‏؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟‏



               00000              00000000            0000  0000
      377O    00000      J77t    30000000  O7J  t7W   000Q 0000      H0000
   d00000000  00000    00000000  0000;    0000000000  000 J000       0000
   0003 0000 00000   W0000 0000  0000    W0000 00000  000W000
  0000   ,0  0000O   0000 c0000 0000000d 0000  0000  c000000    0ZZ 0000
  000000    00000   0000000000  0000000  0000 0000U  200000   0000000000
    W00000  0000Q   0000       00000    0000  0000   U0000   00000 0000
 W    0000 00000   0000d 0000 :0000    00000 0000Q   0000;  00000
0000t 000; 0000St0 0000 3000  00000 0d 0000  0000   t0000   0000Q  0000
000000000 00000000 00000000, 00000000 S000000000    00000  c0000  00000
  HZZH    00ZZZZ0    HZWZ    00ZZZZZH 0000  QQ,    :0QW0   U0000000000
                                     t077H                  H0000U


Cracking Tutorial #13:
CrAcKiNG EasyType 1.0
[cracked bY:] sLeEpY؟[FWA/NWA/FTPR8Z] iN 03/2002
[difficulty:] beginner
[where:] http://www.davecentral.com/projects/easytype/
	 http://members.tripod.ca/kadelsoft/easytype/easytype.zip
	 http://members.tripod.ca/kadelsoft/easytype/easytype.htm

‏؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟‏

[TOOLZ:] w32dasm 8.93 & HIEW 5 or 6 or whatever.

فàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàف

EasyType 1.0
($15)
EasyType liberates you from the labor of typing it is an add-on to all the editors in
the windows platform, such as UltraEdit, notepad, Microsoft Developer Studio and all
the single-line and multiline standard edit controls.
 Publisher: Shanfeng Cheng
 Project Homepage for EasyType
 Download Size (0.42 M)

Language :: C/C++
Platform :: Windows 95/98/Windows NT 4.0/Windows 2000
Price :: Between $10 and $40

فàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàلâمنهàف

HELLO AGAIN FROM MY JOB AT WORK THAT IS HELL AND BORING.

today im cracking easytype 1.0, so i run the prog and get a NAG asking me for the
serial and other crap, so what the hell, i hate that, lets get rid of it. 
Here is our error msg on entering the wrong nag...Bad serial number!
(make your 3 copies and disassemble the w32)

Bad serial number! (2 locations)
:00403CB7
&
:00403CE1

Thank you for purchasing easy type. (1 location)
:004038F4

Well the 2 "Bad serial number!" msgs are in line, the first is right past the second
so we can get past these by modifing 2 places:

MODIFY IN HIEW!
change :00403CB1 from jge to jmp, offset 3CB1
change :00403CDD from jne to jmp, offset 3CDD

this cracks the registration routine! Now we can enter any name and it registers.
but on restart its uncracked again =0( and I see that F'n NAG.

obviously it checks the registry...(REGMON will tell ya where)
HKEY_LOCAL_MACHINE\SOFTWARE\ETConfig\ExtraData
in there is username and value0 and value1
looks like our information, dont alter it though or this prog gets mad....

Back to w32dasm!
At the start of the prog write down everything that is in the nag box.
Do a search in windasm for those words and you should find some interesting stuff.
well i've been checking dialogs and this time its:
DialogID_0092, # of controls=005, Caption:"dialog", Classname:""
this is our nag popup name, the one at the beginning.
Lets just wipe it out instead of regging the prog because there is on disabled
features anyway so who cares.

that dialog drops us here in w32dasm (you can see the dialog number under "DLG REF"
button in w32dasm.
:00403D08
so lets trace the code up a bit to see where this particular code is called from!

* Referenced by a CALL at Address:
|:00402551

Well lets go to that address and try to figure out whats going on.
So click on "goto" at the top, then select "code location" and type in 00402551.
This puts us here:
:00402551 E8AA170000			call 00403D00

Now im going to open up some code a bit so you can see whats going on.

:0040253B 7557				jne 00402594 <-jump if registered
:0040253D 8D442418			lea eax, dword ptr [esp+18]
:00402541 8BCD				mov ecx, ebp
:00402543 50				push eax
:00402544 E807110000			call 00403650
:00402549 53				push ebx
:0040254A 8d8c248c000000		lea ecx, dword ptr [esp+0000008C]
:00402551 E8AA170000			call 00403D00 <-call stratup nag

So this mag is cracked by simply changing a jne to jmp so it always jumps.
CHANGE THIS:
:0040253B 7557				jne 00402594
TO THIS:
:0040253B EB57				jmp 00402594
The offset in HIEW is 253B

Now run the prog and no more nag, its still unregisterd but who cares really. 
There is no limitations, and it keeps running after 30 days, i set the date ahead
2 years and it still started. 

؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟

email me if you are bored: sleepy@linuxwaves.com

                           ._Tutorialz_.
[--------------------------------------------------------------------]
[ 1. Cracking Cosmi's Generic Installshield Protection               ]
[ 2. CRACKING(?) MATH WORKSHOP 2.0                                   ]
[ 3. CrAcKiNG DLSuperCBT Resynchronizing Byte Compare Program        ]
[ 4. CrAcKiNG the nag on DLSuperCBF - Dir Binary File Compare Program]
[ 5. CrAcKiNG n)0(va crackme v3 (crazy approach)                     ]
[ 6. CrAcKiNG mIRC(R) v5.91 Internet Relay Chat Client               ]
[ 7. CrAcKiNG Actionizer 1.4                                         ]
[ 8. CrAcKiNG Tag Wizard 4.3.0                                       ]
[ 9. CrAcKiNG Freecell for Win2k and WinXP                           ]
[10. CrAcKiNG Netrace 1.0a                                           ]
[11. CrAcKiNG Winrar 3 Beta 2 THROUGHLY                              ]
[12. CrAcKiNG Aditor Pro 3.05 build 1                                ]
[13. CrAcKiNG EasyType 1.0                                           ]
؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟

gReEtz: MiNioN, GreycZ, KlutCh, KiNgEr, MidNight, FWA, NWA, FTPiRatEz! HAR! BEASTFXP!

؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟

CopyLeft:
                              __        ______  __  __ _
                        _____/ /  ___  / ____/__\ \/ /(_)
                       / ___/ /  / _ \/ __/ / __ \  // /
                      (__  ) /__/  __/ /___/ /_/ / / _/_
                     /____/_____|___/_____/ .___/_/\___/
                                         /_/

	                   [all rights reversed]
                     Boredom causes crackers and babies.

؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