                 
                           The Knowledge Never Stops!
1999                  --------------------------------------     Friday 13th
----                  Written By The Newbie Lover ByteBurn       -----------
                      --------------------------------------

Where To Get The Shit Software
------------------------------
Ok i think you dont know where to get the software youll need...
Just search on these urls forem:
http://surf.to/harvestr
http://msjessca.cjb.net (maybe www.msjessca.cjb.net dunno exactly)
http://www.elitetoplist.com (many urls i am sure youll find at one)
http://www.crackstore.com (you can get here hiew and wdasm i think)
Introduction
------------
INFO
---------------------------------------------------------------------------------------------------
The best is,when you paste the half of this text into another editor and
save it into two files..coz then you can read it under an editor..thats better
to read the ascii-code in this tutorial..under another thing like:
wordpad or something you wont recognize what i wrote..coz it has the wrong
font..or just select the editor font..i think its something like: system or so..
just try it out..but better paste the half of the text into another edit window
and save it..enjoy it..
----------------------------------------------------------------------------------------------------
A long time passes since my last tutorial attemptions.
But i can promise you,that this tutorial youre readind now,will kick ya ass.
Why i am writting this tutorial?If i am true,i am the lazyest dude in earth.
I hate work,no matter in which section,I HATE IT!I would like if i can do
nothing but become the best :P.Now i know,that this isnt very easy to realize,
so i must hook my damn lazy ass up and practice some work.So i am here to
give you some advice in how to crack and other neet things.
Ahh well,i would never start this damn tutor if there wasnt several things:
Yates (ECLiPSE memba) nagging me to write a tut for his tutor progi
AB4DS (Execution memba) nagging me to write a tut for his tutor progi
678 mails in box nagging to write a tut for them. 
And coz i am in holiday for 3weeks now,and i got a portable pc (386/20mhz 
with orange screen 20kg laptop),ill write a tutorial.

Lets start
----------
Ok at first let us go to WDasm...ehhh annoying...
WDasm?WDASM!The Windows Disassembler.
What we can do with it?
Kill Trial Periods (like 30days),Nag-Screens (hello,your trial expiered!
Please purchase the full version now!),CD-Checks (hmm it seems you havent
the damn original cd in drive!Byebye),Enter random serial to unlock shareware
(Name:GOD Serial:DONT FUCK WITH GOD ---> "Thanks for purchasing this program")
And some other things...
Ok let us start at the cd-check...

The Cd-Check
------------
Ok youve a game brought by a friend.You want to play it without the damn cd.
Ok you install the game with the biggest installation option and start the
game without cd.Now a little message box will pop-up telling you something
like this "CD Not Found,Please Insert The Original CD Into Drive".
I suppose thats not what you want?Not?Heh ok just go to your dealer and buy
the full version.Not?DAMN!So i must teach you how to disable that...ok ok...
You know the error msg now..ok thats fine.Just remember it.
Now make an copy of your start exe (if youre starting the game with an exe
called "gsc.exe" then make an copy called "gsc.w32") called nameofexe.w32.
Why were doing that?Very easy!Nobody is 100% perfect,if youre making later
in patching the exe an error you can overwrite the broken exe with the w32 one
and also can use the w32 file in wdasm without disassembling it every time you
want to patch it.So now go to wdasm.At wdasm goto "Disassembler/File to 
disassemble" and doubleclick at the ***.w32 file.
*******THE DISASSEMBLING PROCESS**********
Ok the disassembling process is now running.How long itll take?
A little example:
My machine is an K6 II-400,128mb sd-ram,9ms hd.A file with an size of 900kb
will take about 40-70 secs until disassembled.
Now if youre using an p-133,16 edo-ram,17ms hd,a file of the same size will
take about 2-3mins (it was at my old system so...).
********THE DISASSEMBLING PROCESS**********
Ok the file is disassembled.Hmm does your screen looks like weird wingdings 
shit font?No problem.Goto "Disassembler/Font/Select Font" and chose a font 
like "arial,system..."..ahh the screen looks much better,but goto 
"Disassembler/Font/Save Font" to save your current font or at the next start
youve to do the shit again.Ok let us find the error message now...
Click on the String Date References button (SDR),its the one left to the
print button at the upper right corner of the screen.After you clicked on
it,a little screen will pop-up.It contains most messages youll recieve while
running the program,and more.Now scroll through the text and look out for the
error message we got at starting the progi without cd.Got it?Ok simple
doubleclick on the line.Youll now be warped to the place in asm at the main
window of wdasm.
********INTROLUCE*******
***ByteBurn looks into the mirror...
"Baby if you would know how very pretty i look like,you would never ask me 
for an tutor again but for my tel number!I promise you!
Eheheh i love myself muahah i am so pretty!"
********INTROULCE*******
Ok were now at the main screen.What now?Its easy...its like if youre reading
a book.You start at the first page and finished it at the last one.
Its like here.Scroll up a bit.You can see the error message right?Ok...
Now you need to know how it works that you recieve the error message at your
screen when the cd isnt in drive:
There are comands doing that,theyre pushing values,and calling check
procedures...some asm knowledge at first --->

ASM       WHAT DOES IT MEAN
---------------------------
jne       jump if not equal
je        jump if equal
jmp       jump directly to
nop       no operation
ja        jump if above
jna       jump if not above
jae       jump if above or equal
jnae      jump if not above or equal
jb        jump if below
jnb       jump if not below
jbe       jump if below or equal
jnbe      jump if not below or equal
jg        jump if greater
jng       jump if not greater
jge       jump if greater or equal
jnge      jump if not greater or equal
jl        jump if less
jnl       jump if not less
jle       jump if less or equal
jnle      jump if not less or equal

