Cracking Projects For Newbies

Task 2 finished
Friday, 05-Feb-99 07:29:41
    196.6.150.16 writes:

    1 - The best place that I think you can patch the program is at 0040b744 0F8572020000 and 00405C47 0F8434010000

    I first patched the first offset. This registered the program. If you exit and start program again, it comes up with 'Sorry blah, blah, blah'. This means that the program checks for the serial number again before it starts up.
    Back to WDASM to check for second offset. I changed the second offset and the program keeps the registered info.

    2 - There are, as seen from above discussion, 2 places that the program needs to be patched.

    3 - If you use WDASM, there is a refrence to the string 'The program has been modified'. I patched the program twice and that message didn't come up at all. It might be left as a deterent for crackers or from the previous version's left over code.

    4 - The only way that I could see that there is a way the program tries to prevent editing to itself, is by being read only. If you check in the properties box of the file, the read only checkbox is ticked. Apart from that, I did not see any other problem. I used HView to edit the program and it did not even beep to say that the file is read only. it looks like HView ignores the attributes of the file it is editing

    BlueJay


Message thread:

BlueJay: Task 1 (03-Feb-99 04:24:22)

Back to main board


Message subject:

Name: (optional)

Email address: (optional)

Type your message here:




Back to main board

Copyright © InsideTheWeb, Inc. 1997-1999
All rights reserved.