Reverse Code Engineering RCE CD +sandman 2000

home *** CD-ROM | disk | FTP | other *** search

/ Reverse Code Engineering RCE CD +sandman 2000 / ReverseCodeEngineeringRceCdsandman2000.iso / RCE / E_bliss / tut10.txt < prev next >

Wrap

Text File | 2000-05-25 | 3KB | 113 lines

How to crack R!SC Crakpad by ACiD BuRN hi everybody !!! today , i will make a tut on a crackme , it is a modified version of notepad (M$). Protection: - Time Limit - NaG ScReeN - Packed i will just explain you how to crack the protection , not how to unpack it.this will be very easy , lets Go !!!! so , move your windows clock to the future !! in 2002 for exemple and run crakpad !!! A messagebox say you : This version has expired ... So , set a breakpoint on getlocaltime like this: BPX GetLocalTime run the prog and he we break in softice !!!! Cool !! , press F12 to go back to the call and we see: 40623D 66813FCF07 CMP WORD PTR [EDI],07CF <= 7CF(h) = 1999(d) it compare with the year 1999 406242 7F3C JG 406280 <= if it geater than 1999 goto bad boy :( 406244 7C07 JL 40624D <== if less goto good boy :) ...... .......... ....................... heheh , so how to crack this ? Very easy , it compares with the year 1999 , and jump to error message if the year is greater that 1999.We can nop it , but it not needed coz , he test if is less than this year with the command : JL 40624D , it jump to the program if the year is good , so we will make it jump for ever !! so JL 40624D become jump 40624D to try this in memory , without patching the file coz it is packed , type: a 40624D and press enter then type : jump 40624D and press enter. Press escape and now F5 to let him runing ! Cool , we have now a nag sreen , but we don't see the error message , for expirer verion .. you did it !! Now , we need to kick this nag , but it is very easy !!!! type : BPX MessageBoxA you have to patch the memory again , for the time limit. run the prog , and he will break on the messageboxa API !! heheh , i am sure it will be finish in 30 secondes now !! F12 to get out the call and we see : 40625B FF1530744000 Call [USER32!MessageBoxA] <== this is the call for the messagebox ! ..... ............ ......................... So , if we want to kill the nag , we just have to nop the call !! replace : FF1530744000 909090909090 so to try the crack completely , put a bpx on getlocaltime , do the modification like we do first and atfer type : a 40625B nop enter then type nop , 5 times again and escape after this type bd * for disable all breakpoint and press F5 , you will go in Crakpad without a time limit message or NAG !!!!! Another One cracked !! now , you have to unpack it to patch it after , coz process patcher are not allowed and we have just patched the memory !! but it is not my job to say how to do that !! :) i hope you have understand this tut and you learn something with !! If you have any question mail me to : acid2600@hotmail.com Thx to read this Tut !! cya ... Greetings to (not specific order!): CyberBlade , ^inferno^ , MiZ , Borna janes , DnNuke , TexSkyman , Virus , theCorpse , BuLLeT, Volatility , Eternal Bliss, appbusta ... so All ReFleXZ TeAM , All ECL TeAM , ALL CRACKER WORLD TeaM and ALL CROSSOVER TEAM too !! if i forget someone , sorry !! to loto of dude to put here !! i am lazzy !! ACiD BuRN [RFZ/ECL/CW/CO]