Darts 95 v1.0

Hello, welcome to my first tutorial. I am ManKind, a newbie who would like to share my newly acquired cracking skills with other newbies. Thanks for reading. Contact me at mankind@mail.flashmail.com

Disclaimer

This tutorial is created just for educational purposes, the author will not bear any responsibilities upon any damages or law breaking charges caused by reading this file. Please forgive me if my narration is not clear as English is not my native language.

Tools

W32Dasm 8.93.
Hiew 6.0/6.04.
Darts 95 v1.0 (try to get it from software sites or DarkFlare's site which is at http://www.esoterica.pt/delphi-pt.

Now try the Darts 95 game, you will notice that the unregistered version allows you to play for 99 times before it stops functioning. Now try to enter regisration information (click file and new game), enter anything in those empty spaces and click register now. A message box will appear saying 'incorrect name or password'. So now we want to fix that. Follow these step by step actions.

1). Open up W32Dasm and then click the first button under the Disassembly text.
2). Choose Darts95 in the 'select file to disassemble' box and click open.
3). Now it should start disassembling (while waiting go get some snacks and drinks).
4). Click on the second last button (String Data Reference).
5). Then search for this string "REGISTRED" (it is "registred" and not "registered") and double click on it.
6). Close the data string reference window and you should see this line with a blue line :- 

:0042F348 BA08F54200  MOV EDX,0042F508

Now scroll up a little until you see this :- 

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
:0042F31D(C), :0042F322(C)
Anything after this is useless. Now note down the two numbers which are 0042F31D and 0042F322.

7). Click Shift and F12 together and type in 0042F31D in the 'Code Offset[hex]' spaces and click OK. You will be brought here with a green line :- 

:0042F31D 7E0F        JLE 0042F32E
Now see the status bar (at the lowest point of W32Dasm) and you will see this :- 

Line:107398 Pg 1279 of 1318 Code Data @:0042F31D @Offset 0002E71D in File : Darts95.exe
Write down the number after the offset (0002E71D).

8). Now press Shift and F12 again and type in 0042F322, press OK. You will be here with a green line on it :- 

:0042F322 7D0A        JGE 0042F32E
Again note down the offset which is 002E722.

9). Now exit W32Dasm and open Hiew. Choose the Darts95.exe file and press enter. Then press enter twice when you see some weird text. After that press F5 and type in the first offset which is 0002E71D and you will be here :- 

:0042F31D:7E0F        JLE .00042F32E <-- Change the 7E0F to 7D0F by pressing F3.

-->:0042F31D: 7D0F    JGE .00042F32E <-- New.

Press F9 to update/save and proceed to the next step.

Type the second offset (0002E722) and you will be here:-

:0042F322:7D0F	      JGE .00042F32E <-- Change the 7D0F to 7E0F (refer to step 9).
Now we have cracked it. You should try your Darts95 to see whether it works. Click 'new game' and a new game should start without the nag (registration screen and the XX time left). Thats it, you cracked Darts95. Congratulations.

Note: After examining it again I realized that we just have to patch the second offset (0002E722) to make it registered. Sorry for making you do extra work.

Thanks to : HarvestR, tKC, ytc_, Kwai_Lo, TORN@DO and other crackers and individual who provide me with their tutorials and tools.

Service for ManKind
ManKind
mankind@mail.flashmail.com