Sunday, 31 January 2016

                                    Building your own super computer

If you fancy getting stuck into tasks such as this, you could buy dedicated hardware from the likes of HP or Cray, but this is probably overkill, and would certainly be tremendously expensive. The Cray XK6, for example, can perform more than one petaflop, but system prices start at around half a million dollars. A cheaper option is to make use of hosted computing services such as Microsoft Azure or Amazon Web Services. But if you want to own and control your own hardware, a home-brew approach can provide a usable measure of supercomputing power at a comparatively realistic price.

What does a homemade supercomputer look like? As we’ve noted, there’s no formal definition of a supercomputer. One thing that’s likely to characterise your hardware, however, is parallelisation: historically, parallel processing is the means that has allowed supercomputers to achieve their exceptional levels of performance.

Almost every modern CPU on the market has two or more physical cores built directly into the chip package so arguably you could install a mainstream CPU in a regular motherboard and call it a supercomputer. Indeed, a modern Core i7 system will deliver computing power on a similar scale to that of a real supercomputer from 20 years ago, such as the Intel Paragon, which cost a million dollars and filled half a room.

However, the term supercomputer implies something beyond the norm, and these days, an eight-core system is comparatively run-of-the-mill. A 16-core system might qualify. A 48-core system? Now we’re getting somewhere.

How do you go about assembling a system like this? One option is to invest in a motherboard that supports multiple processors. Another is to combine many computers into a cluster that functions as a single supercomputer. Alternatively, you could look beyond the CPU to add-on cards that place huge quantities of raw number-crunching power in the hands of the CPU. Or you could use the hundreds of stream processors on a graphics card to the same end. Let’s look at each of these approaches in turn.

Multiple CPUs

Mainstream desktop chips aren’t ordinarily used in multiprocessor configurations, and you’ll find very little hardware support for doing so. If you want to run multiple CPUs in parallel, you’re basically limited to workstation or server architectures. On Intel hardware, this means LGA 2011 chips, most of which come under the Xeon brand. If you prefer AMD, you can use the still-supported Socket G34 platform, or the newer Socket C32 that supports the latest Opteron models.

None of this is cheap – the hardware is aimed at businesses, which are typically willing to pay for heavy-duty hardware. Dual Intel socket 2011 motherboards start at around $350, and processors at $300+ each for the Core i7-3820. Move up to the top-of-the-range eight-core Xeon E5-2690 and you’re looking at much more.

This approach has one major benefit, however: Windows is designed to “just work” in multiprocessor environments, so any program that can make sensible use of a dual-core processor should automatically scale up to run in a 16-core environment. This makes a multiprocessor model appealing if you want to use your supercomputer to run mainstream multithreaded applications such as 3D-rendering tools or media encoders.

Forming a cluster

The multiprocessor approach has limitations. Once you’ve installed your two expensive processors in your expensive motherboard, there’s almost no scope to expand organically; you could install more RAM, or swap out your processors for a pair of more powerful models, but basically what you have is a closed system. A more flexible approach is clustering.

A cluster is a group of computers, typically connected via a local area network, which acts as if it were a single system. Clusters can be used for all sorts of purposes, such as providing load balancing and fault tolerance for network services, but the model lends itself particularly well to supercomputing applications. Indeed, a clustering approach has been the basis of most of the best-known supercomputers in history, including Fujitsu’s world-beating K computer.

The philosophy behind supercomputing clustering is simple. One physical (or virtual) machine is configured as the “master” system or the “head node”, and it’s on this system that the main application code runs. The other nodes do nothing but sit and wait for the master system to delegate workloads to them; when these are received, they do the work and return the results as quickly as possible.
A computational cluster can be seen as a macrocosm of a multiprocessor system, with multiple computers working on their individual tasks in parallel.

The difference is that nodes can be added to your cluster, or removed, as easily as connecting a new PC to a network; and, what’s more, there’s no requirement at all for the node hardware to use any particular architecture. If you wanted, you could assemble a cluster from a mix of systems including laptops, workstations and high-performance servers. The only requirement is that each node is running suitable client software.

