Indonesia Homesite - Tutorial Registry Cleaner v4.31

Tulisan Dasar Cracking

Selamat Datang................. Cracker..........

Tutorial Cracking :

Registry Cleaner v4.31

Target  : Registry Cleaner v4.31
Tool     : OllyDebug DeFixeD
              Exe Info PE
              ArmaG3ddon v16f

Registry Cleaner scans the Windows registry and finds incorrect or obsolete information in the registry. After Registry Cleaner fixes these problems, your system will run faster and error free. The backup/restore function lets you backup your whole Windows Registry in case you need to go back to the way things were before.

Scan RCleaner.exe dengan Exe Info PE untuk melihat programnya diproteksi apa??
Armadillo 4.4x ~ 4.62..5.0 32bit - www.siliconrealms.com

Gunakan Armageddon v1.6f untuk membuka proteksinya.

Buka RCleaner_.exe nya dengan OllyDebug DeFixeD.
Di "CPU - main thread, module RCleaner_", klik kanan pilih "Search for" terus "All Referenced Text Strings".
Geser keatas terus cari kata "expired".

Ketemunya.

0042D14B PUSH 00513F90 ASCII "EXPIRED"

Klik dua kali.

0042D14B 68 903F5100 PUSH 00513F90 VarName = "EXPIRED"
0042D150 AA STOS BYTE PTR ES:[EDI]
0042D151 FFD6 CALL ESI GetEnvironmentVariableA
0042D153 85C0 TEST EAX,EAX
0042D155 0F85 2F020000 JNZ 0042D38A
0042D15B 8D5424 28 LEA EDX,DWORD PTR SS:[ESP+28]
0042D15F 68 FF000000 PUSH 0FF BufSize = FF (255.)
0042D164 52 PUSH EDX Buffer
0042D165 68 883F5100 PUSH 00513F88 VarName = "USERKEY"
0042D16A FFD6 CALL ESI GetEnvironmentVariableA
0042D16C 85C0 TEST EAX,EAX
0042D16E 75 33 JNZ SHORT 0042D1A3
0042D170 8D4424 10 LEA EAX,DWORD PTR SS:[ESP+10]
0042D174 6A 03 PUSH 3 BufSize = 3
0042D176 50 PUSH EAX Buffer
0042D177 68 7C3F5100 PUSH 00513F7C VarName = "DAYSLEFT"
0042D17C FFD6 CALL ESI GetEnvironmentVariableA
0042D17E 85C0 TEST EAX,EAX
0042D180 0F84 04020000 JE 0042D38A
0042D186 8D4C24 10 LEA ECX,DWORD PTR SS:[ESP+10]
0042D18A 892D CC035200 MOV DWORD PTR DS:[5203CC],EBP
0042D190 51 PUSH ECX
0042D191 E8 C0EB0700 CALL 004ABD56
0042D196 83C4 04 ADD ESP,4
0042D199 A3 C0035200 MOV DWORD PTR DS:[5203C0],EAX
0042D19E E9 E7010000 JMP 0042D38A
0042D1A3 8D9424 280100>LEA EDX,DWORD PTR SS:[ESP+128]
0042D1AA 68 FF000000 PUSH 0FF
0042D1AF 52 PUSH EDX
0042D1B0 68 703F5100 PUSH 00513F70 ASCII "USERNAME"
0042D1B5 FFD6 CALL ESI
0042D1B7 85C0 TEST EAX,EAX
0042D1B9 0F84 CB010000 JE 0042D38A

Dialamat "0042D16E" kode "JNZ SHORT 0042D1A3" ganti "JMP SHORT 0042D1A3"
Dialamat "0042D1B9" kode "JE 0042D38A" ganti "NOP"
Simpan perubahannya.

14/05/10

WebMaster

Terus Kembali

Komentar dan Mailing List

Crack One Software Every Day Make You The Real Cracker