McCool's TUT

FOR
BASiLiSK's CrackMe #1

 

TIME: 15 min.

Software:
NuMega SmartCheck 6.03
WindowHacker
NotePad

Settings for SmartCheck 6.03:

menue Programm / Settings ...

Error detection tab:
check all boxes
advanced:
check the first 4 checkboxes
Reporting tab:
Check all expect "Report MouseMove events from OCX"!!!

INSTRUCTIONS:

  1. This CrackMe checks if u have installed various Debug/Dissasemble Progs! (SoftIce, Wdasm, SmartCheck)
    first time u run it it will tell ya that u have intalled Wdasm (if u have) ....
    ... so u have to rename this file "w32dasm8.ini" to (what u like) "~w32dasm8.ini"

  2. It also check if u have installed SoftIce!
    U know if u install SoftIce it will write something into your autoexec.bat!
    We only have to delete this entry!
    open autexec.bat (autexec.001/ or autexec.bak/...) and del the entry of SoftIce (like "c:\Tools\Winice.exe")

  3. 3rd check is for Numega Smartcheck
    I think it checks wether Smartcheck is opened!
    So i took my little Prog called "WINDOW HACKER"


    In WindowHacker I pushed "Refresh" and highlighted "NuMega SmartCheck"
    Now click on Transfer
    NOW U WILL SEE THAT "NUMEGA SMARTCHECK" IS NOW IN THIS FORM!
    SmartCheck has now the handle of WindowHacker (thats what we want!)

  4. Now Open CrackMe.exe (in SmartCheck) and Press F5 to start the CrackMe

  5. type in any Name, Company and Serial (u have to choose a long Name and Company!)!
    press "Check it"

  6. Now SmartCheck is working... working ... working ... working... and that a long time .....
    you only have to wait until a window pops up "Incorect Serial!"
    thats cool now close the CrackMe (click on EXIT)

  7. Go Back to SmartCheck
    in the left window u'll see something like "THREAT 0" and "_LOAD" and "_CLICK"
    Click on "_CLICK"
    Go to the menue VIEW and enable:
    Show Arguments
    Supressed Errors
    Show AllEvents

  8. Now ull see masses of codes.....
    Goto menue EDIT -> FIND
    search backwards for: "incorr" (like "Incorrect Serial!")

  9. a string called "msgbox(Variant: String: "Incorre..." and so on) will be hightlightet
    go to the sysFreeString that is near (watch the lines before) to this msgbox
    ull see that there is a sysFreeString 2 lines before the msgbox
    click on this sysFreeString and watch the right window
    there ull see a long String like (34CD9-8054281-OL@1228-P:)

  10. COOL THATS YOUR SERIAL FOR YOUR NAME,COMPANY and UNIQUE NR.

  11. Now all u have to do is to Close SmartCheck
    start CrackMe.exe
    Type in your Name (http://fly.to/McCool)
    type in your Company (McCool@gmx.at)
    Type in your Serial (34CD9-8054281-OL@1228-P:)
    press the "Check it!" button

  12. CONGRATS U've SUCCESSFULLY CRACKED THIS PROGRAMM

FULL SCREENDUMP --> CLICK HERE