How to crack Win-eXpose-Registry v1.00
by NiKai

How to crack Win-eXpose-Registry v1.00

I think it's one of the easiest protections i have ever seen.

Win-eXpose-Registry is a Registry-Tool such as RegMon and
RegSnap which with you can observe accesses to the Registry.
(Excuse my bad English).

Location: search the net (i.e. wxr95-10.zip / 1.153 MB)

Tools needed:

SoftIce 3.01

My first attempt was disassembling the prog with W32dasm89. Wow!!!
W32dasm crashes. I thought: "oops the prog has anti-debugging-tricks".
My next attempt was live cracking with SoftIce. I filled the
registration form and tried to get the serial number with

BPX hmemcpy

No chance the algorithm was too heavy for me (I have no much skills at
getting serials). So i noted the message "Wrong Password" and set a
breakpoint on MessageBoxA:

Ctrl-D (to get in SoftIce)
BPX MessageBoxA
Ctrl-D (to get back in SoftIce)

I filled again the Registration form and pressed OK.
SoftIce pops up in the User32!MessageBoxA. Then F12, OK in the
MessageBox and SoftIce popped up again in User32!MessageBoxA.
Again F12 and i got this:

137:4025A3  Call User32!MessageBoxA
137:4025A9  Mov Byte Ptr [EBP-04],00    * we landed here

I scrolled the window up with CTRL-Cursor-UP and saw this:

137:4024F9 JZ 004025CE

a lot of pushes, movs and calls

137:4025A3  Call User32!MessageBoxA
137:4025A9  Mov Byte Ptr [EBP-04],00 (You remember?)----^

I set a

BPX 4024F9

and filled again the Registration form etc.

SoftIce popped up at location 4024F9. I change the JZ in JNZ and
voila the prog was registered. You have nothing to do now. The WXR95.INI
was written and that was it. Ende aus Nikolaus.

Nikai