Web
: http://mxb.cjb.net
Contact Me : [email protected] or [email protected]
Hot Crypt 2.1
Type : Encryption
Protection : Serial
Tech : Serial fishing
Crack : This is a mysterious program as S/N validation is made before
any API CALL...
It uses GETWINDOWTEXTA API to read S/N in to memory...but does nothing
afterwards ...no serial comparision .. etc
It was realy a luck for me to understand its protection.
So enter fake S/N and in SICE BPX GETWINDOWTEXTA
Now we will do a simple trick here - when we break in to SICE,search for
the S/N in the memory by using command :
s -a 0 L ffffff "55555555555555" >> "55555555555"
IS OUR FAKE S/N
When we get the address use : BPR xxxxxxxx xxxxxxxx on this address.
Now once again enter fake S/N and click "OK" button keeping BPR.After
few
pop up we will reach here :
0x4038B5 MOV ECX,[ESI] >> FAKE S/N
0x4038B7 MOV EBX,[EDI] >> REAL S/N
0x4038B9 CMP ECX,EBX
Only after this it uses GETWINDOWTEXTA API...may be to confuse crackers :)
Or it may be using any active thread ....
Registration INfo :
As this program is using PRODUCT ID,S/N on your computer will be different :
PRODUCT ID = 6F4A3A3B4E58
REG KEY = 4D6771375D4C4F40