REGISTER _Caselinr 5.6_ USING WINICE
or, "the data dump trick"
by PlasMa
And here is a little essay that explains well the "data dump" trick: learn it
and cracking this kind of silly protections will become VEEEERY EASY! This
"step by step" essay is quite useful IMHO, and in this case it is provided
with very detailed infos about what's going on... learn this technique and
start to write your own essays! :)
REGISTER _Caselinr 5.6_ USING WINICE
by PlasMa
1) Run Caselinr and select File|Registration
2) Call WinIce with CTRL+D and write
"BPX getdlgitemtexta"
[This means "breakpoint the command GETDLGITEMTEXTA on execution". In
this way, the program will break when the function getdlgitemtexta is
called]
3) Exit Winice with CTRL+D
4) Write your name in the box "User Name" and "AAA" in the box "User Key",
then press on the "OK" button.
5) SoftIce will break the prog. Write
"d ECX"
and you'll see some junk characters.
[d ecx means "dump the memory at ecx address": as you'll see, the address
contained in ecx register is the address of the string containing your
name]
6) Press F11 to exit the procedure getdlgitemtexta: you'll see your name in
the data window!
[the procedure getdlgitemtexta is used to retrieve the text from the
"name" text box contained in the dialog window]
7) Press CTRL+D: SoftIce will break the prog again. Press F11 to exit the
getdlgitemtexta proc
[this time the procedure getdlgitemtexta is used to retrieve the text
from the "password" text box]
8) Now write
"E"
and scroll down some lines until you find "AAA" string in the data window
[of course, you can scroll down the data window in other ways :)]
9) Write
"BPM address RW"
where "address" is the address of the first of the three "A"
[this means: "interrupt the program when it accesses the memory location
of the password to Read or Write it". BPM, in fact, means "BreakPoint
on Memory location"]
10) Press CTRL+D: SoftIce will break the prog again. Write
"D EAX"
[Dump EAX lets you see the memory from the address contained in EAX
register: here you can find the right key! If you look at the code, you
can see there is a comparison between the right key and the one you've
inserted before]
YOUR KEY IS THERE!!! :)) Write it down and Caselinr 5.6 will be registered
with your name... Easy, isn't it?
Greetz,
PlasMa
(c) PlasMa 1998.
WARNING: this tutorial is published for EDUCATIONAL PURPOSES only! Nobody
except you is responsible for what you do with the things you read here.
Also, if you intend to use shareware programs for a period longer than the
allowed one remember that you have to BUY them!