<html>

<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-7">
<title>__I'''''''''''''''''''''''''''''''''''''''''''I__ The Ultimate Begginer Cracker's Book v1.1__I'''''''''''''''''''''''''''''''''</title>
<meta name="author" content="b@sdog22">
<meta name="generator" content="Namo WebEditor v5.0(Trial)">
</head>

<body bgcolor="black" text="#CCCCCC" link="white" vlink="red" alink="blue">
<table align="center" border="1" width="50%">
    <tr>
        <td width="778" height="450">
            <p align="center">__I'''''''''''''''''''''''''''''''''''''''''''I__ 
            The Ultimate Begginer Cracker's Book v1.4__I'''''''''''''''''''''''''''''''''''''''''''I__</p>
            <p align="center">I &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;by 
            basdog22 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;I</p>
            <p align="center">------------------------------------------------------------------------------------------------</p>
            <p align="center">Well i started writing this tut cause there are 
            NOT a lot of them availiable on the NET even now</p>
            <p align="center">that knowledge is wide spreaded.</p>
            <p align="center">This tut is aimed at the very newbies so if you 
            are an advanced or an intermediate cracker through</p>
            <p align="center">it away cause it just occupies space in your HDD 
            and nothing more.</p>
            <p align="center">&nbsp;</p>
            <p align="center">I would like to apologise for my bad English and 
            some spelling mistakes that i will for sure make</p>
            <p align="center">here.English isn't my mother tongue so don't blame 
            me ;)</p>
            <p align="center">&nbsp;</p>
            <p align="center">First of all:</p>
            <p align="center">Make your notepad's resolution so that the line 
            below will be shown in it's all length</p>
            <p align="center">&lt;-------------------------------------------------------------------------------------------------&gt;</p>
            <p align="center">&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;Cracking 
            IDA (Interactive Disassembler)&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;</p>
            <p>&nbsp;</p>
            <p>Hello,</p>
            <p>This tut is late and i apologize for this.Today we will crack 
            our first commercial prog.IDA (The Interactive Disassembler) is 
            a powerfull disassembler, better than W32Dasm but harder for newbies 
            to work with.You can even disassemble packed executables with this 
            Yammy tool.You can find IDA in a lot of homepages on the NET but 
            what we want right now is to find the DEMO version of it which is 
            located at http://crackpltools.prv.pl/</p>
            <p>~~~~~~~~~~~~~~~~~</p>
            <p>OK if you downladed it and installed it try to run it and after 
            the NAG you see...</p>
            <p>Oops a message tells us that &quot;Sorry the evaluation version 
            is expired&quot;</p>
            <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;~~~~~~~~~~~~~~~~~~~~</p>
            <p>Grab this message and fire up W32Dasm disassemble the file Idag.exe 
            and in the SDR(String Data References) look for : &quot;Sorry the 
            evaluation version is expired&quot; &lt;------ D-Click on it and 
            you land here:</p>
            <p>---------------------------------------------Cut here----------------------------------------</p>
            <p>* Referenced by a (U)nconditional or (C)onditional Jump at Address:</p>
            <p>|:00412286(C) &lt;----------------------------&lt;------------------------------&lt;------------ 
            Smille ;=)</p>
            <p>|</p>
            <p>:00412292 6A00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;push 
            00000000</p>
            <p>:00412294 E8E78A0900 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call 
            004AAD80</p>
            <p>:00412299 59 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pop 
            ecx</p>
            <p>:0041229A 3DD00E503A &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;cmp 
            eax, 3A500ED0</p>
            <p>:0041229F 7C3E &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;jl 
            004122DF</p>
            <p>&nbsp;</p>
            <p>* Possible StringData Ref from Data Obj -&gt;&quot;Sorry, the 
            evaluation version &quot;</p>
            <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-&gt;&quot;is 
            expired.&quot;</p>
            <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|</p>
            <p>:004122A1 68CD634B00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;push 
            004B63CD &nbsp;&nbsp;&lt;------------------- We land here</p>
            <p>:004122A6 E81921FFFF &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call 
            004043C4</p>
            <p>:004122AB 59 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pop 
            ecx</p>
            <p>:004122AC BAF0FFFFFF &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            edx, FFFFFFF0</p>
            <p>:004122B1 8B0D24564C00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            ecx, dword ptr [004C5624]</p>