Arguably, the best-known examples of computing clusters are the SETI@home and Folding@home projects – but the term “cluster” more usually implies a centrally managed system (projects that combine the power of remote computers are referred to instead as “grid computing”).

The nodes of a cluster are also usually connected via a much faster link than a regular internet connection, to minimise the latency involved in sending workloads back and forth. In your home cluster, that might be Gigabit; the K computer uses a proprietary interconnect called “Tofu”, which provides 100GB/sec of bandwidth.

Windows-based clusters can be assembled quite easily using the Windows HPC Server 2008 operating system, and Microsoft provides guidelines for creating “cluster-aware” applications that will make use of cluster resources when run on such a system. Alternatively, there are various free Linux distributions that are designed for clustering, such as openMosix and ClusterKnoppix. These provide a user-friendly experience that makes it almost effortless to set up a cluster of any size using the popular Beowulf system.

Whichever route you choose, however, one limitation that you’re likely to encounter is a dearth of pre-existing applications that are designed to make use of cluster resources. This isn’t necessarily a problem, as supercomputer tasks are typically carried out by bespoke code (see Supercomputer coding, p86).

Intel’s Knights Corner squeezes 48 CPU cores into a PCI Express card

Add-on cards

The cluster approach is flexible, but quite wasteful – it basically means leaving an entire computer switched on and drawing power when you’re typically making use of only a few functions of the processor. A more energy-efficient approach is to mount a large number of processor cores on one expansion card and use these cores as a virtual cluster.

This was the thinking behind Intel’s ill-fated Larrabee project, which sought to integrate 32 x86 cores – processor cores such as you might find in a regular PC – onto a single PCI Express card. An early demonstration of the hardware showed a Larrabee card achieving performance of just over one teraflop, and the idea was that its huge parallel-processing power could be used to render complex, high-quality graphics in real-time.

Larrabee couldn’t be made to work as a graphics-orientated product, and the project was officially shelved in 2010. But Intel kept working on a more general-purpose Larrabee-type architecture – called the Many Integrated Core architecture, or MIC for short – which could be used for any sort of parallel processing. A prototype 32-core PCI Express card, codenamed Knights Ferry, was trialled in 2010 at the Leibniz Supercomputing Centre and at CERN, and proved capable of providing around 750 gigaflops of computing power. Its successor, codenamed Knights Corner, is expected to go on general sale later this year, and will probably sport 48 cores or more.

Knights Corner looks set to be a neat and power-efficient way to turn your desktop PC into a supercomputer, but it’s a specialist market, so hardware costs are likely to be steep: it could actually work out cheaper to buy an entire cluster of multicore PCs. And the applications you run will need to be written specifically for parallelised execution.

GPU options

Your last option for supercomputing is to eschew conventional CPU cores entirely, and instead exploit the power of your graphics card. After all, the shaders in a GPU (or stream processors, as they’re also called) are designed to carry out large numbers of calculations in parallel at very high speeds – which is exactly what supercomputers are traditionally best at doing. As we’ve noted above, supercomputers have often been used by professional studios for rendering 3D scenes.

GPUs offer far greater parallelism than CPUs. While a high-end CPU might have eight cores, even a mid-range desktop graphics card typically has more than 100 stream processors, and today’s high-end models have more than 2000. This enables a top-of-the-range AMD Radeon HD 7970 to turn over nearly four teraflops – almost 40 times the computational power of a Core i7-980X. Note that GPU performance is typically cited in terms of “single-precision” calculations, which can lead to rounding errors. Working with double-precision values, for accuracy comparable to that of a CPU, roughly halves performance.

Even so, using graphics hardware is vastly more economical than conventional processors. The reason GPU stream processors are so cheap by comparison to CPUs is that they’re massively simpler – their capabilities are largely limited to performing straightforward mathematical operations. A GPU would be very ill-suited to running applications, but for supercomputing it’s just the ticket.

Since GPU architectures are fundamentally different to CPU designs, applications must be written specifically to use the GPU as a computing resource (an approach known as GPGPU, short for “general-purpose graphics processing unit”, computing). However, this needn’t mean learning a whole new programming paradigm. Nvidia cards use what’s called the Compute Unified Device Architecture (CUDA), which means that they can be programmed in a variant of C – and, with recent hardware, C++ – with extensions to access GPU-specific functions.

