenuID_003C, ITEM: "Register..."
down a few to USER32.DeleteMenu...
(DEAD GIVEAWAY HERE, if the code is correct then it deletes the register
in the drop-down menu, otherwise it jumps over the menudelete and leaves
the register button there, wouldn't it suck to get rid of this and still
have it unregged!)
I'm using ultraedit today because i heard it rocks so if you have HIEW,
use it, you should be far enough along to understand what to do.
For the first one i did a search for:
E85DFEFFFF85C07418
change the 7418 to 9090, nopped serial check call #1
Now to a second search for:
E883FDFFFF85C07445
change 7445 to 9090, nopped serial check call #2
Ok it took my reg info, it doesn't even check to validate numbers anymore either =0P
user: sLeEpY؟_cRacKeD_mE
pass: FUCK OFF
So enter any name and serial you want and it will reg and stay regged.
Another tutorial for you all finished. Now i have 49 mins till my shift is over.
What the hell can i do now...
email me if you are bored: sleepy@linuxwaves.com
._Tutorialz_.
[-------------------------------------------------------------------]
[1. Cracking Cosmi's Generic Installshield Protection ]
[2. CRACKING(?) MATH WORKSHOP 2.0 ]
[3. CrAcKiNG DLSuperCBT Resynchronizing Byte Compare Program ]
[4. CrAcKiNG the nag on DLSuperCBF - Dir Binary File Compare Program]
[5. CrAcKiNG n)0(va crackme v3 (crazy approach) ]
[6. CrAcKiNG mIRC(R) v5.91 Internet Relay Chat Client ]
؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟
gReEtz: MiNioN, GreycZ, KlutCh, KiNgEr, MidNight, FWA, NWA, FTPiRatEz! HAR! BEASTFXP!
؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟
CopyLeft:
s L e E p Y ؟
[all rights reversed]
Boredom causes crackers and babies.
؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟ <DIR> FONTS