How To – Crack Winrar v3.xx

…:: Info ::…
Program - WinRAR v3.51
Location - www.rarlab.com
Cracker – Abe+!_D_Omni (Team -> No:WaRe$*)
Date - 17 – October – 2005
Tools used - W32Dasm / Patch Creator (CodeFusion & ResourceHacker)

…:: Intro ::…
Well this is my first tutorial…….
Got work in the morning, so i’ll keep it short
This tutorial was made with noobs in mind.
So I hope to point out that searching the ’str ref’s’ can be vital*!

…:: $tart ::…
Open up WinRAR.exe in W32Dasm (I use W32Dism, patched with extra features)
and search the ’str ref’s’ for anything that looks suspicious…..
I found ‘evaluation copy’ first, but there are loads of references that lead to the same cmp
cmp byte ptr [004A7004], 00
‘rarreg.key’
‘rarkey’
‘Registered to’
‘Evaluation copy’
‘Correct registration’
‘Thank you for your support’ etc etc..

The fist thing I did was patch the ‘Evaluation Copy’ value in hex
from 803D04704A0000
to 803D04704A0001…….
The 01 on the end is the variable for the compare,
So changing this will make the compare using the wrong condition.
It worked but still says ‘40 Day Trial Copy’ in the about box. There must be more cmp’s
So I decided to search for the compare in W32Dasm instead of a reference (cmp byte ptr [004a7004], 00)
There were loads,……. Why have the same compare for every one of the above??
They all seem related to the registration process.
So, maybe if I patch the whole lot it may make a difference.

…:: $earch the file ::…
Open up your favourite Patch creator, I use CodeFusion v3.0
The first page can be filled how you want, don’t forget to ‘Edit About Dialog’.
Then……

…:: Patching ::…
Click the + & add WinRAR.exe
Click the + & Enter the info….
Find – 803D04704A0000
Replace – 803D04704A0001
Make sure you select ‘Replace All’ from the dropdown box.
And click OK.

Run the patch on WinRAR.exe
It works*!
All references to the trial are removed & all features are enabled
Some times it pays to look for similar calls to different references.

…:: Cleaning up ::…
Now, if you want to remove the CodeFusion credits from your patch….

Before compiling the patch, Turn OFF
‘Encrypt Executable Data’ &
‘Pack Executable File’
or the data your looking for will be scrambled & dangerous to change.
Make the patch.
Open WinRAR.exe in a hex editor & search for…
-={ CodeFusion Runtime }=-

And replace, I use (same length)….
-={ Patch Presented By }=-

Then I used ResourceHacker to replace the icons & edit the text.
I use ResourceHacker ALOT. It’s good when used with CodeFusion.
You can add extra pictures, move the boxes around, chaange box names etc, etc.
Finaly, pack the finished Patch with a compression program. (Upx, AsPack, ARMProtector etc)

You should experiment with ResourceHacker it’s a great reversing program and has more uses than you may think.

…:: Changing the name in ‘About’ box ::…
I wanted to add my name in the about box, but couldnt find it in the .exe so I tried other options……….

I used FileMon to see if it checked for a keyfile by setting ‘key’ to highlight.
It showed 15 results pointing to ‘rarreg.key’

So I decided to put some text in the file it’s checking…..
Make a file called ‘rarreg.txt’
First I just entered…
I win
Cracked by Abe+!
And changed it to ‘rarreg.key’

But in the about box, it still said…..
Registered to
Cracked by Abe+!

So now I know the ‘Registered to’ will stay there, I have to add that first………
Registered to
Å߀±!_Ð_©mñí
¤ Tëàm -> Ñø:WãRê$ ¤

It works, time to roll a fat one*!
Well thats it. I have included all the programs needed to complete the tutorial.
I have used this method on the past four versions of WinRAR. And if it’s like WinZip, following versions
will probaly use the same method. (same idea, different addresses)

…:: Make It A Corporate Edition (no serial needed & extra programs) ::…
You can make a WinRAR Corporate distro by installing WinRAR, and adding ALL the files in the WinRAR folder to a new .rar archive.
Then right-click on the real WinRAR.exe installer & open in WinRAR. (Thats right, its just an SFX file!)
From here you copy the options in advanced to the WinRAR Corporate edition you want to make.
Remember to add any reg keys & startmenu shortcuts for extra programs!

PDF: How To Crack Winrar v3.xx