Windows programmers can alternatively make use of a library of DirectX functions called DirectCompute, which sends tasks to the graphics hardware. A third option is OpenCL, which can be used to create GPU-bound functions in a C-like language. Both frameworks will work on any AMD or Nvidia graphics card, and even with Intel’s integrated GPUs, so your code needn’t be tied to any platform.

If you choose to take the GPU route, you can start very cheaply with mainstream hardware. But both Nvidia and AMD also offer premium cards designed specifically for GPGPU applications (branded “Tesla” and “FireStream” respectively). These include performance optimisations that are potentially valuable to the supercomputing market, such as improved performance in double-precision calculations, giving them even more of a lead over conventional desktop processors. These cards aren’t cheap – a Tesla model with 512 stream processors could cost around $4000. But it’s still cheaper than 512 CPU

Thursday, 21 January 2016

                                   ANDROID SECRET CODES
  *#*#778O#*#* = Factory Data Reset
    *#*#I472365#*#* = Starts a Quick GPS Test
    *#*#0673#*#* OR *#*#0289#*#* = Starts Audio Test
    *#*#2664#*#* = Starts Touch Screen Test
    #’#273283*255*663282*#*#* = Backup Media Files
    *#*#0283#*#* = Starts Packet Loopback Test
    *2767*3855# = Reinstalls The Phones Firmware & Format Your Phone
    *#*#232339#*#* OR *#*#526#*#* = Starts Wireless LAN Test
    *#*# 1575#*#* = Starts Different GPS Tests
    *#*#4636#*#*‘ = Shows Complete Information About Your Phone
    *#*#2663#*#* = Shows Touch Screen Version
    *#*#232337#*# = Displays Bluetooth Device Address
    *#*#4986*2650468#*#* = Shows PDA, Phone Hardware, RF& Call Date
    *#*#44336#*#* = Displays Build Time
    *#06# = Displays IMEI Number
    *#*#8255#*#* = Google Talk Service Monitoring
    *#*#I II I#*#* | *‘#*#2222#*#* = Shows FTA Software Version & FTA Hardware Version
    *#*#3264#*#* = Shows ROMVersion
    *#*#23233I#‘*#* = Starts Bluetooth Test
    *#*# 1234#’#’ = Shows PDA & Phone Firmware Information
    *#*#0*#*#*= Starts LCD Display Test
    *#*#0842#*#* Starts Vibration & Backlight Test
    *#*#0588#*#* = Shows Proximity Sensor Test
    *#*#232338#*#* = Shows Wi-Fi Mac Address
    *#*#7262626#*#*= Shows Field Test
    *#*#34971539#*#* = Shows Camera Update
    *#*#19732840#*#* = Enables Test Mode
    *#06# – Shows IMEI number
    *#0*# – Shows Service Menu (Galaxy S III + )
    *#*#4636#*#* – Shows Phone Information,Usage Statistics &Battery Information
    *#*#34971539#*#* – Shows Detailed Camera Information
    *#*#273282*255*663282*#*#* – Immediate Backup of AllMedia Files
    *#*#197328640#*#* – EnablesTest Mode For Service
    *#*#232339#*#* – Wireless LAN Tests
    *#*#0842#*#* – Backlight & Vibration Test
    *#*#2664#*#* – Touch Screen Test
    *#*#1111#*#* – FTA Software Version (if 1111 does not work try 1234)
    *#12580*369# – Software &Hardware Information
    *#9090# – Diagnostic Configuration
    *#872564# – USB Logging Control
    *#9900# – System Dump Mode
    *#301279# – HSDPA/HSUPA Control Menu
    *#7465625# – ViewsPhone Lock Status
    *#*#7780#*#* – Resets The Data Partition To Factory State
    *2767*3855# – FormatsDevice to Factory State (will delete everything on phone)
    ##7764726 – Hidden Service Menu (forsome Motorola Droid series)
    *#*#7594#*#* – EnablesDirect Powering Down of Device (once this code is entered)
    *#*#273283*255*663282*#*#* –Quick Backup of All The Media Files On Your Android Device
    *#*#232338#*#* – Shows Wi-Fi MAC Address
    *#*#1472365#*#* – Performs a Quick GPS Test
    *#*#1575#*#* – For a More Advanced GPS Test
    *#*#0283#*#* – Performs a Packet Loopback Test
    *#*#0*#*#* – Runs a LCD Display Test
    *#*#0289#*#* – Runsan Audio Test
    *#*#2663#*#* – ShowsDevice’s Touch Screen Version
    *#*#0588#*#* – Performs a Proximity Sensor Test
    *#*#3264#*#* – Shows RAM Version
    *#*#232331#*#* – Runs Bluetooth Test
    *#*#232337#*# – Shows device’s Bluetooth Address
    *#*#7262626#*#* – Performs a Field Test
    *#*#8255#*#* – Monitors Google Talk Service
    *#*#4986*2650468#*#* – Shows Phone, Hardware, PDA, RF Call Date & Firmware Information
    *#*#1234#*#* – Shows PDA & Phone Firmware Information
    *#*#2222#*#* – Shows FTA Hardware Version
    *#*#44336#*#* – Shows Build Time &Change List Number
    *#*#8351#*#* – Enables Voice Dialing Log Mode
    *#*#8350#*#* – Disables Voice Dialing Log Mode
    ##778 (+call) – Shows EPST Menu
    *#*#7594#*#* – EnablesDirect Powering Down of device once this code is entered
    *#*#232338#*#* – Shows Wi-Fi MAC Address

