Cracking MS-FrontPage 98 Beta2
(Is Micro$oft kidding?)
by TWD
(15 October 1997)
Courtesy of fravia's page
of reverse engineering
Well, the question posed here by TWD (among others, I had quite a
lot of letters about this) is a serious one: Are our enemies at
Micro$oft just 'faking' protections, and in the reality intend to GIVE
AWAY FOR FREE their software in order to destroy all competition?
Well, as you
will be able to read more thoroughly in the main project 9 page... WHO CARES WHAT THEIR 'clever' STRATEGIES are...
We'll deprotect ALL Micro$oft programs, wherever they appear, whatever they use as a protection scheme... and if the road to success is to give away for free software, that suits us... good luck Billy! Either you give it out for free (which is nice) or we'll strip off its protections anyway (wich is also nice). Of course (cela va sans dire) we will never use your buggy overbloated software... we have not yet been lobotomised :-)
And now enjoy this quick crack by TWD and mail it to any luser that might eventually contemplate the possibility to buy FrontPage98... which he would not need anyway, since this target is now given away in its complete and unprotected version by Micro$oft itself...
Cracking MS-FrontPage 98 Beta2 3.0.1.726
First, sorry for my bad English.
I came to Fravia's page and had a look to the "Anti-Micro$oft"-project.
There were a lot of cracks for the MS-FrontPage. But they were very
long.
Cracking FrontPage is too easy to talk about it.
This protection scheme deserves the next "Stupid protection" - award.
If I know that a program expires after some time, the first thing I do
is to set a breakpoint to "GetLocalTime" using my beloved SoftIce
(ver 3.1) and therefore:
> bpx GetLocalTime
> bl
> 00) BPX KERNEL32!GetLocalTime
Now I start the FP-Explorer.
SoftIce first pops up in the "MSVCRT.DLL", but this is not the right
one.
Than we have breaks at "MSVCRT20.DLL" and the Explorer.
But the fourth time we come back to "MSVCRT.DLL". When we leave the
procedure we come to "MFC42.DLL". and if we leave this procedure too,
we are inside the deep waters of "FP30CUTL.DLL".
The way to accomplishment is long, so we have to
step through some lines of code and come to :
:67B2CD1D 3BC3 cmp eax,ebx
:67B2CD1F 0F85A4010000 jne 67B2CEC9 first jump to the exit
:67B2CD25 395DC4 cmp dword ptr [ebp-3C], ebx
:67B2CD28 0F859B010000 jne 67B2CEC9 second jump to the exit
:67B2CD2E 51 push ecx
:67B2CD2F 8B4DDC mov ecx, dword ptr [ebp-24]
The first jump is used if the time is over. The second jump is used
if FP-Explorer expired some time ago. The only thing to do is to NOP
both jumps or to change the first jump into "jmp 67b2cd2e" and some
other NOPs.
Now FP-Explorer and FP-Editor will work till you delete them.
It is a nice goal to damage Micro$oft, I'm trying this since I'm
cracking. The Micro$oft - protections are too silly to protect a
program.
It took me 3 minutes to crack MS-FP 98 and another 5 to create a
"crack.com".
I think they do not intend to protect really their programs, because
if they would, they would implement much tougher protections.
I conclude that they want to spam the earth with their silly, fat
programs.
(c) by TWD in 1997
mailto : twd.rulez@gmx.net
(c) TWD 1997. All rights reversed
You are deep inside fravia's page of reverse engineering,
choose your way out:
Back to Project 9
homepage
links
anonymity
+ORC
students' essays
academy database
tools
cocktails
antismut CGI-scripts
search_forms
mail_fravia
Is reverse engineering legal?