Anonymous
Re: Post solution to Task #5 Here:
Thu Dec 31 12:17:09 1998


Edited so everyone has a chance:




The registration file is really most smoke to throw off any newbye cracker as there are really only four locations that are important.
Two of these hold the counter when we are unregistered. They have to match or we will be warned we tampered with the program. They are bold and underlined 01 below.
The other two are the digits 2, and 7 at offset F8 and F9 They are underlined below.
Here they are 8 and 6 because CYT is unregistered.

This is a generated file. Any attempt to edit will result in a disfunctional program. YOU HAVE BEEN WARNED!!!
100000101001001010110011001010010100010101000100
pΨÎW|^>2-28xGd$%)@ޞY
"U4(*bD&7<ֈRvgg431
17119862391983421430987349287201987219
28371203981723987213498294710716141638
59372811718314267409183740192384712349
08713249081723481903481902340798098712
08794390782190732101290871248217216151
57519883439502983712198128388712982873
17832847128793498712364871348112740-01
01
uses
----010203040506070809101112131415
[self-destruct]=false

But changing them to 27 we could eliminate everything below these two digits because it will now think we are registered, that is what the 27 tells the program.
Therefore the msffs.dll could look like this.


00000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000
00000000000000000000000000000000000000
0000027


The preceding zero's are necessary to get the proper offset. However we could eliminate the msffs.dll registration file altogether , ( that includes the file win64os.cpl) by changing two locations within CYT.
No nag will appear, and you can run the program as registered without ever having to do so.

1. change location 00xxxxxx from Jz to Jnz. This will kill the first nagscreen and we will not have to register

2. Change the instruction at 00xxxxxx to a Ret

Eliminate msffs.dll we will not need it anymore.

Princess