Acid_Cool_178
presents he's
| #24 Tutorial |
| For Hellforge |
This Text Are Only Ment To Edcucational Purpose And Not To Be Used Illegaly, I Take No Response For Illegal Use Of This Text. Move On On Your Risc.
| Athour Information |
| acid_cool_178@hotmail.com | ||
| Age | 17 | |
| Web Page | http://acidcool.cjb.net/ | |
| Date | March 2K | |
| Member in | Hellforge | Flying Horse Cracking Force |
| Groups Web Page | Hellforge Login | FHCF Login |
| Program Infromation |
| Name | Crack Me 1 by bURKi 29-02-2000 | Crack Me 2 by bURKi 29-02-2000 | ||||
| CRACKME01.EXE | CRACKME02.EXE | |||||
| Size | 9KB | 311K | ||||
| Athour | bURKi | |||||
| Where to Downlaod | http://tca2k.da.ru/ | |||||
| Tools used | Hex Editor (I use Ultra Edit V7.00A) W32Dasm With SDR Enabled Smart Check |
Downlaod At | ||||
| 1. Player Tools | ||||||
| 2. Programmer Tools | ||||||
| What kind of a program | Crackme | Shareware | ||||
| Skill | Easy | Not so easy | Hard | X-pert | ||
| Information about the Protection I |
The crackmes only got one field to enter a serial. And one timer in the background that
check's the serial.
| Before We Start |
This Crackme are coming from The Cracking Answer, the coder og this crackme must be be
a new man in cracking/coding. I wish him welcome!
The Cracking Asnwer are one good group and i like tham alot, i had pland to join them
first but they were sceared so i founded Hellforge, and i don't regret thet choice. Thanks
Shadow for taking me in :)
I have divided this crackme in two tasks to you. I won't patch this crackme cous i'm
getting tierd of that shit and now i want to do the real stiff.
Common 1
<-- Common stuff for Task 1.x
Task 1.1
<-- Cracking
CRACKME01.EXE by using W32Dasm with SDR Enabled
Task 1.2
<-- Cracking
CRACKME01.EXE by using Smart Check
Task 2
<-- Cracking CRACKME02.EXE by using Smart Check
| The Process |
Common 1
Open the crackme in an HEX Editor and you can see this
"MSVBVM50.DLL" in the beginning og the file. This meand that this crackme are
coded in Visual Basic 5, so prepeare to a VB Crack.
Task 1.1
Open CRACKME01.EXE in W32Dasm and on "String Data References" can you see this
string "Gratulation !!!"
Dubble-click on that ctring and you will come to the good code where the good messagebox
are.
Now, scroll up and you can see this
* Possible StringData Ref from Code Obj ->"bURKi 12115455221"
bURKi 12115455221 ??, well. That's you password :)
Task 1.2
Fire up SC and configure it well. Eternal Bliss has some goot essays about SC, i suggest
you to read them first at crackmes.cjb.net
But if you don't want to read them. Do this first before you are moving on with this text.
************ COPIED FROM ETERNAL BLISS ESSAY 2 (SMART CHECK USAGE"
************
SmartCheck One-Time Configuration:
Under Program Settings:-
Error Detection: "tick" all boxes except "Report errors immediately".
Advanced: "tick" first 4 boxes.
Make sure "Suppress system API and OLE calls" is not "ticked".
Reporting: All boxes "ticked" except for "Report MouseMove events from OCX
controls".
************ COPIED FROM ETERNAL BLISS ESSAY 2 (SMART CHECK USAGE"
************
run the crackme by pressing F5 and now SC are startin to work, when the crackme are
starting and you can enter the serial . Just enter anything what you want, i entered
"1234". Now in SC you can see theese lines.
+ Text1_Change
+ Text1_Change
+ Text1_Change
+ Text1_Change
End the program and start with the first Text1_Change. Mart that line and then goto
View-->Show all events
Now you are in a sea og codes, hehe. Cool huh ?
click on the + sign on the first Text1_Change and now you can see this command comewhere. __vbaStrCmp(String:"bURKi12..",String"1"),returns
DWORD:FFFFFFFF
there are the serial i entred compared with the real serial, so click on thet
line and you can see this on the other window "bURKi 12115455221"
And the crackme are cracked again :)
Task 2
Fire up SC and configure it well. Eternal Bliss has some goot essays about SC, i
suggest you to read them first at crackmes.cjb.net
But if you don't want to read them. Do this first before you are moving on with this text.
************ COPIED FROM ETERNAL BLISS ESSAY 2 (SMART CHECK USAGE"
************
SmartCheck One-Time Configuration:
Under Program Settings:-
Error Detection: "tick" all boxes except "Report errors immediately".
Advanced: "tick" first 4 boxes.
Make sure "Suppress system API and OLE calls" is not "ticked".
Reporting: All boxes "ticked" except for "Report MouseMove events from OCX
controls".
************ COPIED FROM ETERNAL BLISS ESSAY 2 (SMART CHECK USAGE"
************
run the crackme by pressing F5 and now SC are startin to work, when the crackme are
starting and you can enter the serial . Just enter anything what you want, i entered
"1234". and now you can see these lines
+ Text1_Change
+ Text1_Change
+ Text1_Change
+ Text1_Change
End the program and start with the first Text1_Change. Mart that line and then goto
View-->Show all events
Now you are in a sea og codes, hehe. Cool huh ?
click on the + sign on the first Text1_Change and now you can see this command comewhere. __vbaStrCmp(String:"lol
@ th..",String"1"),returns DWORD:FFFFFFFF
there are the serial i entred compared with the real serial, so click on thet
line and you can see this on the other window "lol @ the lamers 432"
And the crackme are cracked.
| Ending |
This was an realy easy crackme, so my words are. Start to study Crypto in VB. I have just started and i have managed to code one crackme that i dont now the code myselfh. I good huh ? I used the XOR function and beleve me that realy works. It's now a normal protection for me :)
If you wnat to the Soft Ice on these Crackme so try BPX __vbaStrCmp
| Greetings |
LaZaRuS, Wajid, Borna Janes, ManKind, Eddie Van Camper, ACiD BuRN, KoRnFLeX, Eternal_Bliss, Potsmoke, DiABLO. Torn@do, ^AlX^ and all the other i have forgotten