I am totally lost in trying to find the correct password for this program. I've been
trying for 2 weeks now, and only resorted to posting as a last resort because I wanted to try to figure this one out on my own. Anyway, I found the string "incorrect unlock code", but the only reference I found was several lines above it. I have seen nothing that looks anything like the tutorials I have read or programs I have successfully cracked thusfar. Also, maybe this will help, I have come across the password(or code) I entered but no luck on the good password. Any help will be greatly appreciated!! If any of you want to give this one a shot, here is the link to the program: http://www.remixer.com/ra2wav.exe
I think some of you will find cracking this program interesting. Finally, I am using both Softice and W32dasm. Thanks for your help!!!!

hiya sdse71,
If you show you have done a bit more than search for "incorrect unlock code" in WDAsm, I will point you in the direction. I mean no offence (seem to be able to do that without trying) but a lot of requests for help are thinly disguised
crack requests, again, I am not saying this is the case but you must have got a little further with this.
regards

hz is right that this is a little vague...so I will give a vague answer ;-)

Set a BPR onthe bytes that you find your phony serial in.....when your program accesses that mem range (presumably either to copy it elswhere, or to compare it to a correct serial or conditions to make one) SoftIce will break.....take it from there & ask again if you get stuck...maybe a bit more specific w/ the question 8)

I really appreciate your help. Sorry about being so vague. I don't post alot so I felt like I didn't want to get too lengthy in my description. Please excuse my ignorance, but how do I set a bpr on the bytes. Could you give me a explanation on this. I see the display window for bytes on the screen in softice, and I 'm almost sure your not talking about the memory address (ex. 0043ff12). I've read about bpr but nothing really explained it clearly about setting the bytes to bpr, at least as far as showing any decent examples. Again, sorry for my ignorance, I am a little confused. I've never used bpr before.

BPM CS:0043ff12 will set a breakpoint on that byte in memory

BPM CS:0043ff12 r will set a breakpoint on that byte in memory if it is read from

BPM CS:0043ff12 w will set a breakpoint on that byte in memory if it is written to

BPM CS:0043ff12 rw will set a breakpoint on that byte in memory if it is read from OR written to

now for setting breakpoints on more than one byte @ a time it's not practical to BPM each byte ;-) ...This is wgere BPR's come in.

Say your serial is 10 bytes long. search for it in memory (s 0 l ffffffff 'myserial')....then set a bpr on the range. Say you find your serial at CS:0043ff12 .....you would set this breakpoint:

BPR CS:0043ff12 CS:0043ff22
OR
BPR CS:0043ff12 CS:0043ff12+10 (softice will evaluate the expression for you)

Now if it reads the 4th char in your serial, you'll still break since you don't just have a BP on the first byte ;-)

Oh yeah......you can us the r & w flags on BPR's too.

Hope that clears things up a bit.

?ferret