CuteDraw2.0 cracking note

CuteDraw is a very good flowchart creation software. The software is described as follows: CuteDraw is a new flowchart and Network Diagram Drawing Software. It is novel, small, and powerful, you can easily draw various professional business flowcharts, organization charts, business charts, program flowcharts, data flowcharts, and network topologies. It helps you more conveniently and

CuteDraw is a very good flowchart creation software. The software is described as follows: CuteDraw is a new flowchart and Network Diagram Drawing Software. It is novel, small, and powerful, you can easily draw various professional business flowcharts, organization charts, business charts, program flowcharts, data flowcharts, and network topologies. It helps you more conveniently and

CuteDraw is a very good flowchart production software. The software is described as follows:

CuteDraw is a new flowchart and Network Diagram Drawing Software. It is novel, compact, and powerful. It can easily draw various professional business flowcharts, organization charts, business charts, and program flowcharts, data Flow chart and network topology.

It helps you describe design ideas and create inspiration more conveniently and quickly. Full drag-and-drop operations are used in the design, and more than 600 common image template libraries and user-defined instance libraries are combined to simplify the user's workload; in your work, you can make full use of the inherent materials and learn from others' works.

Applicability:
Basic flowchart, network topology diagram, organizational structure diagram, Human Resources diagram, work flow chart, Business Chart, software design, 2D, 3D graph, plan/report, EPC, SDL, TQM, etc.

It seems that there is no cracked version on the Internet, and the protection is not bad, so I want to practice it for a long time

Note: debugging is purely interest and technical research. Please do not use it for illegal purposes. I am not liable for any legal liability arising from illegal use.

Restrictions: I don't know the functional limitations, but there is a time limit.

First use PEID to check the shell. ASPack 2.12-> Alexey Solodovnikov is just a compression shell. It went smoothly and ran smoothly with an error:

When I saw the snow, I found that some people studied it again but did not go into depth. I just needed to change the file after shelling to CuteDraw. exe can be done (dizzy, there can not change the file name), after the change can run, but once the line is automatically closed, with self-validation.

I followed it slowly, and there was no breakpoint, that is, I followed it with patience and found a code at 41f5ea.

003475ea |. FF15 58A05200 call dword ptr [<& mfc80u. #575>]; mfc80u. 7834DD87
0000005f0 |. 68 40425400 push 00544240; ASCII "224 H * y * @-qqwq"
0000005f5 |. 68 50425400 push 00544250; ASCII "! _ WIO) [] e3d | r @-"
003665fa |. 51 push ecx
004175FB |. 8D5424 38 lea edx, dword ptr [esp + 38]
0000005ff |. 8BCC mov ecx, esp
00417601 |. 896424 1C mov dword ptr [esp + 1C], esp
00417605 |. 52 push edx
00417606 |. FF15 CCA05200 call dword ptr [<& mfc80u. #280>]; mfc80u. 7830581E
0036660c |. 51 push ecx
0036660d |. C68424 000500> mov byte ptr [esp + 500], 20
00417615 |. 8D4424 34 lea eax, dword ptr [esp + 34]
00417619 |. 8BCC mov ecx, esp
00000061b |. 896424 50 mov dword ptr [esp + 50], esp
0034761f |. 50 push eax
00417620 |. FF15 CCA05200 call dword ptr [<& mfc80u. #280>]; mfc80u. 7830581E
00417626 |. C68424 000500> mov byte ptr [esp + 500], 1D
00000062e |. E8 3DA90500 call 00471F70
00417633 |. 83C4 10 add esp, 10
00417636 |. 85C0 test eax, eax

Looking at the two strings at segment 5f0 and segment 5f5, it looks like a CRC comparison. After comparing 417636 with EAX, It is a jump, drop it NOP, save it, and run it. The self-validation is done.

However, there is another test in the program. Once you enter the main interface, it will fail, but it doesn't matter. Here, you need to analyze the registration process of the program after shelling. If you do not need to do so, skip it :)

Click "register". After a period of time, the message "failed to register" appears. It looks like a MessageBox. Click the breakpoint and register again. No result ......

First, let's see if there are any prompts in the string reference and find

UNICODE "http://www.cutedraw.com/reg/activate.php" string, it seems there is network verification? Click "register" next to the breakpoint, and the program stops. The program accesses the URL and uses the GET Request Parameters order_id and machine_id. order_id is the input serial number, machine_id because it is different from each machine, it is directly accessed in the browser to return "ER104", continue with the program, the program contains the return value judgment, first determine whether there is a "ER" in the returned string ", if yes, different error messages will pop up based on different things in the future. Let the jump to the "OK" string and OK, prompting that the registration is successful. However, it seems that there is no response. The interface is still in the registration interface, or you have to click Continue trial to enter the main interface. It seems that this is not the way ....

Think about the registration reminder that it will pop up as soon as it is started, and there must be a local registration information for verification. It seems that the process of this software is first activated from the network through the registration code, and then compare it locally at each startup, which is strange. In fact, network verification is not so credible .... I found the relevant file and found a User in the Config directory. ini, which stores the registration information, so the next breakpoint GetPrivateProfileStringW, run, locate the location for reading the User configuration, and find that there is also a sf in use time. in the tmp INI file, the software will expire after a change, or you can use the software for another month after you delete the file -_-#. read User. the Pass field in Ini is a long string of registration code verification code. Because this is not very debugging well, you only need to find the key hop, after checking the registration code, the software compares whether the eax result is 1. If it is not 1, it is not activated. Therefore, you only need to judge whether there is

Change xor eax and eax to mov al. 1 is OK.

Or there is another way to change it.

001000094a |. E8 11100600 call 00478960
00000094f |. 85C0 test eax, eax
00417951 |. 0F85 85000000 jnz 0000009dc

Change to Jmp ipv9dc and you will be OK. Use KEYMAKE to make a memory patch and change this redirection.

The trial version is still displayed, but no activation prompt is displayed ,:

After the attack is completed, emphasize that if you want to use the software, please support genuine