Specific Codes for HTC devices:-

    *#*#3424#*#* – Runs HTC Function Test Program
    ##786# – Reverse Logistics Support
    ##3282# – Shows EPST Menu
    ##3424# – RunsDiagnostic Mode
    *#*#8255#*#* – Launches Google Talk Service Monitor
    ##33284# – PerformsField Test
    ##8626337# – Runs VOCODER
    *#*#4636#*#* – Shows HTC Info Menu

Thursday, 7 January 2016

Today the dark seals would like to share with you a list of free apk that you can create from here is a sample no codeing knowledge is required
ultimate stream app
Dark seals app
joshxperia browesr
NB These hacking apps were not created via appgyser we just wanted to share them with you
Here are some free hacking apps for free download
droid pentest
fing app

Tuesday, 5 January 2016









    profier keys portable edition










                                            Introduction to the world of cracking
                                         A beginners tutorial written by ceobadman


What is cracking?
Cracking is how i like to say a art a xpression.Everyone can handle it.But not everyone can do the best of it.If you like to crack you`ll see that it isnt easy to understand at first but after recieving some experience and knowledge it is incredible.If you have learned the real cracking you arent only a cracker.You are more then a cracker.With the art of cracking you`ll gain more knowledge about your PC the programms you running on it and how they work.You`ll understand how a programm works and how to manipulate it that it can be usefull for you.And it dont mean that it`s illegal.
Offcourse it`s not 100% legal but it can be usefull for you in your later life.You have experience about the ASM-Code understand the function of programms and other applications and maybe it bring you up to a programmer?Who knows.But at first you`ve to learn it step by step.I`ll help you with my tutorials and i hope you understand the way how i explain it.Excuse my english i know its not the best but i`ll do my best.

Step one:

What do we need to crack?May i need some knowledge about assembler or anything else?
No.I made this tutorial for all the beginners in the net who dont understand anything about
ASM-Code or the internal function of applications.Like you and everyone else i also started with cracking some time ago.And it tooks much of my life time to what i know today about cracking.
I think there are many tutorials which are good and i dont wanna say anything against them.
But i think the most tutorials are quick written memory killer with which you cant do anything.
I always had the problem that i dont understand what they mean.Like what is a nop or what mean the je,eax,jump signs.What they mean with jump to badboy and replace the jump if not equal with the jump if equal command.All these things and many more makes me sometimes worry about what i want to learn.I thought that i`ll gave up and forget the thing with cracking.But everytime if i do that some time later i cant and have to learn the way of cracking.Yes sometimes you`ll think oh man what do you mean it doesnt work!But dont give up.Everyone passed this point of time and you`re not the first and will not be the last one.You have to learn again and again.And then at any time you`ll see that it was good what you`re doing all the time and you`ll be proud about it.

