LaZaRuS 's Hellforge Crackme 2

Written by:
ACiD BuRN

Date:14th April 1999
Program name: LaZaRuS ' s Hellforge crackme 2
Program type: W32
Program location: Here
Program filename: N/A
Program size: n/c

Tools required:
Soft - ice 3.2x

Difficult level:
Easy ( X ) Medium ( ) Hard ( ) Pro ( )

1) Find the good serial with soft-ice:

this crackme have a serial / name protection.
Cool, fire up Soft-ice!!

there are 2 breakpoints that works in Win32 cracking they are:
- bpx Getwindowtexta
- bpx Getdlgitemtexta

ctrl+D and we are in Soft-ice.Enter this breakpoints and press F5
to return to Soft-ice!
Enter name: ACiD BuRN and serial: 1122334455.
now press on "Click here to check your serial !!!"
Wrong code .. What ??? we are not in soft-ice !
so this breakpoints doesn't work on it !! shit !
so will try a bpx on hmemcpy . this always break !!!

ok, now re Enter name: ACiD BuRN and serial: 1122334455.
press on the button to check and now , we back in Sice !
Cool !
we see kernel at the down of the sice window.
we are not in the crackme, so press F12(7 times) untill you see
HF CRACKME ..
now we are in the good place .. press F10 to trace the code.
if you look at eax you see eax=9. it is the lenght of your name.
len of ACiD BuRN = 9
Continue to trace with sice a few times, and you well se that eax
change : EAX=B92COC.
type d eax in soft-ice and you see in the data window: ACiD BuRN
and a number: 104837121.What is this ? a serial ?
we will try it !!

type bd * for desactivate all breakpoints an enter:

nAME: ACiD BuRN
cODE: 104837121

Cool , the message : You did it !!!
Well done, Crackme cracked !!

2)how to Register with any serial

for this , we will patch !
open Wdasm and disassemble the file.
Now in String data reference search Wrong Code.double click to
go in Wdasm.double click again and you see that there is 2 references.
at the first there is no important thing, but the second !!!
press up, and we will find a test. we see:

Change the jne 00426993 (7518) by NOPs (9090) and the prog will
never go on the error !!! cool prog cracked !
so with an hexeditor search : FDFF75186000 and replace it by
FDFF90906A00, save and it is cracked !!!
enter your name , the serial you want and press the check button.
You did it !!!
Crackme cracked !

Hope you understand all in this essay , and if you have a problem you can mail me at :
[email protected]
Happy Cracking and have FuN ! :)

ACiD BuRN [ReFleXZ'99]

Greetz To:

R!SC, ^Inferno^, AB4DS, Cyber Blade, Klefz, , Volatility, Torn@do, T4D, Jeff, [Virus], Jane , Appbusta , Duelist , tKC , BuLLeT , Lucifer48 , MiZ , DnNuke , Bjanes ...
---> 4 Being So Good Friends To Me.
Sorry if you are not here too many people to greetz !!!)

....And All Crackers !!! ....

U can Found me on IRC : At #ReFleXZ99, #Cracking4Newbies , #ECL on Efnet

This tutorial is written for EDUCATIONAL purposes only.
So if you want to use the program after its trial period ends please BUY IT!
Support shareware (and its authors), this is our learning tool!

ReFleXZ is not responsible for any damage caused with this essay or any of its parts.
So everything what you're doing and 'experimenting' is on your own responsibile!

Also, in this tutorial you'll not find any serial numbers, so try to search
elsewhere under Cracks and Warez.