|
|
|
|
#1
07-04-2004, 00:27
|
|||
|
|||
|
Mtw your ideas sounds very good .. but i'm trying to let you know that i don't have idea how to do this ... maybe you can attach here a sample dll with a little extra info. added which will try to explain how exactly do this with injected code example of course
 Regards 
|
|
#3
07-05-2004, 07:43
|
|||
|
|||
|
@Crk, I used your patch, created a dumped and fixed the stolen bytes and the planted infinite jump, but how can you verify that this is a working dump or not, for me it crashes at 1328e, [ModName: msvbvm60.dll
ModVer: 6.0.92.37 Offset: 0001328e], is this normal? also I have used the external signature faker (special.dll) by mtw (btw, thanks again mtw), but that leads no where!!  have any of you got another a "valid" result? Last edited by BetaMaster; 07-05-2004 at 07:50.
|
|
#4
07-05-2004, 12:55
|
|||
|
|||
|
[QUOTE=BetaMaster]@Crk, I used your patch, created a dumped and fixed the stolen bytes and the planted infinite jump, but how can you verify that this is a working dump or not, for me it crashes at 1328e, [ModName: msvbvm60.dll
ModVer: 6.0.92.37 Offset: 0001328e], is this normal? also I have used the external signature faker (special.dll) by mtw (btw, thanks again mtw), but that leads no where!! That DLL is only to bypass the security checks after the ThunRTMain call, like I said this DLL just helps you out after dump so you can find the procedure for the reg check (which btw uses a machine specific key with the HKLM\Software\Classes\CLSID\"machine depend key"\InprocServer32\InprocServer32) .. if you want to crack software noone said it will be "just find a hard key and patch it" you must read on protections, and assembly, I told you how to bypass the sec's checks, and I also said after this for "YOU" to find the reg procedure, this isnt a "show me how to crack" forum, there is enough information in this thread to get a good dump, IAT rebuilt, and security bypasses so your only job is to find the reg procedure. If it is crashing then your dump is no good. Remember Crk's dumper is for full version not the demo (download) version. Look at my other posts for the OEP and stolen bytes for the download (demo) ..
|
|
#5
07-05-2004, 15:11
|
|||
|
|||
|
does this .dll has to be placed in the Tweak-Xp directory or system32 ?
maybe we'll have to share with you the installer for full version.. to finally check if this method you used works with the full version ..... also which method you used to dump the DEMO version?? most be the same technique for full version since is the same VB app. + same protector used on the exe to have a working dump. BetaMaster if you already have full version ... maybe you have a place to upload it so mtw will get it. if not i could upload it somewhere if someone share some FTP or space to upload it to.... btw Betamaster i told you it crash for me too always at the same location.. but i believe the dump is ok.. that most be part of the integrity check program does ...let's wait for mtw comment about it. Regards Last edited by Crk; 07-05-2004 at 15:21.
|
|
#6
07-05-2004, 17:27
|
|||
|
|||
|
@mtw, I really appreciated your comments in this thread, but when I read your comments, it's like that you tell us that you have worked every thing, I am not having that impression by illusions, and secondly, this is a discussion and I suppose you had some discussions before.I also like to remind you that I didn't ask for your help to bypass the registration routines or the demo limitations, actually I have a full version and a key.
@Crk, the crash that is supposed to be after a crc invalidation is in kernel32.dll, just try to change the txp3.val or make a little change to the file tweak-xp.exe and see it. I guess there is something wrong with the dump. any help is really appreciated. 
|
|
#7
07-05-2004, 21:43
|
|||
|
|||
|
Quote:
Quote:
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Hybrid Mode
