The Sandman
Registry Crawler V1.2 - Questions 4 - 6
Mon Dec 7 17:25:24 1998


Greetings Crackers,

So far we have done our work well and found a whole host of tempting goodies to further investigate and explore at our leisure.. While this is of course, the easy part to understanding our eventual 'crack' for this program, it is also one of the most *important* steps to the whole process of learning & understanding 'how to crack'.

Anyone can learn to crack, but not everyone will learn from their cracks..

OK, lets proceed to the next stage of this project.. For a change we are going to explore some possible methods we can use to 'crack' this program, which will be based on the information we have so far gathered about this program.

Question 4. From inside YOUR System Registry file, locate the branch HKEY_LOCAL_MACHINESOFTWARE4Developer rawler

Next, create a new DWord key called: 4D
Next, assign to the 4D key a value of your choosing.

EXAMPLE ONLY: 4D = FF(256)

Now see if it's at all possible, to locate where, in 'The Registry Crawler' it handles & processes this new 4D key entry we've just created.

Explain as best you can, where this program handles our *fake* serial number (the one we manually created and assigned to the key 4D) and compares it to the *real* serial number the program expects to find assigned to 4D

Question 5. What other ways can you find that will allow us to 'sniff' out the serial number?. Here's your chance to be creative and imaginative as you like..:)

Question 6. - OPTIONAL ONLY I'm interested as I'm sure you all are, in anything new you may have found out about this program which I have not so far covered, or mentioned yet. Your observations will be the closing chapter on this program and hopfully will make interesting notes for everyone here to have should we/you ever come across any future versions of this program.

Good Luck!

Sandman