Tutorials

Tutorials in this site are for educational purposes only. If you wish to contribute, please send it as an attachment to y_t_c@usa.net. But, before sending, please be informed that I may edit your tutorials if necessary. Also, DO NOT SEND ME CRACKS/KEY GENERATORS FOR THE PROGRAMS YOU CRACK. But you may only send me source codes of your work. Do not forget to include your email addresses in your essay for learners to contact the authors easily.

Author	Tutorials
BlackB	Cracking Qoole 2.50 A typical .reg file protection scheme with two checks.
Borna Janes	Winzip v7.0 Keygen An easy-to-follow tutorial on how to make a key generator for Winzip in QBasic. You may download the source here.
	BuLLeT's Crackme v4.75 A hardcoded serial protection. Lame, but sadly, is still widely used in some modern sharewares. Strictly for raw beginners only.
	MexElite's Crackme v1.0 An extremely simple protection... a hardcoded serial. Strictly for raw beginners only.
cLUSTER!	Remote Administrator v1.11 A darned good tutorial. I have also learnt a few things from here. Thanks to Mankind for sending this to me. NOT FOR NEWBIES!!
Goatass	L0phtCrack v2.52 for Win95/NT I can't believe this. A famous hacking group that releases a shareware to break NT passwords, but uses such a poor protection scheme. Read on to find out why.
Kwai_Lo	12 Ghosts Universal Keygen with C Source Here's a tutorial on how to write key generators in C. 12 Ghosts uses a very simple algorithm (with a very long blacklist ;-).
Kwai_Lo	HTML Dir v2.0x Keygen with C Source Another tutorial for a program that uses a rather simple key generating routine.
Kwazy Webbit	Cracking Like Kwazy An attempt to help newbies on how to get started on cracking, with a program as an example.
Mankind	Open Sesame v3.1 This is a simple program developed by a 16-year old teen which can simplify your task of starting certain programs without using the Start menu.
	WindowBlinds v0.97 A good program to change the graphical user interface of Windows. It is a good program, except that it is pretty unstable.
	Calli-Graphic v1.0.5 Designed specifically for calligraphers of all levels of experience. Used to avoid the time consuming task of ruling lines for practice purposes.
	Color Set v1.7 A very simple registration scheme. Here, you only learn how to fish the serial out. Nothing is said about how the serial is generated though.
NeuRaL_NoiSE	Opera v3.50 A very well written tutorial on how to patch Opera v3.50. Newbies, read this, you won't regret.
	A Dll Reversing Example How to reconfigure explorer.exe's behaviour by modifying some functions in the shell32.dll library. A reverse engineering tutorial at last ;-) Anyway, this tutorial is somewhat similar to one which was written by a very good reverser, Ghiribizzo. Unfortunately, he has removed the tutorials he has written. If anyone out there have ANY of his tutorials, please inform me about it.
	Creation of Html Notepad Reversing, functions addition, modifications in the existing code and classic cracking in a typical target from Micro$oft: notepad.exe... detailed description of the creation of hnotepad.
RevX	Cracking Tutorial A general-approach cracking tutorial for serial number protections. He calls this the 'break in - dive out' method. Very suitable for newbies.
Thog	How to crack the Windows 98 "year 2001" problem This only works for the German (at least I think it is German :-þ) version of Windows 98. This does not really solve that big problem, but removes that nag at startup which everyone hates.
	ROPS v5.2a A very good program to view Postscript (.ps) files. This is a very very short essay. Thog only pointed out the locations of the serial number and protection scheme, but not how to find them. I guess this can be used as a simple excercise for newbies to try out their skills.
	WinEdit 2000 A very useful editor with integrated FTP-Explorer. Another very short essay. Can be used as a simple excercise too.
ufk	Cracking Ading FontManager v1.25 A pretty interesting essay on Delphi cracking.
ufk	Cracking Air Messanger LAN Server v1.5 Cracking the nag screen by using the MessageBeep function to find the revelent code.
Widya-Cl	Serial Catching in VB 5 A very good serial fishing tutorial for VB 5 applications. Targets used are Pretty Good Solitaire 98 and Pam v.13.
	How To Think Like A Programmer Cracking a serial number based program (Photoline v5.06) which stores information in registry.
	Time Limits A very interesting approach. Minimal effort with maximum results ;-). Target is CpuIdle v5.03.
	Time Limits in Unreal Player Max v1.29 Release 8 Trial Version An example of using GetLocalTime to get to the heart of the protection scheme.
	Speak v1.8.21 - Rev.501 A very quick way to crack VB6 applications.
	WebFlix Pro v1.5.1 An example of a simple patcher in asm is included.
	Winboost 98 v1.24 Key Generator An example of a key generator using C++ is included.
ytc_	Talking Email v1.0 Cracking a keyfile protection scheme of a VB5 written application using Smartcheck + IDA approach.
	Opera v3.50 Serial fishing one of the BEST browsers around. Also describes the power of IDA which identifies C standard libraries used to help gain a better understanding on how the serial number is generated.
	Aareus IconCommander My first program which needs actual reversing of the key generating routine. This keygen tutorial has been slightly edited since its first release.
	Manually Unpacking ASPack A (hopefully) detailed essay on how to unpack manually a very simple packer, ASPack, using The Owl's 'pagein' patch to enable Softice to dump memory contents to a file. Target used is Powerstrip v2.35.01.
	Hex Workshop 16-bit v2.10 Serial fishing a 16-bit program running Windows NT.
	PSEdit v4.4 Removing a nag screen from my first DOS target.
	Arcade Pool Demonstration version A new approach to defeat the 2-minute demo mentioned in +ORC's Lesson 1:An approach. I am very sure that someone else have already discovered this method, but strangely no one published anything about it (or maybe because there is no one else). But anyway, I hope beginners can understand this one.
	Indianapolis 500 Another approach, but same technique used to crack this paper protection target example in +ORC's second lesson. I must be reinventing the wheel a lot ;-).
	Sourcer v6.51 Loops, loops and more loops. As a general rule, interrupt breakpoints (bpint) should be used when cracking DOS programs, but I just can't get any of them to work. That's why loops dependancy comes into mind. Do not forget to read +Frog Print's contribution in Fravia's Advanced Cracking section on cracking Sourcer v7 using well placed bpints.
	Universal Military Simulator v1.0 This time, loops are useless and I have to resort to single stepping right from the beginning of the game.
	Lightspeed v461.01 Ever wondered how my life would be without loops? I have simply no idea. This time, we deal with a protection scheme which put its code in another file.
yes123	A Day in the Life v1.0 A key generator tutorial with source in C.
	SubmitWolf (DEMO) v4.01 A key generator tutorial with source in C.
	Screen Loupe for Win9xNT v4.4 A key generator tutorial with source in C.