| Target Program: |
TrayTool 4.0 |
| Description: |
TrayTool 3.0 will allow many icons and shortcuts to
be placed on a popup menu or icons from the system tray. TrayTool also allows many options
on all of these icons, including startup and autostart options, specific icons and
parameters. TrayTool 3.0 also now has SmartMemory for Explorer, which will remember which
directory you last explored and restart you there! |
| Location: |
http://www.boundarylight.com |
| Protection: |
Serial |
| Tools needed: |
- SoftICE 3.24 |
| Ob duh: |
Do I really have to remind you
all that by BUYING and NOT stealing the software you use will ensure that these software
houses will continue to produce even *better* software for us to use and more importantly,
to continue offering even more challenges to breaking their often weak protection systems.
BTW, It's illegal to use cracked Software!
If you're looking for
cracks or serial numbers from these pages then your wasting your time, try to search
elsewhere on the Web under Warez, Cracks, etc. |
| Info: |
Brand and product names are trademarks or registered
trademarks of their respective holders. |
| Level: |
(X)Beginner ( )Intermediate ( )Advanced ( )Expert |
|
Well as I've looked at the
protection of TrayTool I decided to write a short tutorial which lame ways some shareware
authors choose to 'prevent' us crackers.
First of all enter your favourite Registration Code, enter SoftICE and set a BPX to
HMEMCPY. Leave SoftICE and press the Register button. SoftICE will pop up and after you've
traced through the code a little bit (about 12 F12's), the following code snippet will be
displayed:
:00446C1B CALL 0041E09C ; get enterd Registration Code
:00446C20 MOV EDX,[EBP-14] ; move enterd Registration Code to EDX
:00446C23 MOV EAX,00446D20 ; real Registration Code
:00446C28 CALL 00403E28 ; check them
:00446C2D TEST EAX,EAX ; everything ok?
:00446C2F JLE 00446C8A ; if not => JMP |
Now it's quite easy to view
EAX and sniff out the right code. A d EAX at 446C28 will display the following in your
data window:
013F:00446D20 39 31 33 00 FF FF FF FF-08 00 00 00 54 68 65 20
913.........The
013F:00446D30 43 6F 64 65 00 00 00 00-FF FF FF FF 0A 00 00 00 Code............
013F:00446D40 52 65 67 69 73 74 65 72-65 64 00 00 FF FF FF FF Registered......
013F:00446D50 08 00 00 00 43 6F 6E 74-69 6E 75 65 00 00 00 00 ....Continue.... |
Most of you will know what
the real Registration Code is. However it seems that the coder of TrayTool expects us crackers
that we didn't know that FFh is a " " and that we would enter "913" or
"The Code" as Registration Code. Fact is, that 913
The Code is the real Registration
Code and that the coder of TrayTool hadn't expected normal crackers.
Now do you remember the quoted message from Eternal Bliss in my
27th tutorial?
Well, this is such an example!
Another target has been Reverse Engineerd. Any questions (no crack requests)?
|