Ok that was a little bit of asm youll need it.But how the error message comes?
Simple...something checks if cd is in drive,if it is,then jump to the continous
phase,if not,then jump to the error message phase.What we can do now?
We can disable the thing which is calling the check (nop it),we can patch 
it,that the checker things theres always a cd in drive,we can patch it,that
the checker knows there isnt a cd in drive but will still jump to the continous
phase (itll jump over the error message phase)...ok many things we can do now.
Ill show you all.Ok well start at disable the thing which is calling the 
check.Well nop the call.Were damn fucked up now,coz i dont have wdasm or any
example progi on this slow pc,i am writing everything from my head..but ill 
try to show you.Ok let us think youre at the wdasm window,you scroll up over
the error message and you can see things like: call,jne,je,push...ok now
the call over the error message is the one well nop (its not everytime the 
first one over the error msg but for this task well think its him).
Ok place the bar at it,you can see how the bar is changin its color to green.
Gr8 now look at the bottem of the screen.You can see the long line?Look at the
end of the line contains the letters:@offset:05678h .....blabla....
ok its our number we need for patching it.Write the number down wihtout the h
at the end (means youve to write only the number:05678 down).
Start your hiew now,at hiew click on the real exe (e.G.:gsc.exe).
Youre now at the hiew screen and cant realy recognize what the hell the prog
is showing you.Simply press F4 and chose "decode" from the small window.
Ahh well good..looks better in asm.Now press F5 and enter the number you wrote
down b4 (in our case:05678) and press enter.Ok youre now at the place,press
F3 to edit the lines.You can see now the call and the number.How many does it
have?Just remember,that every two numbers representing one byte.That means:
0000000000 <--- this number would be 5bytes.Just change the number into
9090909090 <--- nop the call.Dont panic if the line jumps down after you
pressed 90 just continous entering four more 90s.Ok press F9 to save your work
and then F10 to leave.Remember that when you press F3 to edit the file and you
recieve an message from hiew like this one:"only read-mode"...then you dumb did
not create an copy called ***.w32 and disassembled that one but disassembled
the original exe.And coz youre running the original exe in wdasm,you cant
run it also in hiew to edit it!Why do you think i am writing all the stuff here?
Coz ive nothing to do or what!?!(ok ive nothing to do but you can follow my
steps or?).Ok you patched it and everything is fine.You can run the game
now without cd.If it works ok..if not..shit,lets try another way.
In some kinds the progi realize it when you nop its comands and then it wont
work.So let us change the file so the checker everytime thinks theres always
a cd in drive.For that kind of patching well set eax on 1,that means if cd
in drive eax is on 1 and if not,eax is 0.So place your bar at the call again
and write down the offset number.Goto hiew do everything how i told you before
and now at the editing part do that:just remembered that every two numbers are
one byte?Ok now change the number to:B801000000 <--- is for an 5bytes long 
call.Ok eax is now on 1.Save it and run the game without cd.Does it works?Fine
if not,shit,let us try another way.Ok let us change the file so it jumps
also if the check was false (no cd in drive).Also in this kind of patching
look up over the error msg in wdasm.Search for the jne/je comands over the
error msg.Got it?Ok write down the offset number go to hiew..bla...bla..
ok youre now at the edit part?Gr8..youve an number like 7509 or 0f85998800
(that are only examples,just remember that jne is 75.. or 0f85....)or an number
like 7408 or 0f84990099 (that is also only an example,just remember that je is
74.. or 0f84...)ok let us change the number if it is 7409 to 7509 (we change 
je to jne)or if its 0f84999999 change it to 0f85999999 (we also changed je to
jne) or if its 7509 change it to 7409 (we changed jne to je) or if its
0f84999999 then change it to 0f85999999 (we also changed jne to je),save the
work and start the game,it has to work now.If not its pretty fucked up and i 
show you one more way...just go to your wdasm screen and search at the main
wdasm screen for the line: getdrivetypea (or do a search for it).Found it?Gr8!
Just look around it...can you see a call?Yeah..and a cmp (compare) with an 
number like 000005 ??? hehe ok thats it. cmp00005 (example) stand for cd-rom
that means the prog is reading anything from cd-rom.You must edit the line
and make an cmp00003 of it,that stands for HD.That means itll read from hd.
Ok you passed the most used ways...of cd-check cracking...Ill show you now
how to pass the serial,nag-screen,time period shit...but at first i am going
to sleep a round...cya tomorrow dude/dudette...zZZZzzz...
Ok a new day starts and i am cming right from the beach,i earned some sun
and my sexy body is getting more of brown color heheh :P.
Where did we stop yesterday..ahh ok let us continous with the serial thing.

The Serial Number
-----------------
Let us think youve an program which is shareware and you must enter a valid
serial number to unlock it.Ok just enter any name/serial whatever and press
ok button.Hmm also here weve several ways how to attack the protection.
On some progs youll recieve an error message like:"sorry the serial you entered
is not valid",or something like that.Hmm no big deal...just make the same like
at the cd-check protection,you make an copy ***.w32 disassemble it and then
looking at the string data references window for the error message.Doubleclick
on it,scroll up a bit over the error message in main wdasm window,looking for
the jump (jne/je) that causes the error and change it (je to jne or jne to je).
Then it have to work.
But then some programs dont display an error message when you entered the wrong
serial number,nothing happens and the progi is still shareware.Hmm thats not
smart,but were smart enough to take that little task.You make everything like
before (copy ***.w32,disassembler,sdr window...),but now youre at the string
data references window and how we saw before,the prog doesnt display any error
message...so what we could search for?Good question...let us think now,that
we already entered the right serial number,ok we pressed enter...do you think
the programers wouldnt put any message into the prog after entered the right
serial?I mean you just paid about 40$ for the unlock serial and you want to 
recieve a message like:"the program is now unlocked,thank you for purchasing
our software"...yeah they would and they do!In 99% they do.So only thing weve
to do now,is to look out for an message like that.What could the program show
us when we enter the right serial?In most kinds it begins with:
thanks,thank you,programname is now unlocked,programname runs now on full..,
programname is now registered...
just look out for a text like that.Ok when you found it,just doubleclick on it,
scroll in main wdasm window over the message to the next jne/je and change it
in hiew to the opposite (jne to je or je to jne).Now after entering the serial
it will show you the text and normally will run regged now.
Ok what else can be out there in protections???Hmm it can be that youve to
enter a serial and after doing that youll recieve the "thank you..." message
and also a little word will turn into another one or will be killed...
What word?The word "unregistered",it will turn into "registered" or will be
killed.Just look out for the "unregistered" word in sdr window and do the same
like before,scrolling up,changing jne to je or opposite.

The Trial Period
----------------
Ok youve a progi that after 30 days of using wont run anymore,or after 20 times
of starting it will shutdown on every next start.Beehh annoying...ok let us 
attack that little protection.Let us begin with the time period.
Let us say,that your program doesnt run after 30days of using.It shows you
an error message and shuts down itself.Hmm i am wondering why the hell i am 
writting all the shit here...its so easy to understand it if youre smart enough
but never mind...ok you remember the error go to sdr window..searching for it..
scrolling up...changing jne to je...opposite...no message now and the prog
will runs.Or maybe also a text is maintained in the program like "this program
is on evulation use only" or "unregistered"...just search for the text and
change jne/je to the opposite...hehe its so dumb i cant believe myself...
And at the 20times starting,then selfkill protection is the same...just look
out for the error message and change jne/je to the opposite...

The Nag-Screen
--------------
What is an nag-screen?
A nag-screen is a neet window telling you several things about your progi.
Like "your trial period is over.." and something other...it can contain a little
picture,a internet link,a bunch of text...sometimes a nag-screen is (mostly at
game protections) a bmp window in the runtime of the game/program youre running
,like at comandos it was the green barret dude holding a cd in his hand and 
pointing with his fingers at it,to tell you,youve to insert your cd-rom...
Those kinds of ingame nag-screens you can mostly disable with wdasm with the 
method i showed you before at the cd-checks (cmp0005 to cmp0003 that the game is 
reading the data from hd not from cd) otherwise you can disable it with 
soft-ice,but that will follow later...
Ok now that we know what a nag-screen is,we can attack it.How to disable them?
Ok mostly the nag-screens has an header in their box (what i mean,is the text
on the blue line on the top of the box) like Please Register,Error,Trial Period
and so on...now you can search for the text in sdr window and doing the same as
every time with patching it on the jumps...or you can search for the first words
in the box like:"Please register you copy of..." and then doing the same as 
every time with patching on the jumps...you can also nop the call...

