ramin_rad2000
April 2nd, 2004, 09:49
Greeting dear reservers
I'm stucked with a wiseinstaller target which asks for productID and registeration number,wise calls some security functions from a dll in temp dir
[Hmi32.dll] which is very confusing
I bmsg on registeration form and after searching memory for what i have enterd and finding thier address i simply put a bpm on them but it is all so confusing,and it never does a clear cmp or lstrcmp.
as far as i have gone the respective dll function is _hmrvalidp@32 which calls hmr3valid after it passed some parameters[name,city....,productID,regnum]
I have cracked the installer password itself and extract all the files and i knew where to copy them and i also dumped wise memory.I found all of the filenames and their destination in it and after that i also found the registry structure (which have to be made) exists in the memory(dumped) but some of them are hard to simulate like {SOFTWARE\HaestadMethods\%APPNAME%\%VERSION% %BUILD% Build}
Here is my question:
Can i simulate windows reg from this dumped data[hmi.txt]?Or can anyone help me to find the serial itself or any brute way to disable these dll calls?
Attachment deleted...
I'm stucked with a wiseinstaller target which asks for productID and registeration number,wise calls some security functions from a dll in temp dir
[Hmi32.dll] which is very confusing
I bmsg on registeration form and after searching memory for what i have enterd and finding thier address i simply put a bpm on them but it is all so confusing,and it never does a clear cmp or lstrcmp.
as far as i have gone the respective dll function is _hmrvalidp@32 which calls hmr3valid after it passed some parameters[name,city....,productID,regnum]
I have cracked the installer password itself and extract all the files and i knew where to copy them and i also dumped wise memory.I found all of the filenames and their destination in it and after that i also found the registry structure (which have to be made) exists in the memory(dumped) but some of them are hard to simulate like {SOFTWARE\HaestadMethods\%APPNAME%\%VERSION% %BUILD% Build}
Here is my question:
Can i simulate windows reg from this dumped data[hmi.txt]?Or can anyone help me to find the serial itself or any brute way to disable these dll calls?
Attachment deleted...