The software we`ll need:

At first the only thing we`ll need is W32Dasm8.9 (a Windows disassembler) and HIEW (its a good Hex-Editor i think it`ll be the best for you at first).Thats all.In the following tutorials (i hope there`ll be any of me) i`ll explain how to work with soft-ice and how to handle the asm-code.But at first you need as a beginning cracker only the two things.

Some knowledge at first:

As you know its not very easy to handle all the asm-codes and i think you dont know much about them.So i`ll explain the most needed commands.
There we have to know that every two numbers in asm-code are representing one byte.
Like the number 75564345 = 4bytes.The 75 is one byte the 56 is one byte the 43 is one and the 45 is one byte.So we have 4 bytes leading the command at this point.If we want to replace them later we now know that we have to replace always two numbers with two other numbers.Like the 75 (in hexadezimal it stand for jne.Jne means jump if not equal) we can change to 74 (in hexadezimal it stand for je.Je means jump if equal).This in most of times is enough to crack a game or to register a programm so it`ll not say "sorry invalid password" or something else (please dont think its so easy i take it as a very simply protection).Cause if we change the value of 75 (jump if not equal [means that the application is checking something like if there is a cd present in drive or is it the same password like saved in the programm and if it isnt right like there is no cd in drive or the password you entered is not valid it will jump to "BadBoy" and the programm pop up you the error message] by the way "BadBoy" is in cracker language something like the one dude who call the error message)
to 74 (jump if equal so the programm think there is a cd in drive or the password is valid and will jump to "GoodBoy".GoodBoy is the one who makes the way clear).You`ve to manipulate the application so it think there is a cd present or password is valid and it continious with the programm.Remember that the exe runs up to down.So the commands which call the error messages are placed before the error messages.The only thing i mean is that if you found the error message (i`ll explain later how to do it) you have always look up in the asm-code not down.Its like you.If you read a book or a text you start on line one and read your way down.The programm do the same.It checks from line one of the asm-code to the end of the code if there is all correct.And if it found at line 9 a error it jumps down to the "BadBoy".It cant jumps up cause there he checked everything and there arent complications.So if you found the error message look up (before it) and you`ll find the command which call the error message on the screen.Ok now some things about the numbers and things you`ll see if you disassemble a exe (here are only the needfullest things you`ve to know at this point of time):
je (hexadezimal is 74) = Jump if equal
jne (hexadezimal is 75) = Jump if not equal
nop (hexadezimal is 90) = No operation
call (no random hexadezimal) = call a operation
jmp (no random hexadezimal) = jump to string/operation
This are the five basics we`ll need at first.The other i`ll explain in later tutorials when you gain more experience in asm-code.
Ok now we`ll take a look what does they do in a asm-code string.

Je (Jump if equal) jumps to a operation if he found what he check.
The game need a cd to start the main game.So the "jump if equal" je command check if there is a cd in drive.If there is a cd in drive he`ll continous and give a information away to the commands after him.Thats a equal operation.The cd was found (equal) and it continous in asm-code (jump if equal).

Jne (Jump if not equal) jumps to a operation (most times BadBoys that mean,to the error message you`ll recieve on your screen) if he dont found what he check.
The game need a cd to start the main game.So the "jump if not equal"jne command check if there is a cd present in drive.If not he`ll jump to a "BadBoy" and you`ll recieve the error message on screen like "Cannot find CD in drive.Please insert CD and click on OK."
Thats a "jump if not equal"operation.The check failed (cause he dont find a CD in drive) and he jump to the "BadBoy" and the "BadBoy" end the load process and let the error message be shown on your screen.

Nop (no operation) a nop command kill the current operation like checking after CD in drive or checking if password valid.
The game need a cd to start the main game.Its like before cause you set the nop command.
You can replace the jne/je/call/jmp commands with a nop command.The nop will then disable the jne/je/call/jmp command this mean that the programm dont check if a cd is present in drive and continous in asm-code.The game run (you can do that but its also a style for simply cd protections).

