Web
: http://mxb.cjb.net
Contact Me : [email protected] or [email protected]
ACDSee
4.0
Type : Image Viewer
Protection : Date check
Tech : Patching
Crack : ACDSee is the best image viewer i have ever seen ...
Unlike Ver 3.1 ....i was able to completely rip out full version from
Ver 4.0...Here we go ...
What all main points does this program have :
1. CRC Check
2. All licensing and trial is controlled by a DLL file : License.dll
3. An AD Window is shown with AD'S ....
So every thing points to that DLL file ...hee hee...
After our trial is expired a nag box is shown to enter trial extend code ...
Use API Syp to find out some API called before showing this nag window...
0x4E52D1 CALL CREATEFILEA
-------------------------------- IN SICE ---------------------------------
BPX GETSTARTUPINFO
Now use ...BPMB to avoid code corruption ...
BPMB CS:4E52D1 X
Proceed .....till we break in to 0x4E52D1....and trace .....
0x406B8B CALL 40B870
0x406B90 TEST EAX,EAX
0x406B92 JNZ 406BC6
INSIDE THIS CALL .....
0x40B922 CALL [545378] --- CALL FLAG RESET FUNC. IN LICENSE.DLL :)
0x40B928 TEST EAX,EAX
0x40B92A JZ 40B942
0x40B92C CMP [ESP+08],ESI
0x40B930 JNZ 40B942 | 75 10 --- BAD BOY OFFSET = B930
Some sort of fishy thing going inside CALL [545378] .....lets look inside ...
0x10001CE0 XOR EAX,EAX | 33 C0
0x10001CE2 RET | C3 OFFSET = 1CE2
Flag reset hee ...hee ...
So we must make it :
0x10001CE2 INC EAX | 40
0x10001CE3 RET |C3
CRC Check
If we apply patch it will show a CRC Error ... lets fix this baby ...
BPX DIALOGBOXPARAMA
Now trace back and look up ...
0x40AFB9 CALL 5373B0
0x40AFBE TEST EAX,EAX
0x40AFC0 JZ 40AFF3 | 74 31 MUST JUMP....OFFSET = AFC0
Patch
FILE : ACDSEE.EXE
OFFSET = B930 ------> 90 - 90
OFFSET = AFC0 ------> EB
FILE : LICENSE.DLL
OFFSET = 1CE2 ------> 40 C3