============================================================================
TITLE:
Patching RegView 2.21a
============================================================================
TOOLS USED:
OllyDbg v1.09d(step 4)
Hiew 6.85
Brain (Preferably version human or above)
============================================================================
TARGET:
RegView v2.21a
============================================================================
LOCATION OF TOOLS AND PROGRAM:
http://www.grinders.withernsea.com/tools/odbg109d.rar
http://www.grinders.withernsea.com/tools/hiew685.rar
http://www.grinders.withernsea.com/tools/RegView v2.21a.rar
============================================================================
CONTACT INFORMATION:
Msn Messenger - jammysa@hotmail.com
Icq# - 46313648
Email Address - Merlin@accessroot.com
============================================================================
TUTORIAL VERSION:
v1.1 Corrected minor mistake 4th December 2003.
v1.0 Written 3rd of December 2003.
============================================================================
AUTHOR AND OTHER ALIASES:
Merlin

Nilrem2
Nilrem
Grimgnaw
Khulad
Khulad Illphukiir
(-~Merlin~-)
============================================================================
You can only use RegView a total of 30 times. So open and close it 30 times until you get the message "Maximum number of trials has been reached! To continue use of this program, you need to register now!", click ok, and you'll be presented with a Name and Serial box, enter any name and serial and click ok, you will see (if you entered the wrong one of course) the error message "Wrong register key!", write this down somewhere or remember it because it is what we will use to patch this program to accept any name and serial we give it.
Now close the program and start OllyDbg and open the RegView file. Firstly let's make things a tad clearer for us by right clicking, and choosing Appearance -> Highlighting -> Jumpsncalls. We will now search for the error message we recieved earlier, right click and select Search for -> All referenced text strings, maximize the new window, scroll to the top, select the top most line and right click, choose Search for text, and make sure Case sensitive and Entire scope are not selected. Type in "Wrong register key!" without the quotation marks, and you will be taken to:

Text strings referenced in REGVIEW:CODE, item 5476
 Address=0048D8B1
 Disassembly=MOV EAX,REGVIEW.0048DC3C
 Text string=ASCII "Wrong register key!"

Right click this line and select Follow in Disassembler. Now what we need to do is find what brought us here, so right click the line you land on:

0048D8B1   . B8 3CDC4800    MOV EAX,REGVIEW.0048DC3C                 ; |ASCII "Wrong register key!"

and choose, Find references to -> Selected command. There is only one there, which is where we currently are already, so this is no good to us, hopefully we'll find the right line just a bit above, I've got a feeling it'll be after the JMP (four lines up) because that is telling the program to jump to a different section of code:

0048D8A1   . E9 DF010000    JMP REGVIEW.0048DA85

let's try the one just below the JMP, which is:

0048D8A6   > 6A 00          PUSH 0                                   ; /Arg1 = 00000000

So, select it, and hit CTRL+R (shortcut to finding references to the selected commmand).
Ahh we find a JUMP if EQUAL to command:

References in REGVIEW:CODE to 0048D8A6, item 0
 Address=0048D885
 Disassembly=JE SHORT REGVIEW.0048D8A6

Select it, then press Enter (shortcut to follow in disassembler).
We see the following piece of code:

0048D885     74 1F          JE SHORT REGVIEW.0048D8A6

The 74 is the bit we're interested in, what it does is perform a JE, which means Jump if Equal to, so if our code equals a bad one it jumps to the "Wrong register key!" message box, if we changed it to 75 then that would do the opposite (Jump if Not Equal), but we want it to accept any Name and Serial we give it, even the correct one, so all we do is change the 4 bytes (74 1F) to 90 90 (NOP - No Operation).
Now remember/write down the address this is at, which is 0048D885, then click Debug -> Close so that we can alter the code in Hiew, otherwise if the program is already open, Hiew will be in Read-Only mode. Right, open up Hiew, then load up RegView, if it looks strange we'll have to change the mode (F4), so press F4 and choose Debug view. Then hit F5 (goto) we must put a "." without quotation marks before the address (0048D885) to locate an address, so once you've hit the goto key, type ".0048D885" without quotation marks and hit Enter. Now press F3 (Edit) and type 90 twice then hit Enter, if anything else comes up asking you to change anything else just press the Escape key. Now hit F9 to update the program, and F10 to quit. Launch RegView and type in anything you want in the Name and Serial box and hit enter, congratulations cracker! 8-)
Remember, if you like the program then buy it.
============================================================================
SHOUTZ AND GREETZ:
To my girlfriend Kyrstie for always been there for me! All the players and staff of DoB1 and DoB2, I hope DoB3 goes ahead! To Hoof Arted for inspiring me to write tutorials for OllyDbg, The creators of RegView, Hiew, and OllyDbg.
============================================================================