|
Tutorial Cracking :
Softany Screensaver Remover v1.0
|
Target : Softany Screensaver Remover v1.0
Tool : OllyDebug DeFixeD
Exe Info PE
Softany Screensaver Remover help you delete screensavers from your system.
Buka ScrRemover.exe dengan Exe Info PE.
Borland Delphi ( 2.0 - 7.0 ) 1992 - www.borland.com
Load ScrRemover.exe di OllyDebug.
Langsung cari Referenced Text Strings dengan kata "illegal"
Ketemunya :
0049D96D MOV EAX,0049DA04 ASCII "Illegal registration code!"
Klik dua kali.
0049D94C E8 13FAFFFF CALL 0049D364
0049D951 A1 D8944A00 MOV EAX,DWORD PTR DS:[4A94D8]
0049D956 8B00 MOV EAX,DWORD PTR DS:[EAX]
0049D958 33D2 XOR EDX,EDX
0049D95A E8 4172F6FF CALL 00404BA0
0049D95F 74 0C JE SHORT 0049D96D
0049D961 B8 F0D94900 MOV EAX,0049D9F0 ; ASCII "Thank you!"
0049D966 E8 F14AF9FF CALL 0043245C
0049D96B EB 0A JMP SHORT 0049D977
0049D96D B8 04DA4900 MOV EAX,0049DA04 ; ASCII "Illegal registration code!"
Beri breakpoint dialamat "0049D94C".
Run Ollynya atau F9.
Isi registernya trus klik ok.
Olly akan break dialamat "0049D94C".
0049D94C E8 13FAFFFF CALL 0049D364
Step Into ollynya atau F7
0049D364 55 PUSH EBP
Trace kodenya kebawah.
0049D49C E8 77FAFFFF CALL 0049CF18
0049D4A1 8B55 E4 MOV EDX,DWORD PTR SS:[EBP-1C]
0049D4A4 A1 D8944A00 MOV EAX,DWORD PTR DS:[4A94D8]
0049D4A9 E8 BA75F6FF CALL 00404A68
Step Into atau F7 dialamat "0049D49C"
0049CF18 55 PUSH EBP
Trace kodenya kebawah.
0049CF5E E8 6D75F6FF CALL 004044D0
0049CF63 83F8 13 CMP EAX,13
0049CF66 75 34 JNZ SHORT 0049CF9C
0049CF68 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C]
0049CF6B E8 84F8FFFF CALL 0049C7F4
0049CF70 81FA 0C010000 CMP EDX,10C
0049CF76 75 18 JNZ SHORT 0049CF90
0049CF78 3D AFAC7F14 CMP EAX,147FACAF
0049CF7D 75 11 JNZ SHORT 0049CF90
0049CF7F 8BC3 MOV EAX,EBX
0049CF81 BA F4D04900 MOV EDX,0049D0F4 ; ASCII "Single-user License"
0049CF86 E8 D972F6FF CALL 00404264
0049CF8B E9 34010000 JMP 0049D0C4
.
.
.
0049D00B 74 24 JE SHORT 0049D031
0049D00D 8B45 E8 MOV EAX,DWORD PTR SS:[EBP-18]
0049D010 E8 A3F8FFFF CALL 0049C8B8
0049D015 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C]
0049D018 E8 03B8F6FF CALL 00408820
0049D01D 8B55 E4 MOV EDX,DWORD PTR SS:[EBP-1C]
0049D020 8BC3 MOV EAX,EBX
0049D022 B9 10D14900 MOV ECX,0049D110 ; ASCII "-user License"
0049D027 E8 F074F6FF CALL 0040451C
0049D02C E9 93000000 JMP 0049D0C4
.
.
.
0049D094 E8 4BFDFFFF CALL 0049CDE4
0049D099 84C0 TEST AL,AL
0049D09B 74 0E JE SHORT 0049D0AB
0049D09D 8BC3 MOV EAX,EBX
0049D09F BA 28D14900 MOV EDX,0049D128 ; ASCII "Site License"
0049D0A4 E8 BB71F6FF CALL 00404264
0049D0A9 EB 19 JMP SHORT 0049D0C4
Disini tinggal buat patch dengan 3 pilihan license.
Coba pilih yang "Site License"
Dialamat "0049CF66" kode "JNZ SHORT 0049CF9C"
Ganti dengan :
Kode "JMP 0049D09D"
Simpan perubahannya.
Enjoy....!!!
18/03/10
|