Beginning with cracking:

Now lets start with the main thing you want to learn. Cracking. I`ll show you now how to handle the basic commands of W32Dasm89 and Hiew. We`ll crack now WinRAR95.exe (we`ll make a full registered version of the trial). At first we start the program. We`re in.

At first we can see on top of the window "WinRAR (unregistered version)"
Thats very good for us cause the "unregistered version" status behind the "WinRAR" tell us that it is unregistered and that it`ll be not shown if it registered. Now we click on "Options"
and then on "Register". Now you can see a windows box (these kind of boxes i mean which are easy to crack for us).Now enter in the text boxes what you want like as a name "Test" and as a number "12345" and click on ok.You`ll hear a sound and another windows box pops up which tell you "Registration Failed". Thats all we want to know. Close WinRAR95 and go to your Ms-Dos box. Now in Norton Commander (you can use windows commander too) make from your WinRAR95.exe two copies. One of them named WinRAR95.w32 (for W32Dasm89) and one named WinRAR95.exx (a saved copy if you change wrong bytes).
Now i`ll exlpain why we do these copies. Its very easy. If you disassemble a exe like WinRAR95 and you`re working in W32Dasm89 you cant run the WinRAR95.exe as the same time in Hiew or in Windows Explorer.You make a second copy named WinRAR95.w32 (you can call it like you want no matter but its good that you see its for W32Dasm89). This copy you`ll disassemble with W32Dasm89 and you can everytime start the original exe in Windows or change the bytes in Hiew. The second copy WinRAR95.exx is only a save recovery copy. If you change wrong bytes in Hiew or anything else so that it wont run you can rename the WinRAR95.exe with WinRAR95.exx. And try it again (remember its always "try and error" technique). Ok if you make the two copies start W32Dasm89. Now click on the first button on the top (or click on Disassembler and then on "Open file to disassemble". A window pops up and you can chose the file you want to be disassembled.
Change your directory to your WinRAR directory and click on WinRAR95.w32 Now W32Dasm starting the disassembling process (if you have low system memory or low HD memory it`ll take some time).You can always click on the button in the midle of the screen called "Cancel Disassembly" which will abort the disassembling process. If the exe is disassembled it may be that you see no "normal" signs but WinDings written lines. Dont worry you can change your font. Click on "Disassembler" then on "Font" and at least on "Select Font". Now you can chose the font you`ll use in W32Dasm89. I think the best one is Arial. Change the font. Now you have your selected font present in W32Dasm89. Click a second time on "Disassembler" "Font" and then on "Save default Font" (if you dont do that at your next disassembling file you`ve to change the font a second time). Now you see the asm-code. It will not tell you much cause you dont know what all the commands mean. Now click on the button next to the "Print" button called "Strn Ref" (String Data References). A window pops up. Now you can see all the error messages you can recieve from the exe. Do you remember what does WinRAR said if you entered the wrong code? It said "Registration Failed". Now look at the text and search for the message. Got it? Double click on it. In W32Dasm you`ll be warped to the position in the asm-code where it let pops up the error message you`ll recieve on your screen when you entered the wrong code.

If you make it right you`ve to look at a screen like this:

:00413A8F 6A6A push 0000006A
:00413A91 E863640000 call 00419EF9
:00413A96 59 pop ecx
:00413A97 50 push eax
:00413A98 FF7508 push [ebp+08]
* R e f e r e n c e T o : U S E R 3 2 . M e s s a g e B o x A , O r d : 0 0 0 0 h

:00413A9B E8120B0100 Call 004245B2
:00413AA0 33C0 xor eax, eax
:00413AA2 A358674200 mov dword ptr [00425758], eax
:00413AA7 A338564200 mov dword ptr [00425638], eax
:00413AAC A34C564200 mov dword ptr [0042564C], eax
:00413AB1 EB56 jmp 00413B09

* Referenced by a (U)nconditional or (C)onditional Jump at Adress: <---------This is our one
:00413A82(C)

* P o s s i b l e S t r i n g D a t a R e f f r o m D a t a O b j - > " Wi n R A R "
:00413AB3 68D86A4200 push 00426AD8
:00413AB8 FF359C644200 push dword ptr [0042649C]

* R e f e r e n c e T o : U S E R 3 2 . S e t Wi n d o wT e x t A , O r d : 0 0 0 0 h

:00413ABE E86B0A0100 Call 0042452E

* P o s s i b l e R e f e r e n c e t o S t r i n g R e s o u r c e I D = 0 0 0 4 8 : " n o r m a l "

:00413AC3 6A30 push 00000030

* P o s s i b l e R e f e r e n c e t o D i a l o g : A R C I N F O D L G , C O N T R O L _ I D : 0 0 6 C , " "

This asm-code you`ve to see on your screen if you double click on "Registration Failed".