Posted by +Sandman on 1/14/2000, 8:14 pm
, in reply to "Re: hobgoblin's thread"
212.139.131.132
Greetings NeoPiTeR, Task 1 is primarily an observation phase, this phase allows -us- to see what, if any, protection systems exists.
Hobgoblin has used REGMON to see what registry entries are created and read by the program. This tool is is able to sense all activities made to our registry file while a program is running. This tells us where to look. W32Dasm allows us to see inside our Accoustica.exe file, in doing so it will show any and all ascii text strings, like those used in the Error/Registration messagebox's. These text strings are like flashing neon signs to reverser's..:)
We can also find out many things just by experimenting with our system clock. If a program gives us 30 days -free- use before it shuts down then what happens if we set our clock to 31 days?.
Another tool we can & -should- use is FILEMON.. This tool shows us what files, if any, Accoustica reads/opens or creates while it is running. Many programs store hidden information in the C:\Windows\System directory so it's worth while checking for this.
Observation can and -DOES- save us a great deal of time when it comes to deciding where or how to crack this program.
Hope this helps
+Sandman