Call (Call a operation) a call command do what his name say.He call a command what can be a error message,a nag screen...This you can disable with a nop command.
I dont know what i can say more.

Jmp (Jump to a string/operation) a jmp command is like a call (not the same can say it is) he dont call commands but jump to them.
The jmp jumps to a string/operation which will call a error message or to a BadBoy...The jmp
you can also disable with a nop command.

I think thats all you`ve to know for now about the commands in asm-code.In this tutorial we`ll handle only with these few commands.Thats enough for you at first to crack simply protections (no matter if cd or password).

About protection shemes:

There are enough protection styles you`ve to learn about and to learn how to disable them.
We have "normal" cd protections (a game is looking if there is a cd present if not it`ll not start the game),password protections (you`ve to enter a valid password [most times you find them in trial versions] if you dont enter a valid password you cant register or start the application),
time locks (most times in trial versions.You have some time to test a programm like three weeks and after the time it wont start/show a error message/you`ve to enter a password to unlock it),and in unusually times you`ve to get a unlock software from the programmer (the programm wont work without the +software of the distruber.This kind of protection is hard to find).Thats are the most usual protection shemes you`ll find on your way to a real cracker.
The easyest protections for us to crack are windows error message boxes (i think so).
Its a windows message box which will be shown on your screen with any text if you havent got a cd present or a valid password.This kind of protections you can see in EA applications like NFS/Fifa Soccer/NHL....Its very easy to crack cause the only thing you`ve to do is to kill the window (most times with a nop command or change je to jne /jne to je).Also we can find this kind of protections at password locked applications.If you enter a invalid password you`ll recieve a windows message box too which include a text like "invalid password" or something else.Then we`ve ingame error messages which are harder to crack.Cause W32Dasm show you only the windows box messages and not the ingame messages.For this kind of protection we need soft-ice debugger (i`ll explain in later tutorials how to use soft-ice).This kind of protection you can see in games like Commandos/Grand TheftAuto/Descent Freespace.And the timelock protections can be shown to you as a windows box and as a "ingame" error message(i`ll call them NAG screens).Those kind of protection you can see in Paint Shop Pro.
In this tutorial i`ll show you how to disable the windows message boxes with W32Dasm version 8.9 and with Hiew.We`ll crack WinRAR and WinRAR95 (may be a game too like Anno1602 or anything else i dont know how much time i`ll get and if the tutorial wont be too long).

Beginning with cracking:

