			     --W32ASM Tutorial--- 

Date written: 13.4.2001
Program Details:
Name: Eternal Bliss W32Dasm CrackMe #1
Author: Bengaly

Tools Used:
W32asm / Hview (or any hex editor)

________________________________________________________________________


                 -About this "protection" system-

easy Protection By Nags. (if u can call it protection ;) )
__________________________________________________________________________


                                 The Essay

As this is a tutorial for newbies, I'll go into details about how I go 
about cracking the program. I suggest that you read this tutorial first.
When you have completed the tutorial, leave this tutorial open and follow
the instructions. Re-do it once more after you have completed the step 
by step guide...

__________________________________________________________________________

                            Lets Crack The Bitch ;)
				

ok that's easy.
*after looking in 32dasm (disassmble first, i am sure it's easy), we can see acttualy everything.
ok let's crack then;

press the STRhref button, u will see all the text that the ceackMe use.
1.press the "please pay me to register", after u press u will be here:


posible string data blah blah ->"please pay me to register"
xxx:yyyy PUSH 00403040 ;or similar to it ;)
xxx:yyyy PUSH 00000000

scroll up alittle bit till u see this:

xxxx:yyyy  cmp eax,0000000
xxxx:40100F 7413  je 00401024 <= jump to the first nag
xxxx:yyyy push 0000000

look at the offset of 40100F 7413  je 00401024 (look down at w32asm) it's: 40Fh (h=hex)

open the hex editor, find the address (40100F), change: 7413  je -> 7513 jne
                                                        ^           ^
                                                        |___________| 
first nag killed ;)


2.press the "are you willing to pay me?", u will land here:
xxx:yyyy PUSH 00403089
xxx:yyyy PUSH 00000000

scroll up alittle bit till u see this:

xxxxx:yyyy call 00401052 <= that's call to second nag.
*there is no je to the second nag, and we cant nop or jne on a call, so what we will do is to get back to our first jump 7513 jne (after we changed it ;) )and to change the number 13 > 41

  jump 7513 -> jump 7541
          ^            ^
          |____________|

so now it will be like that: xxxx:40100F 7541  jne 00401052 ; remember the call?? change to 41 makes the call to be jump as well ;)

second nag killed ;)

job is done, crackme cracked.
__________________________________________________________________________

                                 

				
                             Final Notes

This tutorial is dedicated to all the newbies like me. I've tried to
explain everything in details.

This is my first tut so...;)
And because I'm a newbie myself, I may have explained certain things wrongly
So, if that is the case, please forgive me. Email me if there is anything 
you are not clear about

                 My thanks and gratitude goes to:-

                     ---ANALYST(ACiD-BUrN)--- ; for helping in cracking
                      ----CODE_INSIDE----- ;for helping in cracking
                     -----BLAcKgH0sT------ ;for being good friend :)
                       -------FusS------   ;asm / keygenning helper

              * All the writers of Cracks tutorials and CrackMes*