How to find the real serial
AudioPEG3 Version 2.00.109
a Cracking tutorial By Nemesis] TNT
DISCLAIMER
This reading material is not intended to violate Copyrights
and/or it is law, but educational purposes only. I hold no
responsibility ( by all means and in any shape whatsoever )
of the mis-used of this material.
About The Program
"AudioPEG3" is an application that allows you to playback MPEG-audio files. It support MP2 and MP3 formats. Convenient interface gives you a possibility to play your favorite records easily. It looks like a simple tape recorder, all the functions are familiar for you.
WHERE TO DOWNLOAD
Homepage :http://www.yukudr.com
Size : 983KB
Tool: numega Softice 4.5 [can be download at http://www.eccentrix.com/computer/protools/
HOW TO GET VALID SERIAL NUMBER for your name By Using [Softice]
lets get started run the AudioPEG3 now we see dialog saying Register me! but there is ID with number and Unlock code enter your fake serial and click confirm unlock code message box saying Invaild unlock code ok so what we have to do is ctrl D bring softice , now we should put breakpoint like this bpx hmemcpy and enter press F5 to get out off softice, type your fake serial and what happen!! back to softice, now lets search for real serial ;-) ok F12 12 times until we land at this address below, now press F10 to go down to the call
:0048648E 8B95FCFEFFFF mov edx, dword ptr [ebp+FFFFFEFC]<---- WE LAND HERE
:00486494 8D8500FFFFFF lea eax, dword ptr [ebp+FFFFFF00]
:0048649A B9FF000000 mov ecx, 000000FF
:0048649F E858DBF7FF call 00403FFC
:004864A4 8D9500FFFFFF lea edx, dword ptr [ebp+FFFFFF00]
:004864AA A1F0D64800 mov eax, dword ptr [0048D6F0]
:004864AF 8B00 mov eax, dword ptr [eax]
:004864B1 E8FE450000 call 0048AAB4 <-- TRACE THIS CALL F8
--------------------CUT-------------------------------------------------------------
:0048AAB4 55 push ebp
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0048AA40(C)
|
:0048AAB5 8BEC mov ebp, esp
:0048AAB7 81C4F4FEFFFF add esp, FFFFFEF4
:0048AABD 53 push ebx
:0048AABE 56 push esi
:0048AABF 57 push edi
:0048AAC0 33C9 xor ecx, ecx
:0048AAC2 898DFCFEFFFF mov dword ptr [ebp+FFFFFEFC], ecx
:0048AAC8 898DF8FEFFFF mov dword ptr [ebp+FFFFFEF8], ecx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0048AA59(C)
|
:0048AACE 898DF4FEFFFF mov dword ptr [ebp+FFFFFEF4], ecx
:0048AAD4 8BF2 mov esi, edx
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0048AA6F(C)
|
:0048AAD6 8DBD00FFFFFF lea edi, dword ptr [ebp+FFFFFF00]
:0048AADC 33C9 xor ecx, ecx
:0048AADE 8A0E mov cl, byte ptr [esi]
:0048AAE0 41 inc ecx
:0048AAE1 F3 repz
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0048AA7C(C)
|
:0048AAE2 A4 movsb
:0048AAE3 8BD8 mov ebx, eax
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0048AA6C(C)
|
:0048AAE5 33C0 xor eax, eax
:0048AAE7 55 push ebp
:0048AAE8 689CAB4800 push 0048AB9C
:0048AAED 64FF30 push dword ptr fs:[eax]
:0048AAF0 648920 mov dword ptr fs:[eax], esp
:0048AAF3 C683B80A000000 mov byte ptr [ebx+00000AB8], 00
:0048AAFA 8D85FCFEFFFF lea eax, dword ptr [ebp+FFFFFEFC]
:0048AB00 8D9500FFFFFF lea edx, dword ptr [ebp+FFFFFF00]
:0048AB06 E8B994F7FF call 00403FC4
:0048AB0B 8B85FCFEFFFF mov eax, dword ptr [ebp+FFFFFEFC]
:0048AB11 50 push eax
:0048AB12 8D85F4FEFFFF lea eax, dword ptr [ebp+FFFFFEF4]
:0048AB18 50 push eax
:0048AB19 B906000000 mov ecx, 00000006
:0048AB1E BA04000000 mov edx, 00000004
* Possible StringData Ref from Code Obj ->"mtxmmsnsptl"
|
:0048AB23 B8B4AB4800 mov eax, 0048ABB4
:0048AB28 E8FB96F7FF call 00404228
:0048AB2D 8B85F4FEFFFF mov eax, dword ptr [ebp+FFFFFEF4]
:0048AB33 8D95F8FEFFFF lea edx, dword ptr [ebp+FFFFFEF8]
:0048AB39 E8E6DDF7FF call 00408924
:0048AB3E 8B95F8FEFFFF mov edx, dword ptr [ebp+FFFFFEF8]
:0048AB44 58 pop eax <------ TYPE D EDX FOR REAL SERIAL [MMSNSP]?
:0048AB45 E8E695F7FF call 00404130
:0048AB4A 752B jne 0048AB77
now remember the serial you have fond enter it and is registered !
easy or ??? the program is registered ;-) hope you find it useful ?
END NOTES
Special Thanks go to All [TNT MEMBERS] Keep it Real guys.
Nemesis]