home *** CD-ROM | disk | FTP | other *** search
- Tutorial Number 27
-
- Written by Etenal Bliss
- Email: Eternal_Bliss@hotmail.com
- Website: http://crackmes.cjb.net
- http://surf.to/crackmes
- Date written: 18th Jul 1999
-
- Program Details:
- Name: VB5-CrackMe 1.0 by Blaster99 [DCD]
-
- Tools Used:
- SmartCheck
-
- Cracking Method:
- Serial Sniffing
-
- Viewing Method:
- Use Notepad with Word Wrap switched on
- Screen Area set to 800 X 600 pixels (Optional)
-
- __________________________________________________________________________
-
-
- About this protection system
-
- This program requires a Regcode to register. This code is hard-coded into
- the program and you can see it when you open up the file with a hexeditor
- at offset 11DC.
-
- _________________________________________________________________________
-
-
- About this tutorial
-
- Since this is my 27th tutorial, I will presume that you have read the
- previous ones. So, my description on how to use the tools will be reduced
- unless there are new methods.
-
- This is a very short tutorial to show what serial fishing is like and
- how easy it can be in SmartCheck. Configuration of SmartCheck for new
- crackers can be found on my website.
-
- _________________________________________________________________________
-
-
- SmartCheck
-
- First, run SmartCheck and load the CrackMe. Press F5 to start running
- the CrackMe using SmartCheck.
-
- There is a nag box which I think is impossible to get rid of in VB. So,
- lets forget about it for the time being.
-
- Type in any Code you want and click on Registrieren. You will receive
- a message about wrong serial. (I don't understand the language)
-
- You can stop running the CrackMe now.
-
- What you can see in SmartCheck is a line called Commang1_Click and there
- is a + sign next to it. Click on the + sign to open up the threads.
-
- There are just 3 lines:
- Text1.Text
- Text1.Text
- MsgBox(VARIANT:String:"Error!..."...)...
-
- Well, not much information there.
-
- Click on the first Text1.text and then choose "Show All Events" in SmartCheck
- under the "View" option.
-
- Now you get a lot of info.
-
- Immediately below the Text1.Text that I told you to click on, there is
- a line that says
- __vbaStrCmp(String:"2G83G35H...",String:"12345678...") returns...
-
- If you had read my 2 essays on VB cracking before, you would know that
- __vbaStrCmp is a very common breakpoint to use in Softice for VB cracking.
-
- What this command does is to compare 2 strings.
- So, if 12345678 is what I entered, what do you think 2G83G35H... is for?
-
- Click on that line and look at the right hand window.
- The whole string is 2G83G35Hs2 and that is the hard-coded code I have talked
- about.
-
- CrackMe Cracked!
-
- __________________________________________________________________________
-
-
- Additional
-
- If you were to use Softice instead, just set the breakpoint on
- __vbaStrCmp and trace into the calls. You will be able to see the Regcode
- in ECX after a while. It will be in w.i.d.e. .c.h.a.r.a.c.t.e.r format.
-
- __________________________________________________________________________
-
-
- Final Notes
-
- This tutorial is dedicated to all the newbies like me.
-
- My thanks and gratitude goes to:-
-
- All the writers of Cracks tutorials and CrackMes
- and also to all the crackers that have been supporting my site and project forum.