Some Wdasm Knowledge At The End
-------------------------------
Some people were asking me,how i know what jump,call...it is???How they can see
the right one???Heh thats not so easy to explain...at the beginning of my career
i also was very confused,how the hell all the cracker could know what damn jump,
call...the right one is!?!Everything runs out on the good old "try and error"
method,when youre beginner.Otherwise you can learn asm to understand more of
the shit youre reading (it helps you much).But what i mean with "try and error"
is,that you must try at the beginning,working your way through the asm code,and
if the thing you patched was the wrong,dont panic!Try it again,and youll see
after some time,that when you absolved enough of those kinds of protections,
you know what comands are the right one to patch.Youll see it and understand 
it.Like me,i was angry as hell everytime it doesnt work.And today..i am 
disassembling a file,cming to the error code and saying "ehhh heheh what a 
fluppy protection".That comes with the time,youll earn knowledge and wisdom.
Then youll also laugh about the protections when you see them in the code.
Just remember to look up over the error message.In most kinds of those 
protections,over the error message is a line like this one:
*** Referenced by a jump at:
(0067854),(e899098)
Hell i am bad,but i am writing the shit from head so you must be sorry..nm...
So if you see this line its more easyier for you to find the right jump,call.
Just click on the little button on the upper left bar,its called something like
"goto cd location",then a little window will pop-up and you can enter a number.
Then simply enter the number from the "Referenced by a jump at:" line (at my
example it would be:"67854" <--- you can let the 0s outa there) then press the
ok button and youll be warped to the line where the bad jump/call is.You
can be sure that in most kinds its the right one.
Sometimes therere more than one jump/call that protect the software.That means
that you must doubleclick twice at the message line in SDR window,to be sure,
that there isnt another one.If its another one,just look at him and do the 
useual way of killing him...hmm what i can say more?I think that we can close
here the WDasm part.Ahh...before i forget,just be sure youre working with an
wdasm version of 8.9 or higher,i am using it and i dont know how a lower version
looks like and if it supports all the shit i discribed here.The same counts for
Hiew,just be sure youre handling a version 5.9 or higher...
Ok let us go now to more interesting parts of cracking!

SOFT-ICE HANDLE THE MASTER TOOL!
--------------------------------
Heh no we finally come to soft-ice...hmm at first a little quiz,or let me betta
say "knowledge" you can maybe earn now...everyone speaks about soft-ice,all 
time and everywhere youre in cracking scene :).So it comes,that i thought 
about what soft-ice means...hmm do you think its only soft-ice?Or does it means 
any word or anything?I thought long time and my favorite word i translate 
soft-ice into is: ---->  SOFT-INTRUSION-COUNTERATTACK-EQUIPMENT  <----
Wow..i think that kicks ass..i translated ICE to --> I = Intrusion C = Counter-
attack E = Equipment...well i know its not the right one,but i think it sounds
realy nice for our illegal activities :P ok now let us start with the main art..
Ok...ahh its realy REALY hard to understand the bad bad BAD soft-ice.It wasnt
made for newbies i guess (heheh) and thats why you should start with wdasm...
But if you think youre GREAT enough to take soft-ice tasks then continous here
with reading :P.
Soft-Ice is a powerfull debugger and for me the best i ever pass on my way
through the cracking field.You can do everything with sice (soft-ice) if you
know how to handle it.I pressume youre running Soft-Ice/Win95 3.0 or higher.
After your installation of soft-ice,itll be a part of your autoexec.bat.
That means,that its always present in your system while your doing any lame 
things with your pc (like shupper your cock while looking at porn pics of fat
50years old hairy womens...<--- dont laugh i know dudes doing that,and one is
part of a very big cracking crew you know!And i call that "PERVERSE"!But thats
another part..let us continous with soft-ice) and when youre needing soft-ice
you can call it with ctrl-d (if you dont change the hotkey).Ok you may read any
tuts about soft-ice and you may wondering why the hell you cant set an trap 
(the word for breakpoint) on things like "GETDLGITEMTEXT"???Heh its easy to
explain,you must work on your winice.dat (ill place a copy of my winice.dat at
the end of the text coz ive it on my pc at home :/) and after worked at the
winice.dat you should be able to set breakpoints like that.
Ok so at the beginning you should have to know the *default* keyboard functions
of soft-ice:
KEYBOARD     WHAT IT DOES
-------------------------
F1           Help
F2           Toggle Register Window
F5           Go back to Windows
F8           Trace to next instruction (will walk into all calls)
F10          Step to next instruction (executes and step over calls)
F12          Run up until the next Return instruction

Therere few more but i think thatre the most usefull youve to know now.
As you can see,you should have 4 seperate window boxes at your screen.
If not,dont panic,you can enable/disable them by the following comands:

WR  <--- show/hide register window
WD  <--- show/hide data window
WC  <--- show/hide code window

Thosere the most important,l8er in your work with soft-ice youll may need
some of these windows too:

WL <--- show/hide locals window "ALT-L" Focus 
WW <--- show/hide watch window  "ALT-W" Focus

Everyone of these windows,you can scroll independent with the following keys:

CTRL-UP/DOWN/PGUP/PGDN   <--- scrolls the code window
SHIFT-UP/DOWN/PGUP/PGDN  <--- scrolls your input (comand) window
ALT-UP/DOWN/PGUP/PGDN    <--- scrolls your data window

Youll maybe pass some cheap protection shemes,where you can find the *right*
serial number a few bytes away from your *input/wrong* serial number.
Just try to scroll a bit and you may will find the real one.You can save you
some work if you practice this kind of *trick* sometimes,before you starting
with your *normal* method of tracing through the code for the serial.

The first three lines on the top of the screen,are dedicated to the computer
registers and their contents.
EAX=anything EBX=anything ESI=anything and so on...
The second line at the far right contains 8 letters,which are your flags.
A capital blue letter means that the flag is set.Here are the flags:

O  <--- overflow flag
D  <--- direction flag
I  <--- interrupt flag
S  <--- sign flag
Z  <--- zero flag (usefull for you)
A  <--- auxiliary carry flag
P  <--- parity flag
C  <--- carry flag

I think the one youll need very often (not to say everytime) is the zero flag
which its looked for jz/jnz/je/jne comands.

The next window down is the data window.It shows you the value of any memory 
address youll might need.For example you can type "d F8D34" <-- thatll show
you the bytes at that address.Just remember,that "d" is your display memory
comand.

