Cracking "Alligator Flash Designer 6" by: MiStEr_X

[Gonzalez]

Cracking "Alligator Flash Designer 6" by: MiStEr_X

I will go faster in this tutorial coz if you have learned something from previous tutorials you can do it!

Tools:

OllyDBG 1.10 (can find it on previous tuts)

HDasm - Disassembler like W32Dasm but newer and faster:

Code:

http://foff.astalavista.ms/downloads/HDasm.zip

Hiew32 (can find it on previous tuts)

Software to crack:

http://software-files.download.com/sd/P8ItWi4uI1Wg9giT0KJZ3nuN2eq5RZ-mRCBOs6ssj_4QsAcYTkWVVo9dV4a8K-OoADmX7l5hXenUayRFnq8Gbdj8QO52F83b/software/10605573/10072924/3/sfld.exe?lop=link&ptype=3000&ontid=6676&siteId=4&edId=3&pid=10605573&psid=10072924

Let's begin...

Install our target software and run it. You will see two empty field where you can enter serial numbers. Full fill these fields and click on "OK" button. You will receive an error message: "Invalid serial number". Write down this message, we will need it later.

Fire up our new disassembler and disassemble the main .exe inside installation directory: "sfld.exe" through the buttons of HDasm find the button "S" (strings). On the search field enter our error message. Double click once on it. Close the strings window and you should be here:

picture 1

Write down the address cyrcled in red: "00409977", on this address is pushed the error message!

Fire up OllyDBG and open our file "sfld.exe" then click on go to address button, cyrcled in red in the picture below:

picture2

On the blank box enter our address "00409977" (without the quotes of course). You will land linke in this picture:

picture3

Put your selector line two line above on "PUSH -1" on the address "00409973" then look on the reference space of olly to see what address holds the jump that jumps here, like in the picture:

picture4:

On my OllyDBG I can see the jump becouse it is traced with the white line but maybe you don't have it.

So look the address cyrcled in red and write it down. Whatever that jump is we need to disable it coz it calls the error message. Go to this jump address, double click on it and you will see a box showing "JE 00409973". Delete this instruction and write there: "NOP" (without the quotes of course) then click on Assemble button, all instruction will be noped out by OllyDBG

Two lines over it we have a "CALL 0040A952". This call is very interesting becouse there is calculated if our serial is good or wrong. Put a breakpoint on this call with F2 and prees F9 to run the software. Enter any serial number (full fill the serial boxes don't put only few numbers but put as many numbers as any of the two boxes can accept) then click on OK button. OllyDBG will break on our breakpoint. Press F7 onece to enter into our call. Now press CTRL+R from your keyboard to see the references to this call, you should be like in this picture:

picture5

We see that there is an other call on address "0040A92F" that checks for the entered serial number, this call is showed by the red arrow! Dowble click on it. Two lines below it there is a conditional jump on address: "0040A937" JNZ SHORT 0040A94C. Dowble click on this thal line and delete: "JNZ SHORT 0040A94C" then write there: "NOP" (without the quotes of course). We are barely done now!!! Right click anywhere on the code and click on: "Copy to executable -> All modifications" on the little

dialog box click on: "Copy all". Close the other little window nmed "ADUMPFILE" then accept to save changes when asked. Change the file name from "sfld.exe" to "sfld_cracked.exe" to not overwrite the original file! Then click SAVE!!!

We are done!!! Go to the installation directory where we saved the cracked file and run it. Enter any serial number (full fill the boxes) and click on "OK"... Thank you for registering!

You cracked a software published on 2006, congratulations!

here is the patch I created:

http://foff.astalavista.ms/images/sfld/patch.zip

Tutorial written by: MiStEr_X

[Renegade]

Sub7 as avea o rugaminte.Am reusit sa crackui si eu dupa tutorialul tau si as vrea sa stiu cu ce prog ai facut patchul asta -http://foff.astalavista.ms/images/sfld/patch.zip-,sau mai bine zis cum l-ai integrat si cum ai pus sunetul.