Cracking Tutorial
#57:
Cracking NeverForget Personal
Reminder Software 2.0
[cracked bY:] sLeEpY¿[FWA/NWA/FTPR8Z] iN 07/2002
[difficulty:] beginner
[where:]
http://www.neverforget.com/trial.html
[tOOLz:] W32dasm 8.93, Hiew 6.x
KANAL23 Tutorial
|
NeverForget Personal Reminder Software 2.0 |
|
|---|---|
|
Download it from |
|
|
Written by |
sLeEpY¿ |
|---|
|
Tools |
|
|---|
|
Rating |
|
|---|
|
Introduction |
|---|
After going back in time one day and reading
some old tkc tutz i decided to
check around for updated versions of some of the progs he cracked, most links
were dead or worse, bought up by some corporate sludge balls, But after reading
tut 7 part 2 i found one that has been upgraded and was still around. Tkc got
1.0, i get 2.0 =)
NeverForget Personal Reminder Software 2.0
Publisher: NeverForget
File size: 2.21MB
License: Free to try
This trial version of the software has all the features of the full version,
however, it will expire after 30 days of use. Afterwards, you can return to our
Website to purchase the full, unrestricted version.
This installs as a DEMO only and full version is supposed to be sold seperate,
lets check the guts and make this a full version.
Mwahahahahahhaha.........
|
The Essay |
|---|
Make your backup copy and disassemble a copy, lets check it out. Run the prog
and play with the clock on your comp so it pisses the program off. Now we can
see some errors. Ah a nag reminder that our 30 days is almost up.
First lets kill the reminder, as it leads us eventually to the 30 day message.
Then nag reminders can be killed here:
NeverForget Reminder
This demo version of NeverForget will expire soon!
Visit us at www.neverforget.com to purchase a
registered copy!
[OK]
Look in the String Refs window of w32dasm for the nag message and you will be
here:
:00410936 0F85E70C0000 jne
00411623 <-conditional
jump (offset FD36)
:0041093C 6800040000 push 00000400
:
:lines of code
:
* Possible StringData Ref from Data Obj ->"InstallDate"
:00410958 68CC5C4700 push 00475CCC
* Possible StringData Ref from Data Obj ->"DemoVersion"
:
:lines of code
:
* Possible StringData Ref from Data Obj ->"Jovovich.mla"
:
:lines of code
:
:004109ED 89642434 mov dword ptr [esp+34], esp
* Possible StringData Ref from Data Obj ->"The demo version of NeverForget "
->"will expire soon!"
<-our nag..
So this shows that the jump will go way past the
nag message and demo version.
Change this:
:00410936 0F85E70C0000 jne
00411623
to this:
:00410936 E9E80c000090 jmp
00411623
Now the nag is gone...and now time for unlimited usage.
Move the clock ahead 2 months and run the prog again and you are greeted with a
bug of some sort, like a message that says:
"Sorry, this demo version has expired. "
blah blah blah
Look for it in the string refs as you did the last one and click it and you end
up here:
To kill the nag we made a jump to here:
* Referenced by a (U)nconditional
or (C)onditional Jump at Address:
|:00410936(C)
|
:00411623 8D442430 lea eax, dword ptr [esp+30]
:00411627 8D8C241C010000 lea ecx, dword ptr [esp+0000011C]
:0041162E 50 push eax
:0041162F 51 push ecx
:00411630 8D8C2484000000 lea ecx, dword ptr [esp+00000084]
:00411637 C744243800000000 mov [esp+38], 00000000
:0041163F C744243C00003E40 mov [esp+3C], 403E0000
:00411647 895C2440 mov dword ptr [esp+40], ebx
:0041164B E8E5E90000 call 00420035
:00411650 50 push eax
:00411651 8D4C2420 lea ecx, dword ptr [esp+20]
:00411655 E82AE90000 call 0041FF84
:0041165A 85C0 test eax, eax
:0041165C 0F84FEF3FFFF je 00410A60
<-hmmmmmm
:00411662 53 push ebx
:00411663 53 push ebx
* Possible StringData Ref from Data Obj ->"Sorry, this demo version has expired.
"
->" To purchase a registered copy, "
->"please visit our website at www.neverforget.co"
->"m. When you install the licensed "
->"version, all your reminders entered "
->"into this demo will be preserved. "
->" :)"
Trial can be cracked at this location:
:0041165C 0F84FEF3FFFF je
00410A60 (offset 10a5c)
change to
:0041165C E9FFF3FFFF90 jmp
00410A60
As you see it jumps right past the nag message and we are now unlimited trial.
Thanks TKC for your first tutorial on 1.0, here is for 2.0.
Laterz!
|
Final thoughts |
|---|
Word....and other
stuff.
|
Greetings |
|---|
Groups:
FWA, NWA, FTPiRatEz! HAR! BEASTFXP!, KANAL23
Individuals:
MiNioN,
GreycZ & his cuppy, KlutCh, KiNgEr, MidNight, Edogg, Neoman, movax4c00int21, Acid_Cool_178, All those tuts I read
from everyone who writes them.
CopyLeft:
sLeEpY¿
[all rights reversed]
Boredom causes crackers and babies.
Visit http://zor.org/sleepy &
http://www.bright.net/~testsubject001
Mail sleepy@linuxwaves.com
This Document is copyrighted by kanal23 and it's members. Please mail the
author of this document for complaints and those things.
Kanal23
is signing out for now.