Name:Byte Catcher 1.01 d Where: Type of protection:serial number Description:This is a neat little program that allows you to resume a download off of an ftp, even after disconnection, by just hitting the "Go" button. Some disadvantages are that it doesn't have a retry feature incase the server is full and you can't change the port number. Tools you will need to crack this program: Soft-ice 3.0 or better A piece of paper to write the correct serial # down How to crack this program: Step 1.)Load Byte Catcher 1.01 and select "About" from the "Help" menu. Step 2.)Click on register and fill out the information it asks for. I used this: 66696669 Manson69 mExElitE/c4n '97 DO NOT HIT ENTER YET!!! Step 4.)Press ctrl-D to enter Soft-ice and set a break point on hmemcpy by typing "bpx hmemcpy" (without quotation marks.) Step 5.)Leave Soft-ice by hitting ctrl-D or F5. Then hit "Ok." Step 6.)You will be back in Soft-ice now. Hit ctrl-D or F5 two more times to allow Byte Catcher to read all the information you entered in the boxes. Step 7.)Now hit F12 until you get out of the 16-bit protected code and into the 32-bit code. XXXX:XXXX <----4 digits followed by a colon and 4 more digits indicates that you are in 16-bit protected mode XXXX:XXXXXXXX <----4 digits followed by a colon and 8 more digits indicates that you are in 32-bit code. Step 8.)Now lets scan for the serial number that we entered. We do this by typing "s 0 l ffffffff 'your code here'" (without the quotation marks but WITH the ' ' marks.) My serial number was 66696669 so I entered: s 0 l ffffffff '66696669' It will then find you your code at a given address. My serial number was found at the address 013F:00A22FAC. Lets now set a break point on this memory location by typing: bpm 013F:00A22FAC <----Your memory address will probably be different Step 9.)Hit ctrl-D or F5 to leave Soft-ice and low and behold you are right back in Soft-ice! You will end up in code similar to this: 0137:00418936 8A02 MOV AL,[EDX] <--This moves what is in memory at EDX to AL 0137:00418938 3A06 CMP AL,[ESI] DS:0047B14C=37 <--This compares what is in memory at AL and ESI 0137:0041893A 751E JNZ 0041895A <--Acts as a result of the compare. This is the code that we need to be concerned with. The brackets around EDX and ESI indicate that you are dealing with thier what is in their memory location not their values. If you do a d edx and view the what is in memory on EDX you will see the code you entered. If you do a d esi you will see the correct code. Note down the correct code,type "bc *" (without quotation marks) to clear all break points. Then enter the correct serial number in place of the one you entered and hit "Ok" and it will register! Final Notes: If you try don't enter the correct serial number, but change the registration name and company and follow these steps over you will see that the registration code doesn't change. This program has one universal registration code. Which mean that you can enter the same serial number with any name and/or company and it will register! Due to this fact a key maker/ generator or crack/patch is not needed. Hope that this tutorial worked for you! Acknowledgments: I would like to say thanks to all the members and regular visitors of the mExElitE/c4n '97 group and channel. This tutorial was written by: Manson69 of mExElitE/c4n '97 I can be found on IRC (Efnet) everyday in: #cracking4newbies the mExElitE/c4n '97 official channel.