Written by - george Email - george@pentire2.demon.co.uk Date written - 10th March 1999 Program Details: Name - VBCrackMe v2.0 Author - Eternal Bliss Language - Visual Basic 6.0 Tools Used - SmartCheck Cracking Method - Observation, Hunches, Guessing, luck in general really. Viewing Method - Notepad with word wrap.(full screen preferably) ----------------------------------------------------------------------------------- Protection System: Based on a serial number of undefined length. ----------------------------------------------------------------------------------- SmartCheck SetUp: Have a look at EB's early tuts and all will be revealed. ----------------------------------------------------------------------------------- The Essay: Load up the CrackMe in SC, and press F5 to start the program. Have a look at what pops up...... Nothing of any real interest there....... Type in your serial number, in my case, 'george123', then press Register. "Wrong!Try Again!!" (A little hopeful, wasn't it?) Okay.... Highlight "command1_click" (by left clicking on it once). Click on VIEW up the top there, then click on show all events. Open up "command1_click" by clicking on the "+" next to it. WOW! That is alot of info. For the purposes of this tut I will pick out the lines I think are of interest. If you scroll down the page a bit (in SC that is, not this tut), you should see lines that bear more than a passing resemblance to these. Mid(VARIANT:String:"george12...",long:1,VARIANT:Integer:1) __vbaStrVarVal(VARIANT:String:"g") returns DWORD:410414 Asc(String:"g") returns integer:103 In the first line "long:1" is grabbing the 1st letter; In the second line, there it is, "g"; In the third line "g" is being converted to its decimal value, "103". We can see the same thing being repeated further down the listing, except with "long:1" being replaced with "long:,2,3,4,etc...", and "g....103" being replaced with other letters and their respective decimal values. If we look a bit further down again you will see the line: __vbaStrVal(VARIANT:String:"10310111...") returns DWORD:4104D0 If you left click on it and look at the right window, you will see "georg" converted into decimal and squished together (103101111114103). "That is all well and good," I hear you say, "But I know what I entered in." Well, if you look further down the listings you can see another whole bunch of numbers which don't seem to have anything to do with anything.... "116104", "64104", "84104105...", "10511532", etc, etc..... If you left click on the numbers which are incomplete (have "..." after them) and have a look at the right window, you can see the complete number. Now, you will recognise the "103101111114103" from earlier, but what are all the other numbers? What if you were to try and convert the decimals to letters? Let's try that.... "116104" ---> "th" "84104" ---> "Th" "8410410511532" ---> "This_"(in this case "_" means " "(space)) "10511532" ---> "is_" "99111" ---> "co" "114" ---> "r" "10132" ---> "e_" "1141019911632" ---> "rect_" "100101" ---> "de" This doesn't make too much sense on it's own, however if you start rearranging it you should be able to make out a phrase: "This is the correct code" Let's try entering that as our code.... Hurrah.... 'Crack' open the bubbly! ----------------------------------------------------------------------------------- Congrats, apologies and thanks time: Congrats to me for writing my first tut. Apologies if it makes no sense. Thanks for taking the time to read it. Apologies to EB for stealing the essay layout (I was never very good at English Lang. in school, essay structure and the like), and also for stumbling across the solution instead of doing it the "correct" way.(Hey, whoever said there was a "right" or a "wrong" way to crack a program.) Thanks to EB and Sandman for their sites which are a wealth of knowledge.