Cracking "Sweet Little Piano v1.83"



-notepad maximized with wordwrap on
-tutorial no.1 written by tracer_v
-dificulty: easy/medium for newbies
-tools: SoftIce any version but i prefer v4.0 and also a BRAIN hehe


1. Hi there newbies this is my first tutorial on cracking:) and i'd chosed
this little program because i've read the tutorial of <TeCh~LoRd> who
cracked it with w32dasm so i think that are lots of people that do not use
w32. i cracked this one with SoftICe. So let's get crackin' k?
2. Let's learn on how this little app works well:
-the dir has like about 217.760KB
-Swlipi32.exe 83.456KB
-we see some files not realy important i think:)
-use quick view to see the breakpoints but in our case they are hidden :(
3. Start the porgram and a notice appears (it sucks) and our little box with
enter password yeah!. Enter a random code e.g. 11223345 and don't press
enter yet. Load sice and breakpoint on GetDlgItemtexta (e.g. bpx
getdlgitemtexta) we use "a" at the end because it's a 32bit app. If
something is wrong on the breakpoint introduction check the winice.dat and
remove the quotes on:

EXP=c:\windows\system\kernel32.dll
EXP=c:\windows\system\user32.dll
EXP=c:\windows\system\gdi32.dll

ok so we're on sice and press F11 and the dasm will say that we are in
SWLIPI32 ok that's good it will show like this:

CALL USER32!GetDlgItemTextA --- our breakpoint
CALL 00401C84 --- trace this call with F8
TEST EAX,EAX --- a zero flag boolean that shows 0 (false)
JZ 00401E68 --- jump to the messageboxa Invalid password
annoucement

CALL 0401C84
.
.
PUSH 004119D8 --- not important(yeah right:)
LEA EAX,[EBP-50] --- i see something very interesting here our
data in eax remains constant after this so this
function loads our great serial number ehe test it "d eax" and it
shows ZD6-kP8-B634
-enter our serial number and finish u've made it u realy cracked this
application
-this is the most easy to cracked all that u need is to understand the
protection scheme
-so what do u think was it dificult? i don't thinks so u all need practice
and if u don't understand something pls email.

 

Credits


Written by: tracer_v
email: tracer_v@hotmail.com
13/12/01