|
user.txt:
// WinHex license file
Name: "wyx"
Addr1: "wyxwyx"
Addr2: "asdfgh"
Key1: 6D1C653854DD4D4778CE899813462118
Key2: 95938E5199B61DAB86EC50EB57E5E130
Chksm: A1
winhexcr.asm:
.486p ; db 67h direccion: [12345678h], ECX en REP
.387
cc segment use16
assume cs:cc,ds:cc
org 100h
ee:
;--------------------------------------
push cs
pop ds
mov dx,offset mensa0
call mensa
mov dx,offset nombre
mov ax,3d82h
int 21h
jc error
mov ds:[handle],ax
mov cx,0008h ; version
mov dx,8e37h
call posi
mov bx,ds:[handle]
mov cx,32
mov dx,offset buf
mov ah,3fh
int 21h
jc error
mov bx,offset buf
cmp byte ptr ds:[bx],"1"
jne error
cmp byte ptr ds:[bx+1],"1"
jne error
cmp byte ptr ds:[bx+3],"1"
jne error
cmp byte ptr ds:[bx+4],0
jne error
cmp byte ptr ds:[bx+14],"S"
jne error
cmp byte ptr ds:[bx+17],"2"
jne error
cmp byte ptr ds:[bx+18],0
jne error
mov cx,0000h ; user1
mov dx,0bb08h
call posi
mov cx,2
mov dx,offset dato1
call graba
mov cx,0000h ; user2
mov dx,0bb0fh
call posi
mov cx,6
mov dx,offset dato2
call graba
mov cx,0006h ; modo directo
mov dx,04cdh
call posi
mov cx,2
mov dx,offset dato3
call graba
mov cx,0001h ; all
mov dx,160ch
call posi
mov cx,3
mov dx,offset dato4
call graba
mov dx,offset mensa2
call mensa
fin: mov ax,4c00h
int 21h
posi: mov bx,ds:[handle]
mov ax,4200h
int 21h
jc error2
ret
graba: mov bx,ds:[handle]
mov ah,40h
int 21h
jc error2
ret
error2: pop ax
error: xor bx,bx
mov ax,0e07h
int 10h
mov dx,offset mensa1
call mensa
jmp fin
mensa: mov ah,09h
int 21h
ret
mensa0 db "Crack for WinHex 11.1 SR-2 by wyx."
;,13,10
db "Run this file in WinHex.exe folder.",13,1&
#48;,13,10,"$"
mensa1 db "Error.",13,10,"$"
mensa2 db "Ok.",13,10,"$"
nombre db "WinHex.exe",0
dato1 db 0c6h,05h
dato2 db 0e9h,3eh,01h,00h,00h,90h
dato3 db 90h,90h
dato4 db "wyx"
handle dw ?
buf equ $
;------------------------------------
cc ends
end ee
WinHexcr.txt:
10.54 SR-2: 8B1530C84700 8B45F0 E8???????? 85C0
7414
""""9090"""" "&#
34;"""" """""""""" "
""" """"
10.55: 8B1530C84700 8B45F0 E8???????? 85C0 74�
9;4
""""34"""""" """"
"" """""""""" """�
4; """"
10.55: 8B1530C84700 8B45F0 E8???????? 85C0 74�
9;4
"""""""""""" ""&#
34;""" """""""""" ""
"" EB""
Pone modo directo y al grabar no sale: Fichero de usuario inválido.
10.55 SR2-4, 10.6 SR0-2, 10.75 SR-8, 10.8, &
#49;0.8 SR-1, 10.8 SR-4:
7504 33C0 EB02 B001 8B15 (3ª)
"""" """" 9090 """&#
34; """"
Para que al grabar no salga: Fichero de usuario inválido.
10.8 SR-4, 10.8 SR-7:
A17C594800 05B7000000 8138765E&#
49;080 750C A17C594800 C680C50000
;0054
776E
10.8 SR-8, 10.82, 10.82 SR-1, 10.9 SR-3,
10.9 SR-6, 10.9 SR-7, 10.9 SR-11,
10.9 SR-12, 10.9 SR-14:
__ __ ____ __ __ ____
A17C594800 05B7000000 8138765E&#
49;080 750C A17C594800 C680C50000
;0054
EB
:00459532 A17C594800 mov eax, dwor
d ptr [0048597C]
:00459537 05B7000000 add ea
x, 000000B7
:0045953C 8138765E1080 cmp dword ptr [ea&
#120;], 80105E76
:00459542 750C jne 00459550 &
#60;----------------------- EB
:00459544 A17C594800 mov eax, dwor
d ptr [0048597C]
:00459549 C680C500000054 mo
v byte ptr [eax+000000C5], 54
10.92 F, 10.92 SR-1, 10.92 SR-2,
11.0 F, 11.0 SR-1, 11.0 SR-2, 11
.0 SR-3, 11.0 SR-4, 11.0 SR-5,
11.1 SR-1, 11.1 SR-2:
:0040C6DC 8A8AD30F4900 mov cl, byte ptr [
edx+00490FD3]
:0040C6E2 888AD40F4900 mov byte ptr [ed&#
120;+00490FD4], cl
:0040C6E8 8A8AD20F4900 mov cl, byte ptr [
edx+00490FD2]
:0040C6EE 888AD30F4900 mov byte ptr [ed&#
120;+00490FD3], cl
:0040C6F4 C682D20F49002E mov byte ptr [ed&#
120;+00490FD2], 2E
:0040C6FB 66813D7A0849000104 cm
p word ptr [0049087A], 0401
:0040C704 730A jnb 0040C71
;0
:0040C706 66833D7A08490064 cmp word ptr [
0049087A], 0064
:0040C70E 750D jne 0040C71
;D
:0040C710 803DBC07490006 cm
p byte ptr [004907BC], 06 <-------- 05
B7CE mov
:0040C717 0F843D010000 je
0040C85A
E93E01000090 jmp 0&
#48;40c85a
:0040C71D C6056006490000
mov byte ptr [00490660], 00
:0040C724 C6051707490000 mo
v byte ptr [00490717], 00
:0040C72B C6052408490000 mov by
te ptr [00490824], 00
7504 33C0 EB02 B001 8B15 (4ª)
"""" """" 9090 """&#
34; """"
|
