McCool's TUT
FOR
BASiLiSK's CrackMe #1
TIME: 15 min.
Software:
NuMega SmartCheck 6.03
WindowHacker
NotePad
Settings
for SmartCheck 6.03:
menue Programm / Settings ...
Error detection tab:
check all boxes
advanced:
check the first 4 checkboxes
Reporting tab:
Check all expect "Report MouseMove events from
OCX"!!!
INSTRUCTIONS:
This CrackMe checks if u have installed
various Debug/Dissasemble Progs! (SoftIce, Wdasm,
SmartCheck)
first time u run it it will tell ya that u have intalled
Wdasm (if u have) ....
... so u have to rename this file
"w32dasm8.ini" to (what u like)
"~w32dasm8.ini"
It also check if u have installed
SoftIce!
U know if u install SoftIce it will write something into
your autoexec.bat!
We only have to delete this entry!
open autexec.bat (autexec.001/ or autexec.bak/...) and
del the entry of SoftIce (like
"c:\Tools\Winice.exe")
3rd check is for Numega Smartcheck
I think it checks wether Smartcheck is opened!
So i took my little Prog called "WINDOW HACKER"
In WindowHacker I pushed "Refresh" and
highlighted "NuMega SmartCheck"
Now click on Transfer
NOW U WILL SEE THAT "NUMEGA SMARTCHECK" IS NOW
IN THIS FORM!
SmartCheck has now the handle of WindowHacker (thats what
we want!)
Now Open CrackMe.exe (in SmartCheck) and Press F5 to start the CrackMe
type in any Name, Company and Serial (u
have to choose a long Name and Company!)!
press "Check it"
Now SmartCheck is working... working ...
working ... working... and that a long time .....
you only have to wait until a window pops up
"Incorect Serial!"
thats cool now close the CrackMe (click on EXIT)
Go Back to SmartCheck
in the left window u'll see something like "THREAT
0" and "_LOAD" and "_CLICK"
Click on "_CLICK"
Go to the menue VIEW and enable:
Show Arguments
Supressed Errors
Show AllEvents
Now ull see masses of codes.....
Goto menue EDIT -> FIND
search backwards for:
"incorr" (like "Incorrect Serial!")
a string called "msgbox(Variant:
String: "Incorre..." and
so on) will be hightlightet
go to the sysFreeString that is near (watch the lines
before) to this msgbox
ull see that there is a sysFreeString 2 lines before the
msgbox
click on this sysFreeString and watch the right window
there ull see a long String like
(34CD9-8054281-OL@1228-P:)
COOL THATS YOUR SERIAL FOR YOUR
NAME,COMPANY and UNIQUE NR.
Now all u have to do is to Close
SmartCheck
start CrackMe.exe
Type in your Name (http://fly.to/McCool)
type in your Company (McCool@gmx.at)
Type in your Serial (34CD9-8054281-OL@1228-P:)
press the "Check it!" button
CONGRATS U've SUCCESSFULLY CRACKED THIS
PROGRAMM
FULL SCREENDUMP --> CLICK HERE