| Objet : | C4N Project 1 : FTP Navigator 4.15 |
| Date : | 20 Aout 1999 |
| Heure : | 16h15 |
| Protection type : | Nag |
Hello, That's my first English Tut so.. Be cool ;) !
Ok, take a look to FTP Nav.. and you see 3 things to be cracked :
I use Softice. Run Symbol Loader, open Ftp.exe and load it. Your are kicked in Softice.. and you must see :
//********************
Program Entry Point ********
:00461EF0
55
push ebp
:00461EF1
8BEC
mov ebp, esp
:00461EF3
83C4F4
add esp, FFFFFFF4
:00461EF6
53
push ebx
:00461EF7
B8781D4600
mov eax, 00461D78
:00461EFC
E8C338FAFF
call 004057C4
:00461F01
8B1DC42D4600
mov ebx, dword ptr [00462DC4]
:00461F07
8B03
mov eax, dword ptr [ebx]
*
Possible StringData Ref from Code Obj ->"FTP - Navigator"
|
:00461F09
BA901F4600
mov edx, 00461F90
:00461F0E
E81DDDFCFF
call 0042FC30
:00461F13
8B03
mov eax, dword ptr [ebx]
:00461F15
83C034
add eax, 00000034
*
Possible StringData Ref from Code Obj ->"Ftpnav.hlp"
|
:00461F18
BAA81F4600
mov edx, 00461FA8
:00461F1D
E8FA1AFAFF
call 00403A1C
:00461F22
E8C57EFFFF
call 00459DEC
:00461F27
E82C7DFFFF
call 00459C58 <-- Nag
Screen !!
:00461F2C
8B0D582E4600
mov ecx, dword ptr [00462E58] <--
Come Back here
:00461F32
8B03
mov eax, dword ptr [ebx]
:00461F34
8B155CA14500
mov edx, dword ptr [0045A15C]
:00461F3A
E8D9DFFCFF
call 0042FF18
Let's trace it with F10, when you are at :00461F27, the Nag Screen appear and when you click OK, you are kicked in Softice just after, at :00461F2C. Ok, now put a BreakPoint on 00461F27 and restart FTP Nav. Your are kicked in Softice at 00461F27 and now jump after this call. To do that, tape in Softice :
r eip eip+5
and Press [F5] to leave Softice.. heh..everything seems ok : we don't show the Nag.. now, go to nop that call ( at 00461F27 ) with Hview or another HexEditor !
Before :
.00461F27:
E82C7DFFFF
call .000459C58 -------- (1)
.00461F2C:
8B0D582E4600
mov ecx,[000462E58]
.00461F32:
8B03
mov eax,[ebx]
.00461F34:
8B155CA14500
mov edx,[00045A15C]
.00461F3A:
E8D9DFFCFF
call .00042FF18 -------- (2)
.00461F3F:
8B0DD82D4600
mov ecx,[000462DD8]
.00461F45:
8B03
mov eax,[ebx]
.00461F47:
8B1550D24300
mov edx,[00043D250]
After :
.00461F27:
90
nop
.00461F28:
90
nop
.00461F29:
90
nop
.00461F2A:
90
nop
.00461F2B:
90
nop
.00461F2C:
8B0D582E4600
mov ecx,[000462E58]
.00461F32:
8B03
mov eax,[ebx]
.00461F34:
8B155CA14500
mov edx,[00045A15C]
.00461F3A:
E8D9DFFCFF
call .00042FF18 -------- (1)
.00461F3F:
8B0DD82D4600
mov ecx,[000462DD8]
.00461F45:
8B03
mov eax,[ebx]
.00461F47:
8B1550D24300
mov edx,[00043D250]
Nag Cracked !
Ok, change your SystemTime to December 2000 and run FTP Nav.. everything seems ok.. I think the Time Limit was in the Nag ;) hehe
Time Limit Cracked !
ComeBack in Hview, and search for (Unregistered). U find it here :
.00484130:
67 61 74 6F-72 20 20 34-2E 31 35 20-20 28
55 6E gator 4.15 (Un
.00484140:
72 65 67 69-73 74 65 72-65 64 29
20-20 20 20 43 registered)
C
Change it by [Space]'s
.00484130:
67 61 74 6F-72 20 20 34-2E 31 35 20-20 20
20 20 gator 4.15
.00484140:
20 20 20 20-20 20 20 20-20 20 20 20-20
20 20 43
C
(Unregistred) Cracked !
That's finished ! Sorry for my fucking English..
Hope you understand everything !
Join me on #crack.fr
/ #eBu / #xplosif ( on UnderNet )
or #Cracking4Newbies / #digital.Factory
( on EF-net )
Greetz : SaTaNiK, TdvFR, JB007, ACiD_BURN,.BAT, T0RNAD0 and every Tutorial Maker ;) !
TeeJi [ just for cracking pleasure ]