



     	     		-----T U T O R I A L  No.1--------
    	
		Most interesting way for finding serial number

			     written by glupi!
                  

This is tutorial on how to find serials for game PetWings
PROGRAM: PetWings
VERSION: 1.0 
EMAIL: jjsoft.geo@yahoo.com
URL: http://welcome.to/jjsoft/

Tools needed:
W32Dasm 8.93
Pen & Paper
Notepad.exe
Brain - not nessecary

Something about the game:
OVERVIEW
PetWings is a classic arcade style shooting game with cute cartoonish graphics,
53 game levels,5 huge bosses and 6-level fire power-up.
This game is Shareware but you can play the entire Episode1 (consists of 16 stages)
without registration.
HOW TO PLAY
Select an episode to play at the title screen. Each episode consists of 16 stages.
You will encounter a huge boss at stage 8 and stage 16.
Shoot the flying creatures and they will drop magic potions.
Your fire power will be increased after collecting 60 potions.
The maximum fire power you can gain is 6.
The game is over when your life energy is gone.
You may continue the game if you have more than 60 potions.
You will lose 60 potions after continue and that implies your fire power level 
will be decreased too.
REGISTRATION
PetWings is Shareware. You need to register to play all three episodes. 
The registration fee is $5 (US currency) and it will give you more challenging levels
with new tricky creatures and new tougher bosses!Online registration using a credit card 
is available at JJsoft homepage. It is simple, secure and quick. Please visit JJsoft homepage 
for more information.After registration, you will receive a registration key via E-mail. 
Select "Register" at the title screen and enter the registration key.

Let's examine the game a little:

Start game.You will be able to play only episode one (unregistred version).
If you choose episode 2 or episode 3 you it will be brought to you that it is not registred 
version and you can choose to go >back to menu< or >read manual< in which case it will open 
Manual_E.htm in your favorite www-browser.
On Main menu you can choose also RANKING or REGISTER or simply EXIT.
If you enter any serial number on REGISTER it creates in directory where the game 
is, file Register.dat.If you  open it later with Notepad you will see your wrong serial or....
if you are exstremly lucky right serial!
If you go to RANKING you will see that dude by the name jjsoft is on each eight place,
but if you open Ranking.dat with Notepad you will not be able to read shit from this!!
it looks like this:                           and actualy means this:
725F4055382314071254       	-->		JJSOFT		100
7A5F5C33381A080E00	  	-->		JJSOFT		 90
7B5F5C33381A080E00	    	-->		JJSOFT		 80
745F5C33381A080E00	    	-->		JJSOFT		 70
755F5C33381A080E00	    	-->		JJSOFT		 60
755F5C3E3E3C3721	    	-->		GLUPI		 60
765F5C33381A080E00	    	-->		JJSOFT		 50
775F5C33381A080E00	    	-->		JJSOFT		 40
WooW ..... bad thing.....that means that i' can't simply edit (like in the game Minesweeper, 
winmine.ini and be bether than my sister)......bummer... 
Not completly you will se later...ok...lets take some sirious business.....

Lets start:
This tutorial suposes that you are familiar with the cracking and know how to use W32Dasm 
(it means you know how to open file needed to be disassembled and to find string references) 
ok! let's disassemble Petwings.exe (it is huge 4,012 kb but it does not take too long).
now!lets look at string references (means press button named "Strn Refn", that is button next to 
the last one)
ok! You will get something like this:
"         (((((                "
" "
"%s"
"]_^["
"<"
"0"
"0123456789ABCDEF"
"120,"
"725D4055223E4A5C42191C0000"		--->looks interesting!!!
"725D405531212229200D050F00"		--->and this too!!!
"-CHEAT MODE-"				--->this means that we can use cheat in games I guess
"close all"
"COPYRIGHT 1999 JJSOFT"
"Copyright 1999 PetWings"
"DIRECTION"
"DIRECTION_REVERSE"
"DIRECTION_TO_MYCHARA"
"Enter Registration Key"		--->interesting too us if you wanna crack the game
"Enter Your Name  "
"ERROR"
"Failed to create application window."
"Failed to create DirectDraw object."
"Failed to create DirectInput object."
"Failed to initialise palette."
"Failed to register Window class."
"Failed to restore surfaces."
"Failed to set up Full-screen mode."
"GOSUB"
"GOTO_LABEL"
"INCR_FRAME"
"It costs 60 potions to continue."
"JJWindowClass"
"LABEL"
"Manual_E.htm"
"MOVE"
"Music01.mid"
"Music02.mid"
"Music03.mid"
"open %s type sequencer alias MUSIC"
"open"
"PetWings Message"
"PetWings"
"play MUSIC from 0 notify"
"play MUSIC notify"
"PLAY_SOUND"
"r"
"Ranking.dat"			--->here will be stored high scores
"Register.dat"			--->and there will be stored our serial number
"REPEAT"
"REPEAT_END"
"RETURN"
"ROTATE_LEFT"
"ROTATE_RIGHT"
"SET_BULLET_OFFSET"
"SET_FRAME"
"SHIFT_X"
"SHIFT_Y"
"SHOOT"
"SPEED"
"SPEED_PERCENT"
"stop MUSIC"
"STOP"
"UNREGISTERED"			--->this is what we get if we dont know serial
"w"
"WAVE"

