Reverse Engineering Tutorial For Newbies - II

Posted by Sharan R On 6:26 AM

This is the second post on reverse engineering series ,In the previous post Reverse Engineering Tutorial For Newbies I showed you step by step how to crack an application so as if you enter the wrong password that program will think that it's the right password, However this is a bit advanced tutorial and in this tutorial I will tell you how you can fully register a program or software completly.The software I will use in this tutorial is Pixtopian Book

Disclaimer - By reading or following this tutorial you agree that this tutorial is for educational purposes only.

Requirements

1.Pixtopian Book
2.OllyDBG

Method

1.First of all download Pixtopian book and install in to your computer and open the Pixtopian book.

2.Now first of all we will look at the limitations of unregistered version of Pixtopian book:

a).You cannot add more than three groups and if you try to add more groups it will give the following error:

"You,ve reached the limit of three groups. Please Register Pixtopian book today!"



b)You can only add 4 Contacts/Name, If you try to add 5th name it will give the following error:

 You,ve reached the limit of 4 enteries per group/ Please register PixtopianBook today!

3.Now open Pixtopian book in OllyDBG

4.Now Right click there goto search for and click on All refrence Text strings


5.Right click there and click on Search For and search for "You,ve reached the limit of three groups" once you have found it double click it


6.Scroll above and you will see the following line:

"CMP EAX.3"

This line compares how many groups you put in with 3 if the group exceeds 3 then it gives the error message which is "You,ve reached the limit of three groups" but if you don't have three groups this condition will jump to the line JL SHORT 00408B34 and this will make it jump to 00408B34


So inorder to make this esc both errors we will Change JL SHORT 00408B34 to JMP SHORT 00408B34 so this will always esc the errors and this will make not a conditional jump any more

7.Now change the value of  JL SHORT 00408B34 to JMP SHORT 00408B34 and click assemble and click the blue button at the top.

8.After you click play you will end up in the following line 760642EP , The program will still not run because it has a very little range.

9.Now to increase range we will go to Options - Debugging options - Exceptions and there click on "add range of exceptions" and enter the range to "000000" and in the form "Last exceptions in range" we will enter "CCCCCCCC" Click Ok and tick also "Ignore also the following custom exceptions and ranges"


10.Now restart the program and follow again follow the steps 1-5 and again change JL SHORT 00408B34 to JMP SHORT 00408B34 start the Program and it will work and it will work for you and you can add more then 4 Groups and for adding more names repeat the above steps again.

Hint:Search For the error "You,ve reached the limit of 4 enteries per group/ Please register PixtopianBook today!"
And you are done. 

1 Comment

  1. delicacy Said,

    blackhatmailer.com is related to a few other domains that connect to the same ip..
    blackhatmailer.com recently ceased working & is offline, which means that all those
    who have put $500 in this bulk mailer since 2012 will not be able to use it, unless
    the application which is still available at ar.softoware.org/get-blackhat-mailer-pro.html?ir=1
    for download is CRAKED to have this stupid code verification by the author's website,
    that seems to be removed for good.

    I contacted all of the sites having the same ip, reporting the issue & requesting
    the code verification to be removed for those who bought it & send a working full
    application without that stupid secondary website verification & I got this, contacting
    downloadsupport@cbsinteractive.com

    [Hello,
    Thank you for contacting Download.com. This product is no longer available, so, we have removed it from our catalogue.

    Please, let me know if you have additional questions or concerns.
    Best regards,
    Irina
    Customer Service
    Download.com]

    Which is totally ridiculous because customers who have put 500 dollars
    on it have the right to keep using the application without that stupid
    secondary vain site code verification that disables all functions.

    their site will be exposed to personal spam until they assume their
    responsibility & remove that stupid verification.

    If anyone has the kindness to remove it as a contribution, it would be very
    kind as I shouldn't pay a software 500 dollars to have it disabled in all
    functions 6 years later.

    The moronic author of the app explained me that he doesn't think his
    site will ever be down but that if it happens, he will fix the connection
    issue & have it removed, but naturally, since 3 years, he doesn't respond
    to any emails through his stupid info.. email address from his offline shit
    site blackhatmailer.com

    If there are coders who want to have a look & fix it as a contribution,
    please don't hesitate, ty

    Posted on October 2, 2018 at 10:07 PM