--------------------------------------------- How to make a keygen for Axion Glow-n-Sparkle --------------------------------------------- Cracker: stealthFIGHTER Target: Axion Glow-n-Sparkle v2.0 Plug-in for Photoshop Tools: Soft-Ice Delphi Where: http://www.axionfx.com Protection: Name/serial -------------------------------------------------- Sorry for my English, it's not my mother language. -------------------------------------------------- ---------------- ---[ Step 1 ]--- ---------------- ======================================================================= Once your plug-in has been installed run your Photoshop and open some nice :) picture. Go to Filters >> Axion >> Glow-n-Sparkle >> push Register button and fill the input boxes. Switch to SoftICE >> set your fav. breakpoint >> go back and push OK button. SoftICE should pops-up. Trace and trace and trace ... you should be here: ======================================================================= :057A5BD7 LEA ECX,[ESP+2C] :057A5BDB PUSH 1E :057A5BDD PUSH ECX : : : :057A5BF4 CALL 057A5AB0 ;Main keygen and compare routine :057A5BF9 ADD ESP,08 ;??? :057A5BFC TEST EAX,EAX ;Test if EAX = 0 :057A5BFE JZ 057A5C48 ;If EAX = 0 then 'Error' ======================================================================= Enter the CALL 057A5AB0 (:057A5BF4) and trace a bit: ======================================================================= :057A5B04 MOVSX EDX,BYTE PTR [ESI+EAX] ;Move char into EDX :057A5B08 ADD EBP,EDX ;EBP = EBP + EDX :057A5B0A INC EAX ;Increase EAX (counter) :057A5B0B CMP EAX,ECX ;Comp. counter and name length :057A5B0D JL 057A5B04 ;If different > jump back ======================================================================= Here we have 1st part of the keygen routine. We can translate it to Pascal (Important value is in EBP, it is the CheckSum of our name): ======================================================================= for Counter1 := 1 to length(Edit1.text) do begin CheckSum := CheckSum + Ord(Edit1.text[Counter1]); end; ======================================================================= Continue tracing: ======================================================================= :057A5B15 MOV ECX,00000017 ;ECX = $17 :057A5B1A CDQ ;EDX = 0 :057A5B1B IDIV ECX ;EAX = EAX div ECX; EDX = EAX mod ECX :057A5B1D TEST EDX,EDX ;Test if EDX = 0 :057A5B1F JNZ 057A5B28 ;If EDX =0 then >> :057A5B21 ADD EBP,11 ;>> EBP := EBP + $11 ======================================================================= 2nd part of our keygen (The CheckSum is moved into EAX, then it is checked, if [EAX mod $17 = 0], then CheckSum of our name = EBP + $11). Translation: ======================================================================= Division1 := CheckSum mod $17; if Division1 = 0 then begin CheckSum := CheckSum + $11; end; ======================================================================= Trace a bit: ======================================================================= :057A5B3C MOVSX EAX,BYTE PTR [ESI+EDI] ;Move char into EAX :057A5B40 SUB EBP,EAX ;EBP = EBP - EAX :057A5B42 ADD EBX,EBP ;EBX = EBX + EBP :057A5B44 MOV EBP,00000017 ;EBP = $14 :057A5B49 MOV EAX,EBX ;EAX = EBX :057A5B4B CDQ ;EDX = 0 :057A5B4C IDIV EBP ;EAX = EAX div $17 ;EDX = EAX mod $17 :057A5B4E INC ECX ;Increase counter :057A5B4F CMP ECX,0A ;Do this loop 10 times :057A5B52 MOV DL,[EDX+ESP+20] ;DL = EDX + $21 + $20 :057A5B56 MOV [ESI],DL ;[ESI] = [ESI] + DL (string) :057A5B58 JL 057A5B34 ;If ECX < $A then jump back ======================================================================= Last part of our keygen. Translation: ======================================================================= for Counter2 := 1 to 10 do begin Ebp := CheckSum; Ebx := $17; Ebp := Ebp - Ord(Edit1.text[Counter2]); Ebx := Ebx + Ebp; Ebx1 := Ebx1 + Ebx; Division2 := Ebx1 mod $17; Serial := Serial + Chr(Division2 + $21 + $20); end; ======================================================================= So the final keygen should be: ======================================================================= procedure TForm1.Keygen; var Counter1, Counter2, Division1, Division2 : Byte; CheckSum, Ebp, Ebx, Ebx1 : Integer; Serial : String; begin if length(Edit1.text) > 0 then begin Counter1 := 0; Counter2 := 0; CheckSum := 0; Ebp := 0; Ebx := 0; Ebx1 := 0; Serial := ''; Division1 := 0; Division2 := 0; for Counter1 := 1 to length(Edit1.text) do begin CheckSum := CheckSum + Ord(Edit1.text[Counter1]); end; Division1 := CheckSum mod $17; if Division1 = 0 then begin CheckSum := CheckSum + $11; end; for Counter2 := 1 to 10 do begin Ebp := CheckSum; Ebx := $17; Ebp := Ebp - Ord(Edit1.text[Counter2]); Ebx := Ebx + Ebp; Ebx1 := Ebx1 + Ebx; Division2 := Ebx1 mod $17; Serial := Serial + Chr(Division2 + $21 + $20); end; Edit2.Text := Serial; end; end; ======================================================================= If you don't understand then mail me. I'll explain all :) ======================================================================= Any comments or mistakes are welcome at: stealthfighter@another.com or you can visit me:http://nitrous.hop.to or http://stealthfighter.cjb.net =======================================================================