The next window weve,is the code window.The code window contains the section
of the program were looking at.At first you can see a line you may dont
understand,too many numbers and crap of asm..hehehe...The first segment is:
offset of the code (ahh do you remember the name "offset"? ;),then the "opcode"
and at last the asm code crap me,you and every dude in earth loves as much as
pink underwear :P.By the way..you mayve to type 'code on' to enable the 
opcode.

And then finally,weve the input/info window.Thats the great window where you
try to enter your first breakpoints and see the weird reaction of soft-ice.

The Breakpoint
--------------
Heh dont think weve a lunch-break now...were cming to the breakpoints now.
At first we must know what a breakpoint is.Hmm yeah i think you already heard
something about that word...breakpoint breakpoint..everyone is talking about
breakpoints...the right one the false one...but what the hell does it mean???
Well,to make it easy to understand for you,ill try to explain it in a very 
easy way.Let us think,that the program we want to analyse (crack :P) is a door.
A locked door.Now weve a bunch of keys in our hand.The bunch of keys is 
soft-ice.Weve many keys we can try on the door,but only one will give us 
access to our porn-queen inside the castle of perverse phantasys (hmm i know
i know...but i also want my fun when i am writting shit like that in my holiday
you know :)))) anyway..what i want to describe is,that soft-ice is a gr8 progi
with lots of ways to enter in a program,to see whats going on in it.But only
one key will help us on our progis.That means,that weve to know what key weve
to use for which protection of whatever program.That does our "breakpoint".
We tell soft-ice,on which point it has to break,so we can analyze the code.
And therere many points on which we can let sice break into.So we need to know
which one can be usefull for our protection.
The most usefull breakpoints are:
GetDlgItemTextA - GetWindowTextA  <--- thesere the most usefull youll need
at your life as a cracker.The "A" on the last part of the breakpoints means,
that its a 32-bit progi.On 16-bit dos progis you can forget the "a".
How to use a breakpoint?
Its very easy.At first be sure,your winice.dat is successfully updated to work
without problems (how i said on the beginning,ill place my winice.dat on
the end when i am home from holiday).After that,start the program you want to
crack and go to the part where youve to enter your name/serial.
Enter your name/serial and before pressing enter (and recieving the error msg
of wrong name/serial),press ctrl-d (to switch to sice).In sice type:
bpx getdlgitemtexta  <--- enter | you can enter how many traps you want.How i 
bpx getwindowtexta   <--- enter | said,these are your favorite for now.
After that press ctrl-d again (to switch back to the program) and now press
enter,ok button,whatever,and when the breakpoint was successfully set,youve
to look at soft-ice screen now.Now press F11 to return to the part of the code
that calls the function.And now its on you what youre doing.Some asm knowledge
you may need,otherwise it can be the hell for you to find out which shit is for
which shit.Thats all i can tell you.I dont have soft-ice and a example progi
here so i can show you how to crack the example progi,i guess therere enough
good tutors out on how to crack a progi with soft-ice.
What now?The breakpoints are still there and they let sice pops-up everytime
i make anything!
How to clear breakpoint(s)
--------------------------
In your input window of soft-ice simply type:
bc yourbreakpoint  -   i.e: bc getwindowtexta  <--- that will clear the one.
bc 0    <--- will clear the breakpoint labelled 0
bc 1,4  <--- will clear the breakpoints labelled 1 and 4
bc *    <--- will clear all breakpoints which were set

How to disable breakpoint(s)
----------------------------
In your cracking life youll see,that sometimes its better to only disable a
trap and not killing it totally,coz you save some writting time ;P.
Simply type in your input window of soft-ice:

bd yourbreakpoint  -  i.e: bd getwindowtexta <--- will disable that breakpoint
bd 1,2,4  <--- disable the breakpoints labelled 1,2,4
bd *      <--- disable all breakpoints

How to enable breakpoint(s)
---------------------------
Ok we disabled the traps,but how the hell we gonna work with them again???
Easy as above.In your input window of soft-ice type:

be yourbreakpoint  -  i.e: be getwindowtexta <--- will enable the dood again
be 1,3,4 <--- enable the breakpoints labelled 1,3,4
be *     <--- enable all breakpoints

Breakpoints
-------------------
Here is a little list of breakpoints.So you know what kind of traps youve to 
set on which protections.Just remember to put on 32-bit programs a A on the end
of the breakpoint like : bpx messageboxa
If its a 16-bit program you dont must do it.

General Purposes ... 

bpx messagebox 
bpx getdlgitemtext 
bpx getwindowtext 
bpx hmemcpy 
bpx showwindow 
bpx updatewindow 
bmsg xxxx wm_gettext 
bmsg xxxx wm_command 
bmsg xxxx wm_move 

Time Related ... 

bpint 21 if ah==2A (DOS) 
bpx getlocaltime 
bpx getfiletime 
bpx getsystemtime 

CD-ROM and Disk Based Schemes ... 

bpint 13 if ah==2 (DOS) 
bpint 13 if ah==3 (DOS) 
bpint 13 if ah==4 (DOS) 
bpx GetFileAttributesA 
bpx GetFileSize 
bpx GetDriveType 
bpx GetLastError 
bpx ReadFile 
bpio -h (Your CD-ROM Port Address) R 

Dongle Cracking ... 

bpio -h 278 R 
bpio -h 378 R 

Key File Related ... 

bpint 21 if ah==3dh (DOS) 
bpint 31 if ah==3fh (DOS) 
bpint 21 if ah==3dh (DOS) 
bpx ReadFileA 
bpx CreateFileA 

Keyboard Input Related ... 

bpint 16 if ah==0 (DOS) 
bpint 21 if ah==0xA (DOS)

Therere some more but i think thesere the most needed at first...

End of soft-ice
---------------
Ok thats enough about soft-ice for now.I realy hate to write tuts about sice.
Coz therere so many things you need to know and you,as a tut writer,cant realy
cover all of them.That means,that everytime you write a tut about sice,it
causes thousands of more questions.And its hard to show a beginning cracker,who
may doesnt have asm knowledge or gr8er experience,the real handling of sice.
So i like to write more wdasm stuff (its lamer and easier for a lazy ass dood 
like me to explain it ;P) and other crap.So dont be down and go on reading
what neet things waiting now for you ;D!

