Cracking Liquid CrackMe v1.0

This tutorial are coming from

Acid Cool 178

Tutorial Number 38

Target

Liquid CrackMe v1.0
Downlaod it at http://crackmes.cjb.net

Toolz

W32Dasm and Soft Ice
Download it at http://protols.cjb.net

Essay

Run the crackme and you will see one Name and one Serial box, you can try to enter some serials but it won't be succesfully..
Open the crackme in W32Dasm and in "String Data References" can you find this string. "Well done! The serial is correct" and clcik on that string and you can see. This code.

:004272F3 58                      pop eax
:004272F4 E897C1FDFF              call 00403490		<-- Trace this call
:004272F9 7517                    jne 00427312		<-- Jump if Not Equal					
:004272FB 6A00                    push 00000000
:004272FD 668B0D54734200          mov cx, word ptr [00427354]
:00427304 B202                    mov dl, 02

* Possible StringData Ref from Code Obj ->"Well done! The serial is correct!"
                                  |
:00427306 B894734200              mov eax, 00427394
:0042730B E89CF9FFFF              call 00426CAC
:00427310 EB15                    jmp 00427327

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:004272F9(C)

Look at location 4272F4 try to trace thet cann and than you will see this code..

:00403490 53                      push ebx
:00403491 56                      push esi
:00403492 57                      push edi
:00403493 89C6                    mov esi, eax
:00403495 89D7                    mov edi, edx
:00403497 39D0                    cmp eax, edx		<-- The serial compare routine
:00403499 0F848F000000            je 0040352E		<-- Jump if Equal

At the compare routine so are EDX = Fake Serial and EAX = Real Serial
What we will do are to set an breakpoint at the compare routing that are at location 403497
Run the crackme and fill in the information, now open Soft Ice and set a breakpoint at hmemcpy (BPX HMEMCPY). 
Run the crackme and Soft Ice will break. Press F10 until you are in good code, about 6 or 8 times. 
Break all breakpoints and set a new breakpoint at the compare routine, (BPX 403497) and Close Soft Ice.
When Soft Ice poups up then type "D EDX" to see your real Serial. Clear all breakpoints and remove the fake serial with 
the real serial. and woala, crackme solved :)

Ending

His are my first tutorial after Hellforge have moved server, i used over 3 hours to re organize the structure at Hellforge and updated it.
It was a pain in tha ass but now, the nexe web master after me will have one EASY job. It are now so logical that it are too easy..

Greetings goes to

LaZaRuS, Wajid, Borna Janes, ManKind, Eddie Van Camper, ACiD BuRN, KoRnFLeX, Eternal_Bliss, Potsmoke, DiABLO. Torn@do, ^AlX^ , AC|D, Dark Wolf, Marton and all the other i have forgotten

This tut was written by: Acid_Cool_178 / Hellforge 2K productions
Copyrighted to Acid_Cool_178
Questoins ? mailto:acid_cool_178@hotmail.com