-> How to register:
   ++++++++++++++++	

	WinEdit 2000 (very useful Editor with integrated FTP-Explorer)

					tutorial written by -=[THOG]=-
			

-> An reg example - for everybody who has no debugger or experience:
   +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

	Registration ID: 	-=[THOG]=-
	Control Number :	EN01G299


-> available at:		www.winedit.com
   +++++++++++++		www.softseek.com (search for "winedit")


-> Lets go - get your own registration key:
   ++++++++++++++++++++++++++++++++++++++++

Fire on SOFTICE & Start  -> NagScreen (booohhhh..) appears ->
Keep cool -> Choose "Enter licence information" -> Enter Registration
ID -> Mhmmmmm .... its your Name ..... ok: "-=[THOG]=-" -> Control 
number - try: 87654321 -> Enter SICE and set your favorite breakpoints
for INPUT-ROUTINES -> TRACING .... after hours you will find:
	
		Call kernel32!LStrlen	
		cmp eax,08
		jz  xxxxxxxxxx

Jeahhhh .... the c. number must be 8chars long!!! Tracing ... and you
find many compares with an JZ xxxx:
	
		87654321
		 ^
		 this char (7) 	must "N", "U", or "G"
			       	with "G" you can register different
			     	products (with the same register-
				engine -> wbdbu32i.dll keep it in
				your mind)

I decided me for a "N" -> 8N654321 -> Tracinng with F12 & F10 -> 
two CMPs -> 		  ^ ^^ 
			  E 01	   -> you know: EN014321 - but it 

doesnt work... whats about the last for chars ???

Disable all & Set a breakpoint at BPX KERNEL32!LSTRCMP ....  
RUN ... Boom - Press  not the right way ...  again ...
Boom SICE pops up ...  and you see this interesting code:
					
0167:0078F8E0 47 32 39 39 00 00 00 00-0E 00 00 00 01 00 00 00  G299............ 
0167:0078F8F0 4A 42 36 33 00 FB 78 00-0A 00 00 00 0D 00 00 00  4321..x......... 
0167:0078F900 00 00 00 00 F4 10 56 00-17 53 56 00 17 53 56 00  ......V..SV..SV. 
0167:0078F910 FA 14 03 1C F4 10 56 00-00 00 00 00 D4 52 56 00  ......V......RV. 
0167:0078F920 A8 1B 50 00 F4 10 56 00-01 00 00 00 00 00 00 00  ..P...V......... 
0167:0078F930 00 00 00 00 2B F0 02 1C-F4 10 56 00 84 F9 78 00  ....+.....V...x. 
----------------------------------------------------------------PROT32---------
015F:1C02FA31  7CD6                JL        1C02FA09                           
015F:1C02FA33  8D44242C            LEA       EAX,[ESP+2C]  <******                     
015F:1C02FA37  8D4C241C            LEA       ECX,[ESP+1C]                       
015F:1C02FA3B  50                  PUSH      EAX                                
015F:1C02FA3C  51                  PUSH      ECX                                
015F:1C02FA3D  FF150051051C        CALL      [KERNEL32!lstrcmp]                 
015F:1C02FA43  85C0                TEST      EAX,EAX                            
015F:1C02FA45  0F85F4000000        JNZ       1C02FB3F                           
015F:1C02FA4B  837C242800          CMP       DWORD PTR [ESP+28],00              
015F:1C02FA50  7513                JNZ       1C02FA65                           
015F:1C02FA52  6810270000          PUSH      00002710                           
015F:1C02FA57  FF158C51051C        CALL      [KERNEL32!Sleep]                   
015F:1C02FA5D  5D                  POP       EBP                                
015F:1C02FA5E  5F                  POP       EDI                                

Set a breakpoint at 1c02Fa33 and have a look into memory ...
EB EAX and EB ECX -> there is our 4321 and another number which
is compared to our one -> AHHHHHHHHHH .... write down the 4 chars...
Disable all Breakpoints ... register again... ENter the same NAME and
as control number: 	EN01 + 4 chars you've written down ...
"OK"-Button -> "Thanks for your support!" -> Thats it....


-> Questions?:		THOG1995@Hotmail.com	
   +++++++++++