Let's look the line I marked!!!
We can't notice that game has the -cheat mode-.
You can't guess that cheat mode can be entered pressing right keys or 
enter right serial (that is in our case what we will see later).
The thing that takes my attention are those long number (hex) we first marked  
725D4055223E4A5C42191C0000
725D405531212229200D050F00
Maybe it is our serial.... is it really that easy you wonder.
Only in some cases, in our case when you try to entered you will be suprised that serial number
can't be that long (You can enter max. 10 letter).What are those too long numbers for?
In a minute....first I would like to explain that thing isn't stupid like it sounds!!!
Yeah, I hear you programmer will put the serial number right in front of your nose, yeah right..
What a stupid thinking..... 
NO!!!!
In some cases it is exactly that.For example if you disassembly the program 
PROGRAM: Letter Chase Typing Tutor 
Version: 3.0 
URL:http://www.regsoft.com/
Letter Chase Typing Tutor 3.0 is Copyright 1998, 1999 by David Ray
For more than 100 users contact me at: s22k77@granitecity.com

you will find six strange strings.......
they are :
aer758om
5599c33m
5500c33m
57caee9m
hb456bnm
1414ytym
and when you try to enter them as your Unlock code (all is working!!!) with any name you will 
get the "Thank you for registration!!!!" message.
ok, so in our case that is not so....don't laugh at me for trying.
What now, you wonder??????
If you carefully read the tutorial maybe you will get an idea..........
ok I give you two more minutes............................................................
..............................................................................
NO idea!!!!
Ok, look at my idea.If you remember at the begining of the  tutorial that  name and score are 
entered in file ranking.dat  in peculiar way... I can't read JJSOFT   100 from 
725F4055382314071254, can you?
It is encripted in someway (what soever I can't read that...)
Idea is this: why don't we try to use the same decription in our case (we got two long numbers).
So let's modify Ranking.dat by putting the two long numbers (strings, call it what 
ever you want) instead of the two first line, just replace them.
After modifying the ranking.dat should look like this:       and actuely means this:
725D4055223E4A5C42191C0000		-->			PW-469-99	120
725D405531212229200D050F00		-->			CHEAT-469	120
7B5F5C33381A080E00			-->			JJSOFT  	 80
745F5C33381A080E00			-->			JJSOFT	   	 70
755F5C33381A080E00			-->			JJSOFT		 60
755F5C3E3E3C3721	    		-->			GLUPI		 60
765F5C33381A080E00	    		-->			JJSOFT		 50
775F5C33381A080E00	   	 	-->			JJSOFT		 40

Woooooouuuuuuw, it looks that it works  i think..... lets look
go on registration window and enter PW-469-99
and we can play EPISODE 2 and EPISODE 3   
ok!
if we enter CHEAT-469 we wil be able to play EPISODE 2 and EPISODE 3 and we can cheat 
a little bit if you press: 
F1 -you will get Power-Up (stronger weapon, Power 6 is max.)
F2 -get extra life
F5 -play next level (skip the current level)
F6 -replay the level 
F7 -Play previous level (you are back one level)

NOTE:
If you can't find "-" on REGISTER window edit manualy with Notepad file Register.dat.
When you edit register.dat you must be careful if you get PW-469-99   OZK  120 or something else
that means that you have some free space on the end of first line
(hit delete few times to correct it).

FINAL NOTE:
I played the game on Pentium 166 MMX and I needed cheat badly!
When I played on 486/80 MHz then it was more easy, but not too easy to play!!!
Maybe if you want to cheat slow your computer a little bit.

Thanks goes to!!!!!
Jessie (she is a girl, I think so!) for correcting the bunch of errors!!!
tkc for his great tutorial (just keep going, I learned a lot from you)

Gretz
CrOator & Dr.Jones,RoToR,keySpector,HRVSCORPIO,
and all the other crackers from Croatia!!!

and to all crackers all over the world!!!!!!!

You can contact me on e-mail: glupii@mailcity.com
Sorry for my very bad english.