            <p>:004122B7 8B01 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, dword ptr [ecx]</p>
            <p>:004122B9 8B80A4060000 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, dword ptr [eax+000006A4]</p>
            <p>:004122BF E850CB0900 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call 
            004AEE14</p>
            <p>:004122C4 8BD8 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            ebx, eax</p>
            <p>:004122C6 A124564C00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, dword ptr [004C5624]</p>
            <p>:004122CB 8B10 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            edx, dword ptr [eax]</p>
            <p>:004122CD 8B82A4060000 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, dword ptr [edx+000006A4]</p>
            <p>:004122D3 FFD3 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call 
            ebx</p>
            <p>:004122D5 B801000000 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, 00000001</p>
            <p>-----------------------------------------Cut here-----------------------------------------------</p>
            <p>So this message was referenced by a (C)onditional jump at address 
            00412286.Do a Shift+F12 and write this address in the text box and 
            hit OK.It takes us here:</p>
            <p>------------------------------------------Cut here--------------------------------------------</p>
            <p>* Reference To: IDA.Ordinal:0191, Ord:0191h</p>
            <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|</p>
            <p>:0041227E E897D20900 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Call 
            004AF51A</p>
            <p>:00412283 833F01 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;cmp 
            dword ptr [edi], 00000001</p>
            <p>:00412286 750A &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;jne 
            00412292 &nbsp;&nbsp;&lt;---------------------- We are here</p>
            <p>:00412288 B801000000 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, 00000001</p>
            <p>:0041228D E8DEB50100 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call 
            0042D870</p>
            <p>&nbsp;</p>
            <p>* Referenced by a (U)nconditional or (C)onditional Jump at Address:</p>
            <p>|:00412286(C)</p>
            <p>|</p>
            <p>:00412292 6A00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;push 
            00000000</p>
            <p>:00412294 E8E78A0900 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call 
            004AAD80</p>
            <p>:00412299 59 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pop 
            ecx</p>
            <p>:0041229A 3DD00E503A &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;cmp 
            eax, 3A500ED0</p>
            <p>:0041229F 7C3E &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;jl 
            004122DF</p>
            <p>-----------------------------------------Cut here-------------------------------------------</p>
            <p>So the 750A jne 00412292 is responsible for the &quot;Expired&quot; 
            message.We look at the bottom of W32Dasm and we see it is in offset 
            00011886.So fire up your Hex Editor and scroll down to 00011886 
            and look for 750A.Now change it to 740A save and run Idag.exe but 
            shit again the same message why??? Well lets look at the code again:</p>
            <p>----------------------------------------Cut here--------------------------------------------</p>
            <p>* Reference To: IDA.Ordinal:0191, Ord:0191h</p>
            <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|</p>
            <p>:0041227E E897D20900 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Call 
            004AF51A</p>
            <p>:00412283 833F01 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;cmp 
            dword ptr [edi], 00000001</p>
            <p>:00412286 750A &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;jne 
            00412292 &nbsp;&lt;------------------ This is our jump</p>
            <p>:00412288 B801000000 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, 00000001</p>
            <p>:0041228D E8DEB50100 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call 
            0042D870</p>
            <p>&nbsp;</p>
            <p>* Referenced by a (U)nconditional or (C)onditional Jump at Address:</p>
            <p>|:00412286(C) &nbsp;&lt;------------------------------------------------------------ 
            This is from we were referenced</p>
            <p>|</p>
            <p>:00412292 6A00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;push 
            00000000</p>
            <p>:00412294 E8E78A0900 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call 
            004AAD80</p>
            <p>:00412299 59 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pop 
            ecx</p>
            <p>:0041229A 3DD00E503A &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;cmp 
            eax, 3A500ED0</p>
            <p>:0041229F 7C3E &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;jl 
            004122DF &nbsp;&nbsp;&nbsp;&lt;----------------------- Jump if less???</p>
            <p>&nbsp;</p>
            <p>* Possible StringData Ref from Data Obj -&gt;&quot;Sorry, the 
            evaluation version &quot;</p>
            <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-&gt;&quot;is 
