| Target Program: |
Waste Whacker 3.1 |
| Description: |
Waste Whacker was designed to quickly remove the
files you, the user, requires. No other utility does the job of waste removal like Waste
Whacker. The other utilities on the market are designed to safely remove some common types
of files when the program is manually ran. Waste Whacker allows a user to set the exact
location and file types to remove. The removal process is then accomplished quickly during
bootup of Windows or during manual operation. Some products have a lengthy load time due
to the many features included. Waste Whacker was designed to be small, quick, and
powerful. |
| Location: |
http://www.dbytes.com
If you prefer a FTP-Search, look for
WASTEWH.EXE (1111876 Bytes). |
| Protection: |
User Name & Registration Number |
| Tools needed: |
- SoftICE 3.24 |
| Ob duh: |
Do I really have to remind you
all that by BUYING and NOT stealing the software you use will ensure that these software
houses will continue to produce even *better* software for us to use and more importantly,
to continue offering even more challenges to breaking their often weak protection systems.
If you're looking for
cracks or serial numbers from these pages then your wasting your time, try to search
elsewhere on the Web under Warez, Cracks, etc. |
| Level: |
(X)Beginner ( )Intermediate ( )Advanced ( )Expert |
|
As you now already know, the
first step to crack a program is to have a look at it's protection. So start Waste Whacker
and choose Options - Register. A dialog box with a "User Name" &
"Registration Number" request get's displayed.
So after this quick look, we can start our cracking session. Enter "cRACKING
tUTORIAL" as Name and "12345678" as Serial-#. Then enter SoftICE and set a
breakpoint to HMEMCPY. Leave SoftICE and press "OK". SoftICE will pop up. Since
this dialog box has two input fields, we can leave SoftICE - it will pop up again. So do this
now.
Back in SoftICE again, press the F12-Key (about 7 times), until you're in Waste
Whacker code. Now press F10 until you left the CALLs (RET instructions). The
following code will now be displayed:
:00473E21 8B55F4
MOV
EDX,[EBP-0C]
:00473E24 8D4340
LEA
EAX,[EBX+40]
:00473E27 E8CCFCF8FF
CALL 00403AF8
:00473E2C 8D4DFC
LEA
ECX,[EBP-04]
:00473E2F 8B5340
MOV
EDX,[EBX+40]
:00473E32 8B4324
MOV
EAX,[EBX+24]
:00473E35 E856F9FFFF
CALL 00473790
:00473E3A 837DFC00
CMP DWORD PTR [EBP-04],00
:00473E3E 741F
JZ 00473E5F
:00473E40 8B45FC
MOV
EAX,[EBP-04]
:00473E43 8B533C
MOV
EDX,[EBX+3C]
:00473E46 E8E5FFF8FF
CALL 00403E30
:00473E4B 7512
JNZ 00473E5F
:00473E4D 8BD3
MOV EDX,EBX
:00473E4F 8BC3
MOV EAX,EBX
:00473E51 E81AFDFFFF
CALL 00473B70
:00473E56 8BC3
MOV EAX,EBX
:00473E58 E83BFDFFFF
CALL 00473B98
:00473E5D EB09
JMP 00473E68
:00473E5F 8BD3
MOV EDX,EBX
:00473E61 8BC3
MOV EAX,EBX
:00473E63 E81CFDFFFF
CALL 00473B84
:00473E68 33C0
XOR EAX,EAX
:00473E6A 5A
POP EDX
:00473E6B 59
POP ECX
:00473E6C 59
POP ECX
:00473E6D 648910
MOV
FS:[EAX],EDX
:00473E70 68853E4700
PUSH
00473E85
:00473E75 8B45F8
MOV
EAX,[EBP-08]
:00473E78 E84FF0F8FF
CALL 00402ECC
:00473E7D C3
RET |
At 473E21, EDX contains our
User Name ("cRACKING tUTORIAL"). As you trace through the code, you'll come
accross 473E3A, where the result of the CALL 473790 is checked. In that CALL the validity
of our User Name is checked. If our User Name is valid, we won't jump - but if if not,
we'll jump to 473E5F.
Since there's a very suspicious JNZ instruction after 473E46, we
should check the registers (EAX & EDX in this case):
EAX will contain 492807055011,
which looks very like a Registration Number to me, EDX will contain 12345678, which is
our fake Registration Number.
Now we found the Registration Number we need to 'register' Waste Whacker, which was quite easy - not all
programs are so easy to crack; so keep practicing.
If you're USING Waste Whacker
BEYOND it's FREE TRIAL PERIOD, then please BUY IT. |