************************************************************************************************* CeyCey ************************************************************************************************* Author: CeyCey Protection: Password URL: Tools: SoftICE v4.05 ---> Intro... Welcome to my next Tutorial !!! Ok, now a very hard CrackMe, NOT !!! ;) It's hardcoded and you can do this in 2 simple ways. 1. Using SoftICE trace and find it :) 2. Unpack it (UPX) and disassemble and find the string :) I'm just gonna use SoftICE. ---> Let's Begin... Ok, open the CrackMe and fill in something i've used: Password: CoDe_InSiDe Then get into SoftICE (CTRL+D) and type "bpx hmemcpy", then out of SoftICE (CTRL+D) and press the button "Check" and SoftICE should popup. Ok, now type "BC *" to disable the breakpoint and press (F12) 12 times and you'll see this: ------------------------------------------------------------------------------------------------- mov eax, dword ptr [ebp-04] <--- EAX now points to our "Fake" Serial mov edx, 0045766C <--- This is the real Serial call 00403C8C <--- Compare those 2 jnz 00457642 <--- If not equal jump over the good Message Box. ------------------------------------------------------------------------------------------------- Ok, when your on the "call 00403C8C" type "d edx" and you'll see the real Serial it's: ULTRADMA............................................................ Ok, write it down and get out of SoftICE (CTRL+D) then enter that Serial and press "Check". A Message Box pops up saying: Do not think u r good, Easy huh? hehe ;P That's all. ---> Greetings... To be honest i'm getting a bit sick of these greetings everytime ;P So i'll just say: Greetings to everyone i know, and to everyone who knows me, and You... ;P Don't trust the Outside, trust the InSiDe !!! Cya... CoDe_InSiDe Email: code.inside@home.nl