mIRC <-- what the hell is mIRC???
---------------------------------
Hmm what does that means?Let me think some secs,to get a word for it...hm...
MORE IDLES REACHED CONNECTION <-- that is what youll met at IRC :DDD
Its a progi that lets you become more famous,become the biggest lamer of 
century,get you nice trojans from nice ppl,gr8 knowledge on whatever you need,
chatting with fat,ugly girls who promise you all the time theyre looking like
Pamela Anderson,youll know what the word "nuke" means,who peer is and why he
has fun with reseting your connection,why a ping and 4.5mb in a sec are bad
for your 28.8 modem and many many many more things youll love!!!
Ok enough of joking (do you ever thought about why a word has the name of the
word???Why when youre making funny things the ppl calls it joking?Do you may
become a JO KING?YO JO KING!Or maybe a king in the past centurys made only 
funny things and his name was JO SKREL and he was a king so the ppl said every-
time anyone made something funny its a joking man,like the king jo...hmm
i guess the sun i got 3hours without break on my head and all the topless 
girls increased my IQ and thats why i am writting so much shit in one tutor).
Ok now,mIRC is a program with which you can access to IRC (i realy want to know
what the programer drunk when he thought about the names of his artwork).
All you need to know is,that IRC is a chat.Not like a "normal" chat you may
know from www.alamak.com or other http net chats.Its THE chat.There are many
servers connected to it and you can enter many locations of different servers
and different channels.You may saw in any nfo that you can visit the crew
at IRC EFnet #poopiamtheking (or any name).But you dont know what it means.
So IRC is the chat (I)nternet (R)elay (C)hat and EFnet is the net youve
to connect to over any EFnet server.So download the program from www.mirc.com
(you should have to download a version from your country language coz then 
youll understand the helpfile and all the other shit).
After successfully download process,install it.Then start it.AHHH!!!!What the
shit is the ugly face on the beginning??!?!?!Well be sure youre looking into
any ugly doods face with glasses a ugly smile while doing anything dumb like
sitting on a couch (heheeehe do you want to know,how youll look like when you
continous your work with a pc?You can see it on your window of mirc now.Or
get a picture of bill gates!Well therere some ppl...like ME!Looking super-
fantastic but also good in pc work <--- thatre only 1 of 1000000000 ppl 
working with pcs and i dont suppose youre one of them!heheheh ;P).
Ok just get a serial/keygen for your mIRC version to register it (and you wont
gain any annoying nags after 30days or however long the trial is).
Ok now you closed the ugly face window and another one pops up.I guess thats
the one where you can enter your name/e-mail/nick/second nick...
Ok now be sure to enter your nicks (the one you want to use in irc while 
chatting and the other for the purpose if your current nick isnt avaible coz
another dood uses it).In the e-mail box enter only "@" (if you enter your real
e-mail addy youll recieve junkmails "sexboys supergay homepage is now avaible"
and that 100x a day,isnt funny believe me ;P).In your "real name" box you can
enter your real name (not very inteligent),or maybe the whole word for your
nick shortcut (like youre using the nick "iafukwf" you can enter in real name
box "im fad ugly kid without friends") or maybe any kick ass sentence like:
Free Gay Porns At My Addy!MSG MEEE!! (or anything else).For what the real name
box youll think now...well you dont have to fill out,but thats what people 
will see if they do a /whois yournick <--- theyll see your hostmask and after
that the real-name or the sentence you put into the field.Its the chance to 
give other people a clou about you.Like if youre using something like:
I am the killer! <-- people will think,you arent friendly (bad),youre a lamer
(more bader),youre realy a killer and call the cops (very bad),youre weird
ugly,fat,idiotic and have a trauma from your childish family life (the truth).
So you can chose yourself what you want other people think of you.
Ok after that you can on the options window chose some options.
Scroll through it and disable/enable the ones you like.On the Options Section
"IRC" (i think thats the one) you can enable the option of making "Logs".
Thats usefull for some ppl.That means mirc will log all your talks from 
channels and private talks (you must enable it) and save everything to a file.
You can later look on the things you chatted about or simply see who says your
a lamer or anything else...Otherwise theres a option of protection or some-
thing like that some file types arent enabled for dccing (dcc means that you
can send other ppl files and they can also send you files,thats what is called
"DCC").FileTypes like *.exe *.com etc...its a protection mode against virus,
trojans...just disable this option coz it can be realy annoying when you want
to get a file from your friend and you cant recieve it coz its a exe or another
filetype which is protected by the mirc secure option...
Ok i dont know every shit from my head so let the option part for now (or look
through it yourself,if you arent very stupid youll know what you can disable/
enable/change.Just remember,that you never have to change your hostmask like:
ppp.0023freenet.de <--- that must stay 4ever its set by mirc and your host
server and if you change it,you may become problems with dccing and other
things in mirc!!!).
How to connect to a server like EFnet.Its very easy.Just click on server list
and chose any server you want to connect to.Like chose any EFnet server and
click on connect.Now the connection phase starts...youll see if you can
connect to the server,how fast it goes,or if you recieve a message like:
Cant connect to server (you arent allowed to use this server) <--- or any other
shit like that.No problem!Therere many EFnet servers.If youre living in 
Europe use a server from europe.I am using Niejenrode (or how the swedish shit
is spelled :P),Netherlands,Phoenix,Brazil <--- Phoenix,Brazil arent europe,i
know you dumb,but i can also access on that servers!Just look your way through
and try to get a fast one!Youll see how fast the server is on the connection
part.If it scrolls fast the text while the connection and youre fast connected
to the server like to EFnet,everything is fine.But when it take long to connect
to it,then better look out for another one,coz that can make you lagging all 
the time while chatting (lagging,to be lagged=you recieve later what other 
people wrote before,my baddest lag was that i got the messages 5mins later
on my screen.That can be shit coz when a dood enter the channel youll recieve
that after 5mins,and then he maybe left before he could see what youre writing
to him <--- irc is realy weird youll see sometimes...).
Ok youre now successfully connected to a server like to EFnet.What you can do
now.The basic commands:
/join #channelname  -  i.e: /join #cracking4newbies <-- youll join this chan
/whois nickname  -  i.e: /whois byteburn <-- show you who i am (hostmask...)
/part #channelname  -  i.e: /part #cracking4newbies <-- you leave the channel
/me anything  -  i.e: /me feels bad --> *ByteBurn feels bad (emotion explain)
/k nameofdood  -  i.e: /k byteburn <-- kick a dood from channel (only for ops)
/b nameofdood  - i.e: /b byteburn <-- ban a dood from a channel (only for ops)
/invite nameofdood #channelname <-- invites a dood into a channel
and many more.You can read all the commands in the help file of mirc.
When you join a channel where nobody is in,you become automatically op status.
OP = operator <-- allows you to kick people,ban,voice,set channel flags...
While your op status,you can say that youre king of the channel.You can op
other people with --> /mode #channel nick +o  i.e: /mode #poop byteburn o <--
give the user byteburn operator status in the channel #poop.Be carefully who
you set up as an operator,coz he can deop you or kick you,he can do everything
like you.You can deop a op with the comand: /mode #channel nick -o <-- takes
the op status from a person.You can voice ppl with: /mode #channel nick v <--
gives ppl voice status,you can devoice them with /mode #channel nick -v <-- 
takes the voice status from the dood.What is voice?
Operators are signed with a "@" symbol before their nick and you can see that 
in the right window of the screen,ops beginn the list at first,then the voice 
people,signed with a "+" symbol and cming after the ops in the line and at 
last weve the "normal" pooper of the channel,people like you if you enter any
strange channel,normal visitors.Voice people are mostly friends of any doods in
the channel.Theyve more rights like normal people,that means they can use
things like ?? comands in some channels like #cracks they cant be kicked for
flooding (flooding,to flood = talking so much so youre making other people or
the channel lagged,youll be kicked) and some other nice things normal ppl dont
have.Ok you can read all the shit from the help files...let us come to more
interresting sections of mIRC and IRC!

