Name : WinRescue 98 Version : 4.16 Editor : Super Win Software Target : Rescue98.exe Tools : Softice Brain Cracker : LW2000 Tutorial : No.53 http://superwin.com/ --- DISCLAIMER For educational purposes only! I hold no responsibility of the mis-used of this material! --- 1. Ok, try to register the program. *BOOM* 'WARNING - Incorrect Key Entered' Mhmm, seems that we have found a bug, lets fix it! Load the Program into W32Dasm and search in the SDR for the string. * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:0046A422(C) <-- here we go | * Possible StringData Ref from Code Obj ->"WARNING - Incorrect Key Entered" | :0046A451 B84CA54600 mov eax, 0046A54C :0046A456 E84940FDFF call 0043E4A4 :0046A45B A14CAA4900 mov eax, dword ptr [0049AA4C] :0046A460 8B00 mov eax, dword ptr [eax] :0046A462 E89961FCFF call 00430600 2. OK, go to 0046A422. * Possible StringData Ref from Code Obj ->"SvetCHRISTA" | :0046A416 B8F8A44600 mov eax, 0046A4F8 :0046A41B E8949BF9FF call 00403FB4 :0046A420 85C0 test eax, eax :0046A422 742D je 0046A451 <-- Bad Boy :0046A424 33D2 xor edx, edx :0046A426 8B83F4010000 mov eax, dword ptr [ebx+000001F4] :0046A42C E82B60FBFF call 0042045C * Possible StringData Ref from Code Obj ->"Registration Key Accepted" | :0046A431 B80CA54600 mov eax, 0046A50C :0046A436 E86940FDFF call 0043E4A4 :0046A43B A1F8AA4900 mov eax, dword ptr [0049AAF8] :0046A440 8B00 mov eax, dword ptr [eax] :0046A442 8B8014020000 mov eax, dword ptr [eax+00000214] :0046A448 C7400C64000000 mov [eax+0C], 00000064 :0046A44F EB16 jmp 0046A467 3. Mhmm, 'SvetCHRISTA' what could this be *g*. Another plaintext coded serial... Try the serial or patch the program by NOPing the je at :0046A422. Congratulation! You are a registered user. FINISH! Easy, or? cu LW2000 Any comments? Mail me LW2000@gmx.net or go to http://www.LW2000.cjb.net ---- tKC, thx for your tutors! I started with tutor 1 and i still read them... they are the best!