• http://magicaljellybean.com/keyfinder/

Activation console:

• oobe/msoobe /a
• Manual method
• http://www.computing.net/answers/windows-xp/windows-activation-expired/159468.html

I have searched in Internet for some activation removal tools like RESET 5 but I cant find any active online.

How to login in expired windows:

• click login try pressing WIN-U keys to bring out the Narrator dialog box. Then on the menu in the left, click About then click on the link for Microsoft website. IE will launch (not tested)
• Or you could just go into safe mode with a DOS prompt; type explorer.exe and have a full safe mode machine running allowing you to bypass the activation with a hack

The conclusion is:

Use the aways the latest windows version. Turn off the windows updates to be not surprised bad.

Brrrr. That sounds awfull. I am using such boosted/patched windowses. Maybe my life belongs to someone

it is called 300lv because one bastered have taken from me 300lv to buy me cheap fdd-diskets and forgets to return me the money and the disketts.

So I have written this small self-installing app in return.

here it is for free download …

300lv

Awards: It is honered by the Bulgarian Academy Antivirus software.

The story continues. This code has no self-replication code in it. But in Bulgaria it seems that people like to do tricks to themselfs so after 2 years I have infected with my own trojan :)

And another of my friends has gone with his infected computer in the police asking them to arrest me /he doesnt know that I am the author of the trojan/ I was lucky that it was before 1994 and the police is sleeping.

General plan for cracking a program

• install the program
• search for already made cracks for this version
  • astalavista.box.sk
• check what type of protection it has
• search for universal patch/cracks/dongle emulators
• Try

Define the right terms

• Debuggers
  • http://en.wikipedia.org/wiki/Debugger#External_links
  • KERNEL – http://rr0d.droids-corp.org/
  • Oly – http://www.ollydbg.de/download.htm
• Portals
  • http://www.openrce.org/downloads/
  • bg: http://game-hacks.xzone-bg.com/profile.php?lookup=5890

Symbols win32 http://www.microsoft.com/whdc/devtools/debugging/symbolpkg.mspx#d

• BackTrack is the most Top rated linux live distribution focused on penetration testing.
• NST
• Steganos Hacker Tools here ->
  (E-mail: www@serials.ws Name: www.serials.ws Serial: 50GWR0N-F71A39F)

  <- hidden text here

Metasploit – in ruby (huh?!) videos

TOP100 tools

exploit search list – > http://milw0rm.com/links/

I have used ollydbg.

The steps were:

1. I want to attach on “Start” button, but it was in cyrillic so I have to start some resource editor to change the text to latin characters.
2. I have put a breakpoint on the start handle and button messages
3. I got the message “Good bye” from the program.
   NEVER put such a messages in your program if you want to survive longer. It is better to quit silently instead of point to the cracker “Here, here, crack me, please”.
4. I have run Boarland Decompiler, check the address where “Good bye” is used, and I have put a breakpointer there.
5. Then bypass the “protection” by making the jnz to jmp
6. save the executable to have in this stable state

Then it was simple. The code was in memory. But how I could be able to show it to the poor users? I have decided to use memory viewer and put some instructions there….not good. not nice. Then I have a plan. There was a button “Instructions for registrations” I thoutgh that this is the perfect place to give the real instructions for registrations and show the code there :)

1. Some googling on how to display MessageBoxA and I have found this example here . \
2. Then I have replaced the end of the “Instructions for registrations” function with the following code

0047F903     A1 6C694800    MOV EAX,DWORD PTR DS:[48696C]
0047F908     6A 00          PUSH 0
0047F90A     50             PUSH EAX
0047F90B     50             PUSH EAX
0047F90C     6A 00          PUSH 0
0047F90E     E8 EF0DFD7D    CALL user32.MessageBoxA
0047F913     A1 70694800    MOV EAX,DWORD PTR DS:[486970]
0047F918     6A 00          PUSH 0
0047F91A     50             PUSH EAX
0047F91B     50             PUSH EAX
0047F91C     6A 00          PUSH 0
0047F91E     E8 DF0DFD7D    CALL user32.MessageBoxA
0047F923     A1 74694800    MOV EAX,DWORD PTR DS:[486974]
0047F928     6A 00          PUSH 0
0047F92A     50             PUSH EAX
0047F92B     50             PUSH EAX
0047F92C     6A 00          PUSH 0
0047F92E     E8 CF0DFD7D    CALL user32.MessageBoxA
0047F933     A1 78694800    MOV EAX,DWORD PTR DS:[486978]
0047F938     6A 00          PUSH 0
0047F93A     50             PUSH EAX
0047F93B     50             PUSH EAX
0047F93C     6A 00          PUSH 0
0047F93E     E8 BF0DFD7D    CALL user32.MessageBoxA
0047F943     90             NOP
0047F944     90             NOP                                      ; |

nop-ping till the end of the function here...

0047FA39     90             NOP
0047FA3A     90             NOP
0047FA3B     90             NOP
0047FA3C   . 5E             POP ESI
0047FA3D   > 5B             POP EBX
0047FA3E   . C3             RETN

Then save the patched file from ollydebug.

Final notes.

I am not happy on what I have done. I am writing also software and I know what means someone to crack your software. So I will publish the crack here but you should find it yourself. It is simple protection for the users which don’t want to pay :)