            expired.&quot;</p>
            <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|</p>
            <p>:004122A1 68CD634B00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;push 
            004B63CD &lt;------------- When we D-Click on the message we land 
            here</p>
            <p>:004122A6 E81921FFFF &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call 
            004043C4</p>
            <p>:004122AB 59 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pop 
            ecx</p>
            <p>:004122AC BAF0FFFFFF &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            edx, FFFFFFF0</p>
            <p>:004122B1 8B0D24564C00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            ecx, dword ptr [004C5624]</p>
            <p>:004122B7 8B01 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, dword ptr [ecx]</p>
            <p>:004122B9 8B80A4060000 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, dword ptr [eax+000006A4]</p>
            <p>:004122BF E850CB0900 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call 
            004AEE14</p>
            <p>:004122C4 8BD8 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            ebx, eax</p>
            <p>:004122C6 A124564C00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, dword ptr [004C5624]</p>
            <p>:004122CB 8B10 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            edx, dword ptr [eax]</p>
            <p>:004122CD 8B82A4060000 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, dword ptr [edx+000006A4]</p>
            <p>:004122D3 FFD3 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call 
            ebx</p>
            <p>:004122D5 B801000000 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mov 
            eax, 00000001</p>
            <p>----------------------------------Cut here---------------------------------------</p>
            <p>So we changed the jump at 00412286 and it means that now it will 
            not jump but what we did is that we disabled the NAG screen but 
            not the time limit.A little code down at 0041229F we see a jl 004122DF 
            (Jump if date is less than the limit???).So when it comes to this 
            address it does not jump because the date is greater than the limit 
            and it goes on to the &quot;Expired&quot; message.What we must do 
            is to make the conditional jl to a unconditional jump.We do this 
            by changing the 7C3E to EB3E.Again fire up you Editor and look at 
            the offset 0001189F for 7C3E,change it to EB3E save and exit.Now 
            run Idag.exe.WOW it works</p>
            <p>We just cracked the time limit protection.</p>
            <p>But do you remember what the NAG screen told us at the beggining 
            of the prog???</p>
            <p>It said:</p>
            <p>Evaluation version with the following limitations:</p>
            <p>1.Only MS Windows (PE) files are supported &lt;----- I don't 
            think this is important &nbsp;unless you want to &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;disassemble 
            .com files. (Fairly easy to crack)</p>
            <p>2.It is time limited &lt;------------------------------------------ 
            We just cracked this one</p>
            <p>3.Save is disabled &lt;---------------------------------------- 
            We are not ready yet to Reverse Enginere</p>
            <p>but i have found another limitation:</p>
            <p>Try to disassemble Idag.exe with IDA and you get this message 
            &quot;Sorry, the demo version will not disassemble itself.Please 
            select another file&quot;</p>
            <p>So the DEMO version can't disassemble itself.</p>
            <p>&nbsp;</p>
            <p>COOL this is something that i will leave it to you to do.Something 
            like homework.It is a little bit tricky and we will do it together 
            in my next tut but give it a try.</p>
            <p>&nbsp;</p>
            <p>--------------------------------------------------------------------------------------------</p>
            <p>&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;</p>
            <p>&nbsp;</p>
            <p>Thanks for reading this shit.I hope you gained some knowledge 
            from this tut.</p>
            <p>My main goal was to help people who are interested in starting 
            with the art of cracking (Not even newbies) but didn't know what 
            tools to get and how to make them work.</p>
            <p>If you think that i should add some stuff in this tut or anything 
            else you can send me your ideas to basdog22@yahoo.com i would apreciate 
            it.</p>
            <p>&nbsp;</p>
            <p>&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;&quot;</p>
            <p>In my next tutorial version 1.5 we will finish what we started 
            today by cracking the &quot;Can't disassemble itself&quot; limitation.You 
            can download IDA from ---------&gt; &nbsp;http://crackpltools.prv.pl/ 
            </p>
            <p>Till then go out there and have a drink with your girl and have 
            fun cause the real life is out there...</p>
            <p>&nbsp;</p>
            <p>to be continued...</p>
            <p>&nbsp;</p>
        </td>
    </tr>
</table>
<p>&nbsp;</p>
</body>

</html>
