## Incoming transmision...... ## hOW tO cRACK tWEAKI ... fOR pOWER uSERS v 2.6.0 ! ---------------------------------------------------------------------------------------- ## Tools that you will need: ## -- W32dasm patched with SDR Enabler for VB apps by _duelist ## -- Hiew or any other hexeditor ## -- A little spare time ---------------------------------------------------------------------------------------- ##dISCLAIMER ~~~~~~~~~ THIS IS FOR EDUCATIONAL PURPOSE ONLY . I'LL NOT BE BLAMED FOR A MIS-USE OF THIS MATERIAL. ~~~~~~~~~ One more thing to know....this is my first tutorial, hopefully more will come.. Ah, and please forgive me for the mistakes that you may see in this tutorial. Ok..first, make a copy of the file tweaki.exe. Disassemble the copy of the tweaki.exe. Run the program and go to the Options | About and try to enter a name and a serial number, a messagebox will pop out : "The registration number entered is invalid. Please check your number and try again" This is good, now you know what you will look for...in w32dasm, after you disassembled the file press ALT+S+F and enter the string, within that messagebox you saw when you entered a false registration number, in order to search it.You will see this: * Possible StringData Ref from Code Obj ->"The registration number entered " ->"is invalid. Please check your " ->"number and try again." :004FB3E3 C7853CFFFFFF08C34600 mov dword ptr [ebp+FFFFFF3C], 0046C308 :004FB3ED C78534FFFFFF08000000 mov dword ptr [ebp+FFFFFF34], 00000008 ------------- Now roll up until you will find this: * Referenced by a (U)nconditional or (C)oncditional Jump at Address: |:004FB29B(U) :004FB2A7 A144C15A00 mov eax, dword ptr [005AC144] :004FB2AC 50 push eax * Possible StringData Ref from Code Obj ->"INVALID_NUMBER" ----------- Ok...now press SHIFT+F12 in order to enter that referenced address, 004FB29B. After that roll up untill you will find this: * Reference To: MSVBVM60.__vbaFreeVarList, Ord:0000h :004FB129 FF15F8104000 Call dword ptr [004010F8] :004FB12F 83C40C add esp, 0000000C :004FB132 0FBF85E4FEFFFF movsx eax, word ptr [ebp+FFFFFEE4] :004FB139 85C0 test eax, eax :004FB13B 0F84A4030000 je 004FB4E5 <-- Here you must change :004FB141 833DE8C25A0000 cmp dword ptr [005AC2E8], 00000000 :004FB148 751C jne 004FB166 :004FB14A 68E8C25A00 push 005AC2E8 :004FB14F 68B4AB4300 push 0043ABB4 ------------ You must change the "jne 004FB4E5" into "jmp 004FB4E5". By doing this the program will always "think" that you entered a good serial number no matter you will enter. Ok...now that you know what byte to change open the tweaki.exe and search the address 004FB13B and change the 0F84A4030000 into E9A5030000...if you r using hiew press F3 and the F2 and change the je into jmp and then F9 and then exit. Now run the program and enter whatever name and serial you want and press register.Congratulations, the program is registered. Easy, huh? ## Transmision ended.............. Date: Sunday, 08.04.2000 Comments or whatever at this address ---> WiShMakEr_Rulez@yahoo.com -----------------------------------------------------------------------------------------------------------------------------------------------------------