http://tntcrack.tsx.org | http://tntcrack.da.ru  
  [MACROMEDIA'S PRODUCTZ Tutor by DzA kRAker]  
  [Tutor Layout by XASX]  
Date 17 September/1999
Cracker DzA kRAker
   
Appz MACROMEDIA'S PRODUCTZ
Description Macromedia Corporation Software
Type Demo Version.
Protection Scheme Restrictions and UseLimit.
Appz URL http://www.macromedia.com
Crack URL .
Tools softice / win32dasm v8.9 / hex editor
Introduction

I installed this macromedia dreamweaver v2.1 from my favorite cd-rom magazine.
This was a fully functional product with just a nag and a time limit...I was sure that this prog wil be a real f@cka but i was wrong...cracked in less than 20 minutes (a good time i think)and discovered later that most of macromedia's products use this stupid protection.
 
Cracking Tutor

Run the prog-a stupid nag appears giving u three choices:
exit/be a lamer and buy/be a lamer and use a trial prog...so if u r not a lamer u choose exit.
Now let's remove that stupid nag... when the nag pops press ctrl+d 2 enter softice , now press HWND (DON'T PRESS EXIT) 2 see the window handles...u should see:

Window Handle hQueue SZ QOwner Class Name Window Proc.
------------- ------ -- ------ --------------- ------------
xxxxx xx xx dreamweav xxxx(dialog) xxxx:xxxxxxxx
xxxxx xx xx dreamweav xxxx(button) xxxx:xxxxxxxx
xxxxx xx xx dreamweav xxxx(button) xxxx:xxxxxxxx
xxxxx xx xx dreamweav xxxx(button) xxxx:xxxxxxxx

NOTE:i replaced my values with x , because almost all the values are changing....those buttons r the buttons of the nag.
Let's makeSoft-iCE break when the nag is destroyed..how we do this? We will need the window handle (in my case 075c) and using bmsg (breakpoint on windows message) u type: bmsg <your window handle without the (x) at end> wm_destroy now leave softice with ctrl+d or whatever...

Press exit and u should be in softice press f11 once and then f12 several times until u r in dreamweaver.exe.
Now let's see who called our nag...press ctrl+up until u see a jnz , jz or any conditional jump ...put a breakpoint on every conditional jump u see (jnz,jz,jle...) i always put 3-4 breakpoints...just 2 make sure..
Before puting any breakpoints u should disble the bmsg so u enter "b *".
U have set your breakpoints? Ok , now exit softice and dreamweaver.. If u have correctly put your breakpoints (4-5 only in up!) u should be in softice before that nag appears (that's very good 4 us) Now enter "a" so u can temporarly modify the assembly commands..reverse now try 2 reverse the jump that u have brekpointed 2 see if the nag dissapears...press ctrl+d.. SHIT! it sayz "break due 2 general protection fault" very suspicios .... hmm..
press r to return to softice and do 3 nops (with same "a")and remember that adress (we will use it later in win32dasm)
exit softice...works..no!? another "break due ..." let's do 3 nops here 2 (and write down the adress) exit softice , kewl! works!and no nag(if so then write down the adress of yer reversed jump)!
Now let's think a little...what this motha fucka really does? Well, u will notice that no mather what change u do there will be a general protection fault at the same 2 adresses (really stupid).

So we dissasemble dreamweave.exe.
Now look at those adresses that u have taken from softice and do a search in win32dasm (search/find text) 4 those adresses...now do the same thing u have done in softice (3 nops) bla..bla...(i will not explain here how 2 use hexeditor'z ...win32dasm...etc- i hope u know that already and if u don't read another tut...).
Search also for the address of the cjump u reversed a and reverse that in yer hex editor.. Now modify yer sys date 2 see what happens...another ugly nag pops, but the program runs without pressing the try button of the nag... If u wannt 2 do a clean crack u should remove that nag 2 using the same cracking trick, or by puting a breakpoint on getsystemtime blablablabla..

Macromedia Dreamweaver v2.1 cracked... contact me on efnet at #cracking4newbies

See u in next tutorial...