--Softice Tutorial--- Date written: 27.3.2001 Program Details: Name: CrackMe2 Author: Bengaly Tools Used: Softice Brain ________________________________________________________________________ -About this protection system- easy Protection which based on a serial number and code. __________________________________________________________________________ The Essay As this is a tutorial for newbies, I'll go into details about how I go about cracking the program. I suggest that you read this tutorial first. When you have completed the tutorial, leave this tutorial open and follow the instructions. Re-do it once more after you have completed the step by step guide... In this essay, when I write type "d EAX" or similar commands in Softice, I mean it without the quotes. __________________________________________________________________________ Lets Crack The Bitch ;) HEHE look at the program, u will see a anoy screen says REGISTER or semilar enter your favorite name Mine is: first name: Shani code: 12345 <= very easy to remember ;) open your fav black debugger SoftIce ;) set a nice breakpoint BPX HMEMCPY (since getdlgitemtexta wont break and ect.) press f5/ctrl+d Press OK on the register button...BOOOMMM Sice poped up ;) we are in the HMEMCPY hehe ;) press F12.(press 8 times) <= u need to be in the crackme code AFTER 8 TIMES pressed. *how did i know that i had to perss 8 times f12, cuz when i press f12 i pass the dll which called by windows and ect, and after 8 times i see where my serial may be [u will see; aex,edi and ect..] <= a good place ;) after press 8 times f12 u need to see this: xxxx:5f45c3AD PUSH FF ... . . . . . <= SOME CODE of culculation f10 until u will see this: MOV EAX, [EAX-08] <= fake serial/reg num store here press: d EAX your fake serial/name will be showed in the data ...shani.... ..123456...e.w..w <= those letters aren't important now we want the real serial of course ;) so press f10 untill u will be back from the RET [u will see ret and after it u will jump to the place u was called from, lets say to the begining]..press f12 8 times again...u will be back to the same place..again f10 to: MOV EAX, [EAX-08]<= fake serial/reg num store here + REAL SERIAL ;) * u will see in the data window the same thing as we did, but the real serial will be showed for u as well ;) what all this mean that: name: shani reg num:12345 is now 3269416495 <= real serial what have we done so far: 1.enter serial/code and ect. 2.bpx HMEMCPY 3.press f12 8 times 4.d EAX 5.f5 6.f12 7.f10--Trace-- 8.? eax for fake/right serial __________________________________________________________________________ Final Notes This tutorial is dedicated to all the newbies like me. I've tried to explain everything in details. This is my first tut so...;) And because I'm a newbie myself, I may have explained certain things wrongly So, if that is the case, please forgive me. Email me if there is anything you are not clear about. My thanks and gratitude goes to:- ---ANALYST(ACiD-BUrN)--- All the writers of Cracks tutorials and CrackMes