home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Reverse Code Engineering RCE CD +sandman 2000
/
ReverseCodeEngineeringRceCdsandman2000.iso
/
RCE
/
E_bliss
/
eb_tut24.txt
< prev
next >
Wrap
Text File
|
2000-05-25
|
3KB
|
104 lines
Tutorial Number 24
Written by Etenal Bliss
Email: Eternal_Bliss@hotmail.com
Website: http://crackmes.cjb.net
http://surf.to/crackmes
Date written: 3rd Jun 1999
Program Details:
Name: Crackme 2
Author: Leech
Language: Visual Basic 5
Tools Used:
SmartCheck
Cracking Method:
Code analysis
Viewing Method:
Use Notepad with Word Wrap switched on
Screen Area set to 800 X 600 pixels (Optional)
__________________________________________________________________________
About this protection system
This CrackMe has only 1 correct code. This time, it is not exactly compared
directly.
_________________________________________________________________________
About this tutorial
Since this is my 24th tutorial, I will presume that you have read the
previous ones. So, my description on how to use the tools will be reduced
unless there are new methods.
_________________________________________________________________________
SmartCheck
First, run the CrackMe with SmartCheck.
Click on the Register Button and fill in any name and code. Click OK.
You will be informed that the code is wrong. Ignore it for the time
being because soon, the code will be correct. 8)
I an using "0" as the code.
You will see two "Command1_Click" reported in SmartCheck. Click on
the + sign next to the 2nd one to expand the thread.
Without going into "Show All Events" mode, just observe the info shown first.
There are 3 lines that are very interesting:
String ("0") --> Double (0)
String ("2657953123") --> Double (2.65795e+009)
Double (-2.65795e+009) --> ("-2657953123")
"0" is what you entered for the code. Where did "2657953123" come from?
And where did "-2657953123" come from??
Let's presume that the "-2657953123" is from "0 - 2657953123"
** If you enter "1" instead of "0", you will get "-2657953122"
Highlight that line and then choose "Show All Events" in SmartCheck.
About 16 lines down, you will see:
__vbaStrCmp(String:"1",String"-2657953...") returns DWORD....
Well, here we go again... __vbaStrCmp
But look here... "-2657953..." (actually should be "-2657953123")
is compared with "1"...
hmmm...
So, what we entered is subtracted by "2657953123" and then comapred to "1"
Working it backwards, we will get "2657953124"
Try it out with "2657953124" and enter any name... you will get the correct
message although I can't read it.
CrackMe cracked!!
__________________________________________________________________________
Final Notes
This tutorial is dedicated to all the newbies like me.
And because I'm a newbie myself, I may have explained certain things wrongly
So, if that is the case, please forgive me. Email me if there is anything
you are not clear about.
My thanks and gratitude goes to:-
All the writers of Cracks tutorials and CrackMes
and also to all the crackers that have been supporting my site and project forum.