Tutorial Number 9 Written by Etenal Bliss Email: Eternal_Bliss@hotmail.com Website: http://crackmes.cjb.net http://surf.to/crackmes Date written: 22nd Feb 1999 Program Details: Name: CrackMe v1.00 Author: CyberBlade Language: Visual Basic 5 Tools Used: SmartCheck Cracking Method: Observation Viewing Method: Use Notepad with Word Wrap switched on Screen Area set to 800 X 600 pixels (Optional) __________________________________________________________________________ About this protection system No disabled function. Protection is based on a 9-digit serial number. __________________________________________________________________________ The Essay I'll not go into the settings and how to configure SmartCheck anymore. If this is the first time you are reading my tutorials, I suggest you download the first few that use SmartCheck as well. At the same time, I've written two other essays on general VB cracking showing the use of SmartCheck together with Softice. Look for them on my website. __________________________________________________________________________ Observation Run the Crackme with SmartCheck. Before entering ANY thing into the textbox, look at what SC has to show. You will see Crackmefrm_Load. A habit of mine is to look at everything SC shows... Click on the + sign next to Crackmefrm_Load to expand the thread. You will see Double (3.15751e+008) -> Long (315751288) Ok... This is not very common. You seldom see a CrackMe producing a number when it is loading. So, note it down. Type in "123456789" and click on "Check". You will be shown "Sorry, wrong key." Click on the + sign next to Checkcmd_Click to expland it. You will see String("123456789")-> Double(1.23457e+008) Double(-1.92294e+008)->Double(-1.92294e+008) Ok. Where would -1.92294e+008 come from??? (Try to develop a cracker's hunch or sixth sense. Whatever you call it!!) Take "123456789" and subtract 315751288 from it. You get -192294499 which is -1.92294e+008 when you convert it into Double format. Why would 315751288 be subtracted from our serial?? **By the way, if you have forgotten where 315751288 comes from, scroll up. Now, I get another hunch. Type in 315751288 and click "Check" again You will get the following messages: "Not bad, you have found the correct password." "Mail me, how you got it, there's a price waiting for you. CyberBlade@gmx.net" If you want, click on the + sign next to Checkcmd_Click again. You will see String("315751288")-> Double(3.15751e+008) Double(0)->Double(0) CrackMe Cracked. Yo CyberBlade! Where is my prize? __________________________________________________________________________ Final Notes This tutorial is dedicated to all the newbies like me. And because I'm a newbie myself, I may have explained certain things wrongly So, if that is the case, please forgive me. Email me if there is anything you are not clear about. My thanks and gratitude goes to:- The Sandman All the writers of Cracks tutorials and CrackMes