SV Cracking DIY

when there is 16 chars in that line like 0F 12 34 56 78 90
u have to write 6 times 90 cause there is 6 bytes
when there is 4 chars 12 34
u have to write 2 times 90 cause there is 2 bytes

Complete scanning result of "tools.rar", received in VirusTotal at 01.09.2007, 21:18:25 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.21 01.09.2007 no virus found
Authentium 4.93.8 01.09.2007 no virus found
Avast 4.7.892.0 12.30.2006 no virus found
AVG 386 01.09.2007 no virus found
BitDefender 7.2 01.09.2007 no virus found
CAT-QuickHeal 9.00 01.09.2007 (Suspicious) - DNAScan
ClamAV devel-20060426 01.09.2007 no virus found
DrWeb 4.33 01.09.2007 no virus found
eSafe 7.0.14.0 01.09.2007 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.109 01.09.2007 no virus found
eTrust-Vet 30.3.3313 01.09.2007 no virus found
Ewido 4.0 01.09.2007 no virus found
Fortinet 2.82.0.0 01.09.2007 suspicious
F-Prot 3.16f 01.09.2007 no virus found
F-Prot4 4.2.1.29 01.09.2007 no virus found
Ikarus T3.1.0.27 01.09.2007 no virus found
Kaspersky 4.0.2.24 01.09.2007 no virus found
McAfee 4935 01.09.2007 no virus found
Microsoft 1.1904 01.09.2007 no virus found
NOD32v2 1968 01.09.2007 no virus found
Norman 5.80.02 12.31.2007 no virus found
Panda 9.0.0.4 01.09.2007 Suspicious file
Prevx1 V2 01.09.2007 no virus found
Sophos 4.13.0 01.05.2007 no virus found
Sunbelt 2.2.907.0 01.05.2007 VIPRE.Suspicious
TheHacker 6.0.3.146 01.08.2007 no virus found
UNA 1.83 01.09.2007 no virus found
VBA32 3.11.2 01.09.2007 suspected of Backdoor.Rbot.39 (paranoid heuristics)
VirusBuster 4.3.19:9 01.09.2007 no virus found

Aditional Information
File size: 451252 bytes
MD5: f611c1a003f3e622b4086798b018d577
SHA1: b91b4923cff77d2d44ac2ee202daf1e3b8114c59
packers: UPX
packers: ASPACK, ASPACK, ASPACK, ASPACK, UPX, UPX
packers: Aspack, UPX
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

hmm i changed both files but when i launch scriptvessel i get the message Sorry, the Scriptvessel Client is updated! Pls use the new one.
any ideas?

How the he** do I know whether a code is 5 bytes long or 2 bytes long ?

When I search for the line 10002895 I get this

.10002895: A09F78523D ??

How can that be TWO bytes !?

+karma , ty.. nice guide :D

TY I finish crak this +k for you^^

well Done , But wat's with The Scan's ._.

First the thing about virus/suspicious things, I have used the tools on the rar and i dont have my pc infected in any way(at last thas wath i think :D), but allways its good have an AV sofware and firewall instaled just in case... I think some av´s in the scans dot like the cracking tools, that happen before to me with some tools for web cracking so i think its the same here, other reason are the packers.

About the "virus" in agent king, this comes whit the program itself, you can scan the exe in anantasia post an you will get a warning about vipre. And i dont think that if you change 11 instructions in the exe you will implement a new virus:D.

In any way I will warning about the use of the tools.

I will answer the questions later, I gtg for now.

so ur mean how many address do we need to replace?
1 or 4 ?
can u write it down pls

Quote:

Originally posted by wbpuah@Jan 10 2007, 20:05 so ur mean how many address do we need to replace? 1 or 4 ? can u write it down pls

total is 15 adress 4 in agentking and 11 in the dll enki give the first adress after u need edit the next 3 adress and he give too the first adress of dll just need edit the next 10 adress (check the guide of cucurucho) for do that need check the guide of cucurucho

Welcom to use this Platform!
Logining......
Sorry, the Scriptvessel Client is updated! Pls use the new one.
Last login time:2007-1-11 9:11:22


This is the result when i try it.

I juz wonder in the last 11 address coz some code, when you i only see 1 nop even i have edited 2.

Quote:

Originally posted by bladefire@Jan 10 2007, 21:06 Welcom to use this Platform! Logining...... Sorry, the Scriptvessel Client is updated! Pls use the new one. Last login time:2007-1-11 9:11:22 This is the result when i try it. I juz wonder in the last 11 address coz some code, when you i only see 1 nop even i have edited 2.

u edit the next 3 adress in the same way how say enki? in AgentKing u Need edit the first four code in the guide of cucurucho the next 11 after this four need edit in the dll when u do this u work are done and this have work


[img]text2schild.php?smilienummer=1&text=Sorry Bad English' border='0' alt='Sorry Bad English' />

.10002894: 7490 je
.10002894: 90 nop

He said u need to nop but in this case i changed two 90 and i only see one nop.

I redo all my work and when it start it will close... :(

I edit 4 AG and 11 dll

Quote:

Originally posted by bladefire@Jan 10 2007, 21:37 .10002894: 7490 je .10002894: 90 nop He said u need to nop but in this case i changed two 90 and i only see one nop. I redo all my work and when it start it will close... :( I edit 4 AG and 11 dll

but the adress is 10002895 no 10002894

darn... sorry for my error, can u w8 for a little bit ill try it again.