Courtesy of reverser's page of reverse engineering, 26 July 1998
1) :0A0D7 3BC5 cmp eax, ebp ; everything OK? :0A0D9 741E je 0A0F9 ; go ahead good_guy :0A0DB 688A130000 push 0000138A ;"An invalid software registration number was detected" Ah ah!, that jump at 0A0D9 need a fix 2) :09925 833DCC63420000 cmp dword ptr [263CC], 0 ;d'we have FALSE flag? :0992C B868634200 mov eax, 26368 ;prepare good eax :09931 7505 jne 09938 ;and if not, go ahead gg :09933 B834EA4100 mov eax, 1EA34 ;else "30-Day Shareware Evaluation" Ah ah!, that location [263CC] is a flag set to FALSE! 3) :09725 3B05CC634200 cmp eax, dword ptr [263CC] ;d'we have good user? :0972B 7414 je 09741 ;yes, so do not :0972D C705CC63420000000000 mov dword ptr [263CC], 0 ; FALSE in flag_1 :09737 C705D063420001000000 mov dword ptr [263D0], 1 ; TRUE in flag_2 So, here I would suggest to change the mov at 0972D to charge a TRUE (instead of a FALSE) in flag 1, and since there is another flag two which is set to true in the unregistered version, let's set that to false for good measure.Well, that's all, actually...
homepage links search_forms +ORC students' essays academy database
tools anonymity academy cocktails antismut CGI-scripts mail_reverser
Is reverse engineering legal?