Date sent: Thu, 25 Dec 1997 03:52:59 -0500 (EST) To: caligo@lords.com From: Subject: feedback from http://cracking.home.ml.org/ I have a good cracking tip. Perhaps you've heard of it--maybe not. As you know, quite a few software tools are being packaged now with InstallShield 5.0--and many of those installations contain scripts that ask for serial numbers in order to decompress their contents. It used to be that you could simply run InstallShield's ICOMP.EXE utility to decompress the data.z file(s) and bypass setup altogether; however, the new InstallShield is more clever--but not much more so. In the new InstallShield 5 config, the SETUP.INS file contains compiled script. Since many installations require serial numbers inside the script, I reasoned...why not simply replace the InstallShield compiled script with a default one produced by an empty InstallShield config? Here's what you do: 1. Run InstallShield Pro 5. (See http://www.dejanews.com and search for "InstallShield" for details on how to get that package from the InstallShield ftp site. Stupid mortals. 2. Create a new installation with 1 file in it. Doesn't matter what the file is. 3. Compile the installation. It will produce a bunch of files in "c:\myinstallations\ProjectX\media\disk1\..." 4. Copy SETUP.INS to somewhere safe. You will need it later. (Post an FTP site on your page and I'll put it up there for you). 5. When you come across an InstallShield5-based setup program that requires a serial number/password, simply make a copy of the existing SETUP.INS to SETUP.IN$, and copy replace SETUP.INS with the one that you produced in step 4. Now, of course, if the compiled script contains very explicit installation procedures, this technique may not work ... however, it does work in the vast majority of cases since the location of files and registry keys seems to be encoded into DATA1.CAB--not the SETUP.INS script. Sincerely, BigJohnson