The interesting parts of mIRC and IRC
-------------------------------------
Ok i hope you read everything from help,or youre more experienced now on irc.
You maybe wondering that some people are 24h in a channel,and kick ppl auto-
matically for flooding,or for saying bad words...that some ppl when they
join the channel automatically get voice status,by some other people...
That thing is called "BOTS".What is a bot?A bot is a thing,a script,
running from a shell,a linux shell (most times),a server that is 24h online.
People setting up a script (contains the name of the bot,what channels he has
to be in....) and let them run from the shell.A bot is like a robot.It isnt a
dood and you cant talk to him.BotMasters (people who owns the bot[s]) setting
up the scripts and everything what the bot will do while hes online.
That means he can add people to a auto-voice list what means that the added
people getting voice by the bots after joining the channel,add people to ban
list what means that a dood will be kicked from the channel and getting a ban
what means that the dood cant rejoin the channel...and many other things.
He can add a learn script.A interesting script that allows people to save
any information to the bot by any comand like !learn byteburn is the king
and with any other comand you can get the info which is saved on the bot like:
?? byteburn <--- the bot will display in the channel "Byteburn is the king"...
very funny to work with bots,but also hard!You can see them in i think every
channel.Just join #cracks on efnet and youll see bots in action.
Now you may wondering how it goes that when you enter in a channel !nfo or 
anything else,you will recieve the nfo by a bot or a dood very fast...
Thats also a script!And ill show you know how to make your own script.

Basix of scripting
------------------
You can see scripting comands in the mIRC help file.Here is just a little funny
part of scripting.
In mIRC just press alt+r to access the script window.There you can enter your
script lines.A example:
on *:text:hello byteburn*:#:/msg $chan hello $nick
Ok it looks weird...what it does: when anyone say in any channel you stay in
"hello byteburn" then the script let you automatically answer in the channel
where the dood says it "hello nickofdood".Let us take a look on the scriptline.
on <--means on what...
*:text  <--- means on text (you can change it to things like *:join )
:hello* <--- means on that text the script will reply
:#: <--- stands for channel (you can do it only for one channel like :#poop:
/msg $chan hello $nick <-- msg the channel then say hello and then the nick
Its realy easy to understand and it makes much fun to experiment with it.
So if anyone says goodnight or hello or fuck or anything you can add it into
your script and everytime people say that you can let your script work for you.
Let us come to more interesting scripting:
on *:text:!help*:#:/msg $nick To get help join the help channel #help
that causes that when anyone say !help in the channel you private msg the dood
with the message that he has to join #help for help.
on *:text:!voice*:#poop:/mode #poop $nick v
that script gives everyone who type !voice in channel #poop,voice in channel
#poop.
on *:text:!kick*:#:/kick $chan $nick you want to be kicked?Here!
That kicks everyone from the channel in which youre op when he type !kick,
on his kick reason status hell recieve the text "you want to be kicked?Here!"
Ok in channels like #cracks you may see that if the doods type !nfo theyll
get the nfo over dcc.Its also a script.A script like that:
on *:text:!nfo:?:/dcc send $nick c:\nfo.txt | /describe $chan is sending $nick
the channel nfo
That is more weirder now...the :?: means that it works only if someone does a
/msg yournick !nfo (i mean it works only on msgs you get.If you want that you
always send it when someone type !nfo in channel,then simply change the :?: to 
a :#: ).
/dcc send $nick c:\nfo <-- means youre dccing the dood the nfo from your hd
location (you can change it to c:\myfiles\nfo.txt or wherever your nfo is)
| /describe $chan is sending $nick then channel nfo <-- that means youre 
explaining in channel that youre sending the dood the nfo (you can make it
that it works only in your #poop channel when you replays the $chan with an
#poop <-- or whatever else channel).To give you a clue about how it looks like
in the channel screen,it looks like that:
***ByteBurn is sending tomtom then channel nfo
thats on my script...dont forget you can change it how you want to.
I think thats enough for scripting.You can read more about it in the nfo file!
All your script work is saved in a file called script.ini in your mIRC folder.

Back To mIRC
------------
Youve your status window in mIRC,where you see everything what happens.
It shows you the status,when youre connecting...When youre connected to IRC
it shows you all the people who are in a channel when youre joining it,plus
whos op/voice in it.It shows you who quits IRC from all the channels you stay
in.It shows you the info about a dood when youre doing a /whois nickofdood.
It shows you everything.

Channel Flags
-------------
When youre operator of a channel,then you can set channel flags.You can place
a topic that will be shown on the top line of the channel,and everyone can
read it when he joins,people also see it on the channel list (if your chan isnt
secret).You can place a topic by typing /topic #channelname topic 
i.e: /topic #poop were the biggest poopers around <-- will change the topic to
"were the biggest poopers around".You can also set channel flags.Channel flags
are something you set if you want that your channel is secret (means if anyone
get a channel list,your channel isnt displayed at it.Also if anyone makes a 
/whois yournick it doesnt display the channels with secret status).
To set a channel to secret type /mode #channel s i.e: /mode #poop s
Just remember everytime you want to disable the flags you set just type the 
same but with an - before the comand --> i.e: /mode #poop -s
You can make a channel on invite (means that a operator must invite a dood 
before the dood can join your channel) do it with: /mode #channel i
i.e: /mode #poop i (to retake it type /mode #poop -i)
You can set a key for your channel (a dood must enter the correct key when he
wants to join your channel like: /join #poop bigpoopers).To set a key on a chan
just type: /mode #channel k thenthekey i.e: /mode #poop k bigpoopers
You can lock the topic (means that only operators can change the topic).
Lock the topic with: /mode #channel t  i.e: /mode #poop t  <--- thats very 
usefull coz dumb people will change the topic everytime when it isnt locked!
You can set a userlimit (means when you set a limit of 20,only 20ppl can join
your channel,when it reached the limit ppl who wants to join your channel will
get a message like "cant join #poop (too many users)".To set a limit type:
/mode #channel lvolumelimit  i.e: /mode #poop l20 <-- only 20ppl are allowed.
(i hope that was the right comand,as you know i am writing from head :/)
Ok i think thats all,you can get other comands from the mIRC help.
Thats all for mIRC...only should cover the basics of everything...
Let us go forword on more interesting things now!THE ASM-CODE!!!!

THE ASM-CODE
------------
Ok now were on a more interesting part for you i think.
And coz i am the lazyest butt around,i am not in the mood of getting closer
to shit asm and the whole thing.I am in holiday,everywhere damn pretty topless
girls and i am sitting here to write a damn tutorial for nothing.Only some
shortcuts...
The asm-code is composed of mnemonics,which are a small group of letters that
represent a command in machine language.At first weve the mnemonic,then the
destination,then the source.
Weve 8 basic registers,everyone special in his own way:
Remember that when you see a "e" before the letters it mean thats 32-Bit!

