Web
: http://kickme.to/mxbnet Offline Explorer Enterprise 2.4.934 SR1
Type : Offline Explorer
Crack :
Unpacking
No CRC check is implemented ...Put BPX GETPROCADDRESS and run the program.When we break in "oe.daat" section ... look few lines down .....
0x6C23B4 MOV [EBP+443CF6],EAX
Use PEditor to dump .. let it be "oe_dmp.exe" and change the EP of dumped file to : IAT Restoration
Luckly we have an excellent tool ImpRec to do this job.Make a copy of file "oe_dmp.exe" some where else.Say "oe2_dmp.exe".Now run the dumped file "oe_dmp.exe" in the program folder.Now run ImpRec and choose "oe_dmp" as active task.Now click "IAT Auto search" --- "Get Imports" ... so easy ....Now click Fix dump and point it to "oe2_dmp.exe" ... all done .Now "oe2_dmp.exe" will run on other Pc.And you can verify it using a hex editor .. look at Name ... First Thunk ... etc.This baby works >>>
Reg Check
Now our job is not finished ... we have to crack main program...Enter some bogus S/n and in SICE put BPX HMEMCPY .... trace
0x5BA36B LEA ECX,[EBP-08] >> FAKE S/N
0x6087E0 JLE 6087F7 = 7E 15
All we want is to reach 608D42 ...
Patch :
0x6087E0 JMP 6087F7 = EB 15 -- OFFSET = 2087E0
Now you can enter any S/N and this baby will work in registered mode.
|