QTALK 1.06B

Web : http://kickme.to/mxbnet
Contact Me : dheeraj_xp@yahoo.com

QTALK 1.06B

Type : Web Phone
Protection : Serial
Tech : Serial Fishing

Crack : Enter fake values and in SICE
BPX HMEMCPY

0x4825CF MOV EAX,[EBP-4] >> FAKE S/N
........................
0x4825D2 MOV EDX,[EBX+0x1F0] >> REAL S/N
............................
0x4825D8 CALL 0x40376C >> COMPARE BOTH

Registration Info :

S/N = B6A44T72C

After entring this S/N ,the program itself will shows us
the new S/N :) FUNNY !

S/N = 9966698

...................................
0x100112B3 CALL 10016540 .......5.0 PRO PLAYER KEY CHECK............
0x100112B8 ADD ESP,0C ............LOOK UP TABLE - A2EGPM4QTW8J3XUR
0x100112BB TEST AL,AL
0x100112BD JNZ 10011307
....................................
0x100112D1 CALL 10016540 ........OLD KEY CHECK - 3.02 VER
0x100112D6 ADD ESP,0C
0x100112D9 TEST AL,AL
0x100112DB JNZ 1001130E

INSIDE ---- 0x100112B3 CALL 10016540........

66924796 CALL [EBP-20]
....INSIDE THIS CALL ....
0x66ABC95D CMP BYTE PTR [EBX],18 ----> 24 CHAR
.................................................
0x66ABC96B CMP CL,AL => AL = 2D '-' ; CL = 5TH CHAR OF S/N
.................................................
0x66ABC973 CMP [EBX+0A],AL
.................................................
0x66ABC97C CMP [EBX+0F],AL
.................................................
0x66ABC985 CMP [EBX+14],AL
.................................................
0x66ABCB79 CALL 66ABCD60 ---------- LOOK UP TABLE
.................................................
0x66ABCB8C CALL 66ABCD60 ---------- LOOK UP TABLE
.................................................
0x66ABCD98 CMP BL,AL --------------- COMPARE LOOK UP TABLE COUNTS [BL] WITH AL
.................................................
------- LOOP .... GO UP ----TILL ALL CHARS OF S/N ARE FINISHED------

Registration Info :

5.0 Pro Player Key :

Name = DHEERAJ
Organization = MxB
S/N = EMXP-GJ4Q-QG2E-Q44M-5555

Future Pro Player Key :

Name = DHEERAJ
Organization = MxB
S/N = KUCA-4PG4-448D-GUDN-5555

eturns Integer: 1

Registration Info :

Name = DHEERAJ
Product ID = 3897695580138
Unlock Key = 1283792544077

Note : This is where the program is storing its 50 execution count :Inside the registry ..

[HKEY_LOCAL_MACHINE\System\ControlSet001\Control]
"winsystem"="††"
"windows"="„†zŒ‡}Œ…"

Those invalid charecters are its count if you increase it you will get 50>+ execution ..

0x40A6AB CMP EDI,EAX =>3C --"60" ; EDI = NO: DAYS USED
0x40A6AD JLE 40A70A = 7E 5B --> GOOD BOY OFFSET = A6AD
...........................................
NOW BPMB 5F5A78 RW --- CONTINUE
...........................................
0x40A942 PUSH 5F5A78
0x40A947 CALL [005B42A8]
0x40A94D ADD ESP,04
0x40A950 CMP EDI,EAX
0x40A952 JLE 40A973 = 7E 1F --> GOOD BOY OFFSET = A952

So all you want to do is to convert :
JLE ---> JMP i.e 74 ===> EB

Suppose we just try to redirect this check to an original and virgin