AX ---> Accumulator Register
BX ---> Base Register
CX ---> Count Register
DX ---> Data Register

Everyone of these 16-bit registers is split into two 8-bit registers.

AH ---> Accumulator High
AL ---> Accumulator Low
BH ---> Base High
BL ---> Base Low
CH ---> Count High
CL ---> Count Low
DH ---> Data High
DL ---> Data Low
AX ---> AH*256 + AL

Other Registers:

SI ---> Source Index
DI ---> Destination Index

These and all other registers,cant be split into 8 Bits.They are entirely 
16-Bit.
Then weve the stack registers:

BP ---> Base Pointer
SP ---> Stack Pointer

The Segment Registers:

CS ---> Code Segment
DS ---> Data Segment
ES ---> Extra Segment
SS ---> Stack Segment

MOV ---> This MOVes a value to a register or a place in memory.You can move any
immediate value (like say the number "6"),register,or memory location to a 
register or memory location.Example:
If Var1 and Var2 were two variables,you cant mov Var1,Var2.You would have to
save Var2 into a register and then mov the register into Var1.Also be sure,to
use the same size,source and destination values.

MOV AX,BX   <--- The value in AX now equals the one in BX
                 The source was BX and it is stored in AX
MOV [BX],AL <--- This stores AL into the memory location pointed at by BX.
                 This does not change the value of the BX register,only the
                 value of the memory location at DS:[BX]

I wont explain the flags name,i did it before,just look at the soft-ice part.
Just what the flags does:

The Overflow Flag will be set after any math command (i.e:ADD) if there was an
unsigned operand and it became signed,or vice versa.

Interrupt Flag tells the CPU wheter or not it can accept hardware input.

Direction Flag tells the CPU to increment or decrement on a LODSB,STOSB,and
similar commands.

Sign Flag tells wheter or not the final value was signed and set if it was.

Zero Flag tells if the final value was zero and set if it was zero.

Carry Flag is like the Overflow Flag but is set if you went overflow on an 
unsigned integer.

The others i cant remember...my head is a mess of motherfuckers...:(

The Carry Flag is the general flag used to return an error just because it is
the easiest to manipulate.Not all other flags are allowed to change via. a 
command.For example,you cant set the Zero flag directly.

Here are all the direct flag manipulation commands:

CLC ---> Clear Carry Flag
CLD ---> Clear Direction Flag
CLI ---> Clear Interrupt Enable Flag
CMC ---> Complement Carry Flag
STC ---> Set Carry Flag
STI ---> Set Interrupt Enable Flag

Now,let us come to the procedures and functions...
For that,well use CALL and RET to call and return from procedures.If you want
a function to return something,its easier to just store the return value in a
register and RET.

Also note that when you CALL NEAR (means not to a different CS) that your IP
value is PUSHed to a stack.This way,you can RETurn from the function.
If you CALL FAR (not usually used except in complex programs),then both your CS
and IP are PUSHed to the stack and you must use the RETF function to return far
rather than RET.
Heres how to write a simple function that writes the character in AL to the
screen coordinates (5,10) in text mode:

WriteChar PROC    ;AL is the character
 PUSH ES          ;Save ES in case it was used previously
 MOV BX,0B800h    ;B800h is the segment for video memory in text mode
 MOV ES,BX        ;ES is now the segment of video memory
 MOV BX,10*160+5  ;Screen width is 80 characters with 2 bytes per character
 MOV ES:[BX],AL   ;Write AL to ES:[BX]
 POP ES           ;Get ES back
 RET              ;Return to previous IP address
                  ;Remember that if you PUSHed and did not POP,then youll 
                  ;return to an unknown address and your program will crash
 ENDP             ;End procedure (not a command,but for the assembler to know
                  ;where to quit)
 Start:           ;Define the label 'Start'
 MOV AL,'Y'       ;Move the character 'Y' into AL...this stores ASCII value of
                  ;'Y' as a number into AL
 Call WriteChar   ;Call the procedure to write AL at (5,10)

Now we looked closer to procedures,it is time to discuss one of the most 
common,easy to use commands on the PC.

Theyre called Interrupts.All theyre are predefined functions that any program
may call.These greatly reduce the need for extra work.
For example,printing a string might be tough for a beginner,so DOS implements
a function for you.Also,basic Disk and Video I/O functions are implented.
To know what all the interrupts do,you must have a list,or just know.You call
an interrupt by specifying a number:
INT 21h
Interrupt 21h is the DOS interrupt for all basic I/O functions,as well as file
access.Therere many subfunctions for which DOS knows what you want to do.
The register which contains the subfunction as well as other parameters to be
passed,are in other registers.
And at the end ill show a list of jumps:

JA              Jump Above (unsigned)
JAE             Jump Above or Equal (unsigned)
JB              Jump Below (unsigned)
JBE             Jump Below or Equal (unsigned)
JC              Jump Carry
JCXZ            Jump if CX is Zero
JE              Jump if Equal
JZ              Jump if Zero (Equal)
JG              Jump if Greater (signed)
JGE             Jump if Greater or Equal (signed)
JL              Jump if Less (signed)
JLE             Jump if Less or Equal (signed)
JNA             Jump if not Above (unsigned)
JNAE            Jump if not Above or Equal (unsigned) (same as JB)
JNB             Jump if not Below (unsigned)
JNBE            Jump if not Below or Equal (unsigned)
JNC             Jump if not Carry
JNE             Jump if not Equal
JNG             Jump if not Greater (signed)
JNGE            Jump if not Greater or Equal (signed)
JNL             Jump if not Less (signed)
JNLE            Jump if not Less or Equal (signed)
JNO             Jump if not Overflow
JNP             Jump if not Parity
JNS             Jump if not Signed
JNZ             Jump if not Zero (Equal)
JO              Jump if Overflow
JP              Jump if Parity
JPE             Jump if Parity Even (PF=1)
JPO             Jump if Party Odd (PF=0)
JS              Jump if Signed
JZ              Jump if Zero (Equal)

Ok ill stop here,my brain hurts,i cant realy remember every shit and dont want
to write things which arent true (maybe i did who knows,who care?),so ill
stop with asm here and the tutorial slowly...i also think you realy understood
all the shit i wrote above heheh...dont worry...youll..at any time...;)

