þ¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿þ 00000 00000000 0000 0000 377O 00000 J77t 30000000 O7J t7W 000Q 0000 H0000 d00000000 00000 00000000 0000; 0000000000 000 J000 0000 0003 0000 00000 W0000 0000 0000 W0000 00000 000W000 0000 ,0 0000O 0000 c0000 0000000d 0000 0000 c000000 0ZZ 0000 000000 00000 0000000000 0000000 0000 0000U 200000 0000000000 W00000 0000Q 0000 00000 0000 0000 U0000 00000 0000 W 0000 00000 0000d 0000 :0000 00000 0000Q 0000; 00000 0000t 000; 0000St0 0000 3000 00000 0d 0000 0000 t0000 0000Q 0000 000000000 00000000 00000000, 00000000 S000000000 00000 c0000 00000 HZZH 00ZZZZ0 HZWZ 00ZZZZZH 0000 QQ, :0QW0 U0000000000 t077H H0000U Cracking Tutorial #13: CrAcKiNG EasyType 1.0 [cracked bY:] sLeEpY¿[FWA/NWA/FTPR8Z] iN 03/2002 [difficulty:] beginner [where:] http://www.davecentral.com/projects/easytype/ http://members.tripod.ca/kadelsoft/easytype/easytype.zip http://members.tripod.ca/kadelsoft/easytype/easytype.htm þ¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿þ [TOOLZ:] w32dasm 8.93 & HIEW 5 or 6 or whatever. ÝàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàÝ EasyType 1.0 ($15) EasyType liberates you from the labor of typing it is an add-on to all the editors in the windows platform, such as UltraEdit, notepad, Microsoft Developer Studio and all the single-line and multiline standard edit controls. Publisher: Shanfeng Cheng Project Homepage for EasyType Download Size (0.42 M) Language :: C/C++ Platform :: Windows 95/98/Windows NT 4.0/Windows 2000 Price :: Between $10 and $40 ÝàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàáâãäåàÝ HELLO AGAIN FROM MY JOB AT WORK THAT IS HELL AND BORING. today im cracking easytype 1.0, so i run the prog and get a NAG asking me for the serial and other crap, so what the hell, i hate that, lets get rid of it. Here is our error msg on entering the wrong nag...Bad serial number! (make your 3 copies and disassemble the w32) Bad serial number! (2 locations) :00403CB7 & :00403CE1 Thank you for purchasing easy type. (1 location) :004038F4 Well the 2 "Bad serial number!" msgs are in line, the first is right past the second so we can get past these by modifing 2 places: MODIFY IN HIEW! change :00403CB1 from jge to jmp, offset 3CB1 change :00403CDD from jne to jmp, offset 3CDD this cracks the registration routine! Now we can enter any name and it registers. but on restart its uncracked again =0( and I see that F'n NAG. obviously it checks the registry...(REGMON will tell ya where) HKEY_LOCAL_MACHINE\SOFTWARE\ETConfig\ExtraData in there is username and value0 and value1 looks like our information, dont alter it though or this prog gets mad.... Back to w32dasm! At the start of the prog write down everything that is in the nag box. Do a search in windasm for those words and you should find some interesting stuff. well i've been checking dialogs and this time its: DialogID_0092, # of controls=005, Caption:"dialog", Classname:"" this is our nag popup name, the one at the beginning. Lets just wipe it out instead of regging the prog because there is on disabled features anyway so who cares. that dialog drops us here in w32dasm (you can see the dialog number under "DLG REF" button in w32dasm. :00403D08 so lets trace the code up a bit to see where this particular code is called from! * Referenced by a CALL at Address: |:00402551 Well lets go to that address and try to figure out whats going on. So click on "goto" at the top, then select "code location" and type in 00402551. This puts us here: :00402551 E8AA170000 call 00403D00 Now im going to open up some code a bit so you can see whats going on. :0040253B 7557 jne 00402594 <-jump if registered :0040253D 8D442418 lea eax, dword ptr [esp+18] :00402541 8BCD mov ecx, ebp :00402543 50 push eax :00402544 E807110000 call 00403650 :00402549 53 push ebx :0040254A 8d8c248c000000 lea ecx, dword ptr [esp+0000008C] :00402551 E8AA170000 call 00403D00 <-call stratup nag So this mag is cracked by simply changing a jne to jmp so it always jumps. CHANGE THIS: :0040253B 7557 jne 00402594 TO THIS: :0040253B EB57 jmp 00402594 The offset in HIEW is 253B Now run the prog and no more nag, its still unregisterd but who cares really. There is no limitations, and it keeps running after 30 days, i set the date ahead 2 years and it still started. ¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿ email me if you are bored: sleepy@linuxwaves.com ._Tutorialz_. [--------------------------------------------------------------------] [ 1. Cracking Cosmi's Generic Installshield Protection ] [ 2. CRACKING(?) MATH WORKSHOP 2.0 ] [ 3. CrAcKiNG DLSuperCBT Resynchronizing Byte Compare Program ] [ 4. CrAcKiNG the nag on DLSuperCBF - Dir Binary File Compare Program] [ 5. CrAcKiNG n)0(va crackme v3 (crazy approach) ] [ 6. CrAcKiNG mIRC(R) v5.91 Internet Relay Chat Client ] [ 7. CrAcKiNG Actionizer 1.4 ] [ 8. CrAcKiNG Tag Wizard 4.3.0 ] [ 9. CrAcKiNG Freecell for Win2k and WinXP ] [10. CrAcKiNG Netrace 1.0a ] [11. CrAcKiNG Winrar 3 Beta 2 THROUGHLY ] [12. CrAcKiNG Aditor Pro 3.05 build 1 ] [13. CrAcKiNG EasyType 1.0 ] ¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿ gReEtz: MiNioN, GreycZ, KlutCh, KiNgEr, MidNight, FWA, NWA, FTPiRatEz! HAR! BEASTFXP! ¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿ CopyLeft: __ ______ __ __ _ _____/ / ___ / ____/__\ \/ /(_) / ___/ / / _ \/ __/ / __ \ // / (__ ) /__/ __/ /___/ /_/ / / _/_ /____/_____|___/_____/ .___/_/\___/ /_/ [all rights reversed] Boredom causes crackers and babies. ¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿¿