:00408324 8D44241C lea eax, dword ptr [esp+1C] **** Load next bit of code ****
:00408328 50 push eax
:00408329 E87291FFFF call 004014A0 **** In here is the "8" & "-" checks ****
:0040832E 83C40C add esp, 0000000C
:00408331 8D4C2414 lea ecx, dword ptr [esp+14]
:00408335 6A2D push 0000002D **** Kindly puts in the "-" if we forgot! ****
:00408337 51 push ecx
:00408338 E803890000 call 00410C40
:0040833D 8BD8 mov ebx, eax
:0040833F 83C408 add esp, 00000008
:00408342 85DB test ebx, ebx **** Last check of 1st chunk of reg code ****
:00408344 0F8418010000 je 00408462 **** N0 = go away to hell again! ****
:0040834A C60300 mov byte ptr [ebx], 00 ** or move on to next part of check ****
:
The above system is present in ALL the wolf programs so far. I have included it here for a fuller explanation.
BPX hmemcpy . Run target - it will immediately break in SICE. F5 x 1 to read in 2nd data line. F11 to get back to calling address. Disable all breakpoints & prog-step (F12) or, if you have the time, step (F10) -I don't recommend this unless you have a few weeks spare! Anyway, step until you get to the target (in SICE the code window will show the program name albeit in abbreviated form)
Search "key-input-string" ie: :s 0 l ffffffff '1212121212'
BPM on address. ie: :BPM ????:0058F670 RW Name & Code
BPM on address. ie: :BPM ????:0058F6A8 RW
It gets copied to: 0058F728 BPM on it too.
F5 x 5-10 times
At in EDX @ C3A0E0D1 you will see (eventually) the 6 digit number to suffix on to the 1st 4 digits ie: PW8-xxxxxx (where xxxxxx = your numbers found).
NB. You may have to F5 a few times & G a time or so to get the code to pop up in the code window - I suggest you keep a watch on data area D 58F670
CRACK DONE!
Kudos,
The_Gimp!
If you're REALLY lazy (like me!) use this serial instead . . .
Name Reg
The_Gimp! PW8-301311 - PRO
The_Gimp! SW8-168485 - STANDARD
Then you need to crack part two. This involves obtaining the
latest script by doing a seperate download of the latest version
of "sb-script.exe"
This is a "Package for the Web" passworded file. Just use Peppers' crack on it.