Copy Link
Add to Bookmark
Report

dRaG0n´s CrAcKinG Lesson 3

eZine's profile picture
Published in 
dRaG0n CrAcKinG Lesson
 · 5 months ago

Tools you need

  • Softice V.3.X
  • W32dasm V8.X
  • Winamp V2.X
  • Hiew 5.xx

Introduction

Hey ya ...
Welcome to Lesson 3 =) ...

Our target is Winamp V2.0 ... i think very much ppl are using it , cause it´s a very great
program ...

I hope u will enjoy thiz Lesson ... so Lets ´rOck.. :-)

Cracking Winamp V2.0 with Softice

I will do thiz in Steps , so its better to Understand :-) .. like in the other Lessons ...

Step 1

Run Winamp , go to "Winamp..." / "Shareware" / "Enter licence info" ....

Step 2

Enter "dRag0n FFO98" as name and "777777" as dummy serial .. enter S-iCE ...
Now we´ll set the most common Breakpoints .

"Bpx GetDlgItemTextA"
"Bpx GetWindowTextA"

Now leave S-iCE .

Step 3

Press "Ok" button and let S-iCE break ... wHat dA heLl is thAt ?!?
We cannot press the "OK" button ... hmmm .. hehe ...
To let S-iCe break we just have to enter any more number to the sErial box ...

Ahh..."break duo to BPX GetDlgItemTextA ... "

Step 4

Now press "F11" to go to where it was called from ... You will see following Code now ..

           :00403717   FF15E8664400    Call [User32!GetDlgItemTextA] ; Get text in Box 
:0040371D 53 Push EBX ; Push Ebx to Stack
:0040371E 53 Push EBX ; Push Ebx to Stack
:0040371F 688C040000 Push 0000048C ; Push 48C to
:00403724 FF7508 Push Dword Ptr [Ebp+08] ; Push Value from
; [Ebp+08] to Stack
:00403727 FF15B0664400 Call [User32!GetDlgItemInt] ; Get Text in Box
:0040372D 8BF0 Mov Esi,Eax ; Move Eax -> Esi
:0040372F 8D4580 Lea Eax,[Ebp-80] ; Eax = Ebp-80
:00403732 50 Push Eax ; Push Eax to Stack
:00403733 E8407C0000 Call 0040B378 ; The Call to the
; Calculation algor. ;)
:00403738 83C404 Add Esp,04 ; Add 04 to Esp
:0040373B 3BC6 Cmp Eax,Esi ; After Calculating
; the code in the call
; above , it Compares
; our dummySerial with
; the right one ...
:0040373D 7509 Jnz 00403748 ; Jump to "BAD
; CRACKER" else to
; "Good Buyer" =)

Step 5

So ... After haveing a good look at the asm code, we notify , that there´s a compare between Eax,Esi ... Trace with "F10" till you are on this "Cmp Eax,Esi" command .

Step 6

Now do a "? esi" and you will see your dummy code ... like thiz ...

         " 00012FD1    0000077777    Ascii here "

Now do a "? eax" .. and what do we see ?

         " 0101E7CE    0016902094    Ascii here " ... our real Serial ... =)

Step 7

Write "16902094" down and do " BD * " to disable all breakpoints ... and leave SiCE ..

Replace our dummy serial with the number we got ... WoW .. we can press the "OK" button now , kewl ..

----- Licenced to : dRag0n FFO98 (16902094) -----

Last Words

Great , we got it ;) ... Now remove the last "RegisteredTo" line in your Winamp.ini ...andtry to crack it without thiz tutorial =)

So , that wasn´t that hard ... hehe ... but like i always say .. Learning by doing .. =) ..

Ok , Star Trek Voyager comes now on tv .. have to see it .. hehe ;-)
Hope to see you in Lesson 4 =) ..

L8r . . . dRag0n FFO98

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT