Rarlab WinRAR 3.42 Simple Crack Tutorial ---------------------------------------- By iqlord | the .aware crew * File name WinRAR.exe * File size 847 360 byte Be sure to read this entire tutorial before you begin to crack winrar 3.42 on your own. If not, you could end up hitting yourself with the keyboard or your homemade bong-pipe. And remember that I’m not to be held responsible if your computer explodes or if you accidentally launch a nuke when you’re messing around with winrar, mkay! ----------------------------------------------------------------------------------------- For you out there, which are in a hurry simply, replace the data at [D2BBh] to [B001]. ----------------------------------------------------------------------------------------- ::: Here we go people! ::: Lets start off with, obviously the most important thing to eliminate; the nag screen. If you haven’t registered winrar within 40 days a nag screen will be forced upon you every time you start winrar. As of this being the most annoying thing about not having a registered version of winrar, I’ll show you a few different ways of removing the nag screen. Use whichever is most convenient for you. -------------------------------------------[1]------------------------------------------- OFFSET HEX ASM CLARIFICATION CODE DATA ----------------------------------------------------------------------------------------- 0004053F 7532 jne 00440F73 default data 00440F3F 7432 je 00440F73 modified data * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:004409C3(C) | :00440F1D 833D903A4B0000 cmp dword ptr [004B3A90], 00000000 :00440F24 754D jne 00440F73 :00440F26 803D605A490000 cmp byte ptr [00495A60], 00 :00440F2D 7544 jne 00440F73 :00440F2F 803D007E4B0000 cmp byte ptr [004B7E00], 00 :00440F36 753B jne 00440F73 :00440F38 803DBCF9490000 cmp byte ptr [0049F9BC], 00 :00440F3F 7532 jne 00440F73 <<<-----------------------[here it is] :00440F41 A1C8434B00 mov eax, dword ptr [004B43C8] :00440F46 83F828 cmp eax, 00000028 :00440F49 7F04 jg 00440F4F :00440F4B 85C0 test eax, eax :00440F4D 7D24 jge 00440F73 ----------------------------------------------------------------------------------------- -------------------------------------------[2]------------------------------------------- OFFSET HEX ASM CLARIFICATION CODE DATA ----------------------------------------------------------------------------------------- 00040538 803DBCF9490000 cmp byte ptr [0049F9BC], 00 default data 00440F38 803DBCF9490001 cmp byte ptr [0049F9BC], 01 modified data * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:004409C3(C) | :00440F1D 833D903A4B0000 cmp dword ptr [004B3A90], 00000000 :00440F24 754D jne 00440F73 :00440F26 803D605A490000 cmp byte ptr [00495A60], 00 :00440F2D 7544 jne 00440F73 :00440F2F 803D007E4B0000 cmp byte ptr [004B7E00], 00 :00440F36 753B jne 00440F73 :00440F38 803DBCF9490000 cmp byte ptr [0049F9BC], 00 <<<--------[here it is] :00440F3F 7532 jne 00440F73 :00440F41 A1C8434B00 mov eax, dword ptr [004B43C8] :00440F46 83F828 cmp eax, 00000028 :00440F49 7F04 jg 00440F4F :00440F4B 85C0 test eax, eax :00440F4D 7D24 jge 00440F73 ----------------------------------------------------------------------------------------- -------------------------------------------[3]------------------------------------------- OFFSET HEX ASM CLARIFICATION CODE DATA ----------------------------------------------------------------------------------------- 0004056E E867F30400 call 004902DA default data 00440F6E 40 inc ax modified data 48 dec ax modified data 90 nop modified data 41 inc cx modified data 49 dec cx modified data * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:00440F49(C) | :00440F4F C605605A490001 mov byte ptr [00495A60], 01 :00440F56 6A00 push 00000000 :00440F58 68F44F4400 push 00444FF4 :00440F5D FF351C164B00 push dword ptr [004B161C] * Possible StringData Ref from Data Obj ->"REMINDER" | :00440F63 68E15F4900 push 00495FE1 :00440F68 FF35E0F94900 push dword ptr [0049F9E0] * Reference To: USER32.DialogBoxParamA, Ord:0000h :00440F6E E867F30400 Call 004902DA <<<----------------------[here it is] ----------------------------------------------------------------------------------------- If you were to buy and register winrar you would be sent a license file containing a name or whatever, which you have requested, and a winrar code. The default name of the file is rarreg.key and it is to be placed in the winrar directory. You can of course create your own license file and add whatever data you’d like, but it wouldn’t be shown in winrar because it would most likely not be valid. To make it valid you could reverse the (license check up result) of winrar. This is one way of doing it. -------------------------------------------[1]------------------------------------------- OFFSET HEX ASM CLARIFICATION CODE DATA ----------------------------------------------------------------------------------------- 00043DCD 7449 je 00444818 default data 004447CD 7549 jne 00444818 modified data * Reference To: USER32.SetDlgItemTextA, Ord:0000h | :004447C1 E854BD0400 Call 0049051A :004447C6 803DBCF9490000 cmp byte ptr [0049F9BC], 00 :004447CD 7449 je 00444818 <<<------------------------[here it is] :004447CF BEB8F34900 mov esi, 0049F3B8 :004447D4 8DBD34F5FFFF lea edi, dword ptr [ebp+FFFFF534] :004447DA B981010000 mov ecx, 00000181 :004447DF F3 repz :004447E0 A5 movsd * Possible Reference to String Resource ID=00960: "Registered to" | :004447E1 B8C0030000 mov eax, 000003C0 :004447E6 E8F1CBFCFF call 004113DC :004447EB 50 push eax ----------------------------------------------------------------------------------------- The license file (rarreg) has the following setup now when we have modified winrar! ----------------------------------------------------------------------------------------- Line one which must be at least 1, chars long. (for example: My bong-pipe is blue). Line two can be any text (for example: your nickname). Line three can also be any text (for example: your bad ass cracking groups name). ----------------------------------------------------------------------------------------- For you out there that is thinking of writing a license file creator for winrar I can mention that each line doesn’t have to be ended with both CR and LF. Both or any of them should work perfectly. If you have no idea what I’m talking about you will probably not write such a program and you've just read this part in vein. If your still curious what I'm talking about you should do some reading about that [enter] key(s) of yours. Note: WinRAR will always use the newest license file that it can locate, and you can give the license file any kind of suffix. You could for example name the license file rarreg.key, rarreg.txt, rarreg.dat or whatever suits you the best! Simply rarreg without any suffix should work fine as well. Even though you have removed the nag screen and made it possible to add a homemade license file you would still be stuck with text in the winrar titlebar saying either “only X days left to buy a license” or “evaluation copy”. We could of course live with this, but why not remove it, and give winrar a fresh fully registered look? Especially when it’s only a one-byte alteration. Here is one way of doing it. -------------------------------------------[1]------------------------------------------- OFFSET HEX ASM CLARIFICATION CODE DATA ----------------------------------------------------------------------------------------- 0004A96C 757A jne 0044B3E8 default data 0044B36C 747A je 0044B3E8 modified data * Possible StringData Ref from Data Obj ->"%s - WinRAR" | :0044B353 68ED6B4900 push 00496BED :0044B358 8D442408 lea eax, dword ptr [esp+08] :0044B35C 50 push eax :0044B35D E802E00300 call 00489364 :0044B362 83C40C add esp, 0000000C :0044B365 803DBCF9490000 cmp byte ptr [0049F9BC], 00 :0044B36C 757A jne 0044B3E8 <<<-----------------------[here it is] :0044B36E A1C8434B00 mov eax, dword ptr [004B43C8] :0044B373 83F814 cmp eax, 00000014 :0044B376 7C05 jl 0044B37D :0044B378 83F828 cmp eax, 00000028 :0044B37B 7C1D jl 0044B39A * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:0044B376(C) | * Possible Reference to String Resource ID=00873: "evaluation copy" | :0044B37D B869030000 mov eax, 00000369 :0044B382 E85560FCFF call 004113DC :0044B387 50 push eax :0044B388 8D942404020000 lea edx, dword ptr [esp+00000204] :0044B38F 52 push edx :0044B390 E8F7B00300 call 0048648C :0044B395 83C408 add esp, 00000008 :0044B398 EB27 jmp 0044B3C1 * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:0044B37B(C) | :0044B39A B928000000 mov ecx, 00000028 * Possible Reference to String Resource ID=00874: "only %d days left to buy a license" | :0044B39F B86A030000 mov eax, 0000036A :0044B3A4 2B0DC8434B00 sub ecx, dword ptr [004B43C8] :0044B3AA 51 push ecx :0044B3AB E82C60FCFF call 004113DC :0044B3B0 50 push eax :0044B3B1 8D942408020000 lea edx, dword ptr [esp+00000208] :0044B3B8 52 push edx :0044B3B9 E8A6DF0300 call 00489364 :0044B3BE 83C40C add esp, 0000000C ----------------------------------------------------------------------------------------- Marvellous; winrar is cracked and everything is working! But don’t you think that was a little bit much byte alteration for such a relatively simple application as winrar? If not you can stop reading now, but if you do, you should ignore all of the above and use this sneaky example instead. -------------------------------------------[1]------------------------------------------- OFFSET HEX ASM CLARIFICATION CODE DATA ----------------------------------------------------------------------------------------- 0000D2BB 33C0 xor eax, eax default data 0040DCBB B001 mov al, 01 modified data * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:0040DB95(U) | :0040DCA2 8D85D0EFFFFF lea eax, dword ptr [ebp+FFFFEFD0] :0040DCA8 8B95D0F3FFFF mov edx, dword ptr [ebp+FFFFF3D0] :0040DCAE E865DBFFFF call 0040B818 :0040DCB3 84C0 test al, al :0040DCB5 0F85DFFEFFFF jne 0040DB9A :0040DCBB 33C0 xor eax, eax <<<-----------------------[here it is] :0040DCBD 8B95D4F3FFFF mov edx, dword ptr [ebp+FFFFF3D4] :0040DCC3 64891500000000 mov dword ptr fs:[00000000], edx ----------------------------------------------------------------------------------------- Enjoy! [ And now time for some other type of cracking ] () () () () () () () () () () () () SSCCHHHHFFFF! ..... *HOLD IT* *HOLD IT* *HOOOOOOLD IIT* ..... PPFFFFFFFF!!! () BUBBLES, BUBBLES, BUUUUUUBBLEEEEEEESSSS!!! () DAAAAAAAMN BOI, DOES CROCODILES AND BANANAS MAKE ANY SENSE TO YOU? () ....DUDE, I CAN'T FEEL MY FEELINGS! () /iqlord | .aware crew