                                      COMMAND LINE 97

Written by Blackgh0st
Tutorial number: 2
Email: blackgh0st@hotmail.com
Date written: 31.3.2001

Target: Command Line 97
Protection: name and serial
Tools Used: SoftIce
______________________________

                                        THE ESSAY

this tutorial was written for newbies, so i'll try to explain everything in details.
if u found something that is not explained well, thats cuz i'm a newbie myself!
BTW...when i write something like "d eax" or something like that i mean without the quotes.

SO...THINK U READY?!? GOOD!!! SRART READING!!!
-------------------------------------------------------------------------

STEP 1: open the program and click on "REGISTER".
enter your favorite name, and your favorite fake registration number(i suggest that u use a number that is easy to remember). OK.. mine registration info was:
NAME: Blackgh0st
REGISTRATION NUMBER: 12345
good..now open softice and set a bpx(breakpoint on execution) on "getdlgitemtexta"...did it? good! continue to the next step.

STEP 2: click "OK" and now we got kicked into softice.
press "F12" to step out of the DLL, and now this is what we have:

:00402558 CALL [USER32!GetDlgItemTextA] 
:0040255E PUSH 00 
:00402560 MOV EDI, 00410B30            
:00402565 PUSH 00 
:00402567 PUSH 000003FC 
:0040256C PUSH ESI 
:0040256D CALL [USER32!GetDlgItemInt]  
:00402573 MOV ECX, FFFFFFFF  

if u do "? eax" u will see the length of your name.
ok...now start tracing (F10) untill u see this:

:0040258B    IMUL ECX, EAX 
:0040258E    SHL ECX, 0A 
:00402591    ADD ECX, 002F8CC 
:00402597    MOV [0040A550], ECX           
:0040259D    CMP [0040A554], ECX <---here is the comparison of the serials|
:004025A3    JZ 004025D6                           
:004025A5    CMP DWORD PTR [0040A554], 0361DECA <---here is another comparison of serials but the real serial here is a master serial (can work with any name u will enter! |

ok... so when u on the line:
:0040259D    CMP [0040A554], ECX
type "? ecx" and u will get the real serial.

and when u on the line:
:004025A5    CMP DWORD PTR [0040A554], 0361DECA   
type "? 0361DECA" and u will get the master serial.

STEP 3: clear all breakpoints by typing "bc *"
exit softice and enter the number u wrote down from softice.

U CRACKED THE PROGRAM BY YOURSELF(not really, i helped u)
________________________________________________________________

                                        FINAL WORDS

this tutorial was written for educational purpose only!
if u use this tutorial with bad meaning i'm not responsible for the consequences.. u have been warned!

hope u enjoyed reading it!!! keep reading so u get better...like me!!!  
                                 
                    
                    BBBB   L        AAA    CCC  K  K   GGG   H   H   000    SSS  TTTTT  
                    B   B  L       A   A  C     K K   G      H   H  0   0  S       T
                    BBBB   L       AAAAA  C     KK    G GGG  HHHHH  0   0  SSS     T
                    B   B  L       A   A  C     K K   G   G  H   H  0   0     S    T
                    BBBB   LLLLLL  A   A   CCC  K  K   GGG   H   H   000   SSS     T