A Turbo Pascal Source Code For A Patch
--------------------------------------
I included a tpascal source code of one of mine cracks.And i hope you wont use
100% the same style as i did!Its only to show you how to do it.
-------here it starts------->
uses crt,dos;


procedure crack;
const a:array[1..3] of record               <-- how many things to change
a:longint;
b:byte;
end=((a:$cb54;b:$75),(a:$cb48;b:$75),(a:$1f69f;b:$85));  <--- locations where to patch into what




var ch:char;i:byte;f:file;fn:file of byte;size:longint;

begin
clrscr;              <---- clearscreen
textcolor(9);        <---- color 9 (i think its blue)
writeln;
writeln('ͻ                              ');  <---write command
writeln('Rt K tTK                              ');  <---u can write what you 
writeln('ͻ');  <---want,i like an window   
writeln('͹');  <---so i use a info window
writeln('Nothing is as it seems...                           ');  <---to show in it the user
writeln('Download Wonder 1.43.050 trial crack.               ');  <---some informations about
writeln('Kill the nagscreen which is shown after 20 times of ');  <---about the crack
writeln('starting the proggie.Use it 4EVA!                   ');
writeln('Cracked by ByteBurn of Faith Cracking on Request    ');
writeln('͹');
writeln('͹');
writeln('       ByteBurn@onecooldude.comEFnet #faith2000    ');
writeln('       ͼ');
assign(f,'dnldwndr.exe');          <---- the name of the exe to patch
{$I-} reset(f,1);{$I+}
if ioresult <> 0 then              <---- if exe not found then show error message
begin
writeln;
writeln('ͻ');  <--- the error message (also in a window by me)
writeln(' K tRq t  ');
writeln('ͼ');
halt(1);
end;
for i:= 1 to 3 do      <--- again show the prog how many things to change
begin
seek(f,a[i].a);        
ch:=char(a[i].b);
blockwrite(f,ch,1);
end;
writeln;
writeln('ͻ');  <---if exe found and crack is done,then show   
writeln('  ؜ 游朜 ǸK ');  <---this message (how you can see,i realy like
writeln('͹');  <---those little windows :P
writeln('ͼ');
textcolor(7);               <---- change the color again
end;                        <---- end here


begin
window(1,1,80,25);
clrscr;
crack;
textcolor(7);
end.
<----here it ends-----------

The Winice.dat
--------------
Here`s my winice.dat!Just paste it over your old and everything will be fine ;)
When soft-ice is loaded just press CTRL-D to come to sice and then CTRL-F1,youll
see what happens :)
-------here it starts------->
PENTIUM=ON
NMI=ON
ECHOKEYS=OFF
NOLEDS=OFF
NOPAGE=OFF
SIWVIDRANGE=ON
THREADP=ON
LOWERCASE=OFF
WDMEXPORTS=OFF
MONITOR=0

PHYSMB=128
SYM=1024
HST=256
TRA=8
MACROS=32
DRAWSIZE=2048

INIT="X;"

F1="h;"
F2="^wr;"
F3="^src;"
F4="^rs;"
F5="^x;"
F6="^ec;"
F7="^here;"
F8="^t;"
F9="^bpx;"
F10="^p;"
F11="^G @SS:ESP;"
F12="^p ret;"
SF3="^format;"
CF8="^XT;"
CF9="TRACE OFF;"
CF10="^XP;"
CF11="SHOW B;"
CF12="TRACE B;"
AF1="^wr;"
AF2="^wd;"
AF3="^wc;"
AF4="^ww;"
AF5="CLS;"
AF8="^XT R;"
AF11="^dd dataaddr->0;"
AF12="^dd dataaddr->4;"
CF1="altscr off; lines 60; wc 25; wd 15; wl; wr;"
CF2="^wr;^wd;^wc;"

EXP=c:\windows\system\kernel32.dll
EXP=c:\windows\system\user32.dll
EXP=c:\windows\system\gdi32.dll
EXP=c:\windows\system\comdlg32.dll
EXP=c:\windows\system\shell32.dll
EXP=c:\windows\system\advapi32.dll
EXP=c:\windows\system\shell232.dll
EXP=c:\windows\system\comctl32.dll
EXP=c:\windows\system\crtdll.dll
EXP=c:\windows\system\version.dll
EXP=c:\windows\system\netlib32.dll
EXP=c:\windows\system\msshrui.dll
EXP=c:\windows\system\msnet32.dll
EXP=c:\windows\system\mspwl32.dll
EXP=c:\windows\system\mpr.dll
EXP=c:\windows\system\msvbvm50.dll
EXP=c:\windows\system\msvbvm60.dll

<----------here it ends------------

Last Words
----------
Ok i think thatll be enough for now.Just remember some basic and very needfull things:
1.Never hurt a woman!
2.Never fake other styles!Let the others fake your style its much better!
3.Follow the rulez of others until youre a master and can set rulez.
4.Be always friendly and nice to other people and try to help out as much as you can!Theyll
  remember that and help you out next time,its also good for your image!
5.Just everytime before you join IRC or anything tell yourself youre good!Youre the BEST!
6.Dont bother other people,sometimes youll wonder why theyre all shit!But youll see,that
  when you come to a point where you can say of yourself youre good,youll also do the same
  shit like the others do now,coz youll be also bothered by newbies ;P
7.Work hard and youll get everything you want!Just place yourself a target you want reach!
8.Be gentle to woman!Theyre the best what god made!
Finally The END!!!
------------------
Ahh...i am so happy!!!I begun to believe that this shit wont stop at any time;)
but now we come to the end!I hope you liked the couple of crap text :)
Ok...its realy the end...and please dont ask me
for more tutorials in next time!I guess this is the last tutorial for the 
next 5years ;P.Dont e-mail me any questions where you can get my previous
tutors or the next ones...youll get the next tutors at the same location
where you got this one.And if youve any questions to this tutor,ask me only
in IRC EFnet!Dont mail me questions!!!Ill not answer them over mail coz
ive enough to write on mails!I explained how you can connect to IRC so dont
tell me you dont know how to connect to it!I also dont have ICQ,i had it once
but after i forgot my pass/login for user "ByteBurn" i stoped ICQ.So youre
right when you see a ByteBurn in list (when that nick wasnt deleted) thats
me,but i cant answer on your ICQ msgs!I also dont want to get ICQ again,coz
ive enough to talk in IRC...what else...
You can catch me on IRC EFnet #eclipse99 #c.i.a  #thespecializtz
thatre the channels where i most time stay in.
My e-mail is: ByteBurn@onecooldude.com

Now my greetingz :)))
I want to greet all people i like,my friends,and people i am happy to see
when theyre on IRC!!!
Greetz to:
AgorA,aerosmith,darksid3,Intern,Predator,ShannoW,Syntesi,kunglao,H3llSp4wn,
insEOK99,AnubiS,darkshadow,WildFire1,Z-Wing,Riven,VisionZ,[iNC],[yAtES],
Clown-Man,HarvestR,LagPRO,Fuzz|ion,Addie,Svensk,Niccos,Trinity,LazerLite,
all my friends from CiA,#cracks,#darkproject,ShannoWs secret friends channel
i cant show here ;),all doods from FAiTH2000,TMG,ECLiPSE
And to everyone if forgot on this list a big SORRY!!!

This tutorial is dedicated to all newbies,[yAtES],AB4DS.
Its officialy written as a member of ECLiPSE

The End...i dont know what date is today...i guess its the 08/26/99...END!!!