Now lets start with the main thing you want to learn.Cracking.I`ll show you now how to handle the basic commands of W32Dasm89 and Hiew.We`ll crack now WinRAR95.exe (we`ll make a full registered version of the trial).At first we start the programm.We`re in.
What can we see?At first we can see on top of the window "WinRAR (unregistered version)"
Thats very good for us cause the "unregistered version" status behind the "WinRAR" tell us
that it is unregistered and that it`ll be not shown if it registered.Now we click on "Options"
and then on "Register".Now you can see a windows box (these kind of boxes i mean which are easy to crack for us).Now enter in the text boxes what you want like as a name "Test" and as a number "12345" and click on ok.You`ll hear a sound and another windows box pops up which tell you "Registration Failed".Thats all we want to know.Close WinRAR95 and go to your Ms-Dos box.Now in Norton Commander (you can use windows commander too) make from your WinRAR95.exe two copies.One of them named WinRAR95.w32 (for W32Dasm89) and one named WinRAR95.exx (a saved copy if you change wrong bytes).
Now i`ll exlpain why we do these copies.Its very easy.If you disassemble a exe like WinRAR95 and you`re working in W32Dasm89 you cant run the WinRAR95.exe as the same time in Hiew or in Windows Explorer.You make a second copy named WinRAR95.w32 (you can call it like you want no matter but its good that you see its for W32Dasm89).This copy you`ll disassemble with W32Dasm89 and you can everytime start the original exe in Windows or change the bytes in Hiew.The second copy WinRAR95.exx is only a save recovery copy.If you change wrong bytes in Hiew or anything else so that it wont run you can rename the WinRAR95.exe with WinRAR95.exx.And try it again (remember its always "try and error" technique).Ok if you make the two copies start W32Dasm89.Now click on the first button on the top (or click on Disassembler and then on "Open file to disassemble".A window pops up and you can chose the file you want to be disassembled.
Change your directory to your WinRAR directory and click on WinRAR95.w32.
Now W32Dasm starting the disassembling process (if you have low system memory or low HD memory it`ll take some time).You can always click on the button in the midle of the screen called "Cancel Disassembly" which will abort the disassembling process.If the exe is disassembled it may be that you see no "normal" signs but WinDings written lines.
Dont worry you can change your font.Click on "Disassembler" then on "Font" and at least on "Select Font".Now you can chose the font you`ll use in W32Dasm89.I think the best one is Arial.Change the font.Now you have your selected font present in W32Dasm89.Click a second time on "Disassembler" "Font" and then on "Save default Font" (if you dont do that at your next disassembling file you`ve to change the font a second time).Now you see the asm-code.It will not tell you much cause you dont know what all the commands mean.Now click on the button next to the "Print" button called "Strn Ref" (String Data References).A window pops up.Now you can see all the error messages you can recieve from the exe.Do you remember what does WinRAR said if you entered the wrong code?It said "Registration Failed".Now look at the text and search for the message.Got it?Double click on it.In W32Dasm you`ll be warped to the position in the asm-code where it let pops up the error message you`ll recieve on your screen when you entered the wrong code.
If you make it right you`ve to look at a screen like this:

:00413A8F 6A6A                       push 0000006A
:00413A91 E863640000                 call 00419EF9
:00413A96 59                        pop ecx
:00413A97 50                        push eax
:00413A98 FF7508                    push [ebp+08]

*     R e f e r e n c e     T o :     U S E R 3 2 . M e s s a g e B o x A ,      O r d : 0 0 0 0 h
:00413A9B E8120B0100        Call 004245B2
:00413AA0 33C0              xor eax, eax
:00413AA2 A358674200         mov dword ptr [00425758], eax
:00413AA7 A338564200         mov dword ptr [00425638], eax
:00413AAC A34C564200         mov dword ptr [0042564C], eax
:00413AB1 EB56              jmp 00413B09

* Referenced by a (U)nconditional or (C)onditional Jump at Adress:     <---------This is our one

* P o s s i b l e    S t r i n g D a t a    R e f    f r o m    D a t a   O b j     - > " Wi  n R A R "

:00413AB3 68D86A4200           push 00426AD8
:00413AB8 FF359C644200         push dword ptr [0042649C]

*   R e f e r e n c e  T o :     U S E R 3 2 . S e t  Wi  n d o wT e x t A ,     O r  d :  0 0 0 0 h

:00413ABE E86B0A0100          Call 0042452E

* P o s s i b l e  R e f e r e n c e  t o  S t r i n g   R e s o u r c e  I D = 0 0 0 4 8 :   " n o r m a l "

:00413AC3 6A30               push 00000030

* P o s s i b l e  R e f e r e n c e  t o  D i a l o g : A R C I N F O D L G ,  C O N T R O L _ I D :  0 0 6 C ,       " "

This asm-code you`ve to see on your screen if you doubleclick on "Registration Failed".
Now you can remember what i said some lines before.The asm runs from top to bottem (i like call it T2B hehe).That means that the jne/je we have to change is anywhere up.But who
we know which it is?Now we can try to change everyone we see (like try and error) or we use the "Goto CD Loc" (Goto code location) button on the top.We click on it and a little window pop up.On bottem right of the window is a text box "Code Offset (Hex)".Now we take a look on the asm-code.We can see the line "* Referenced by a (U)nconditional or
(C)onditional Jump At Adress:" then the line next where is the adress we have to know
"|:00413A82 (C)".Thats the number we have to enter in the code location window its 00413A82.At this adress we`ll find the jump which will send us every time to the error message if we enter the wrong code.Click on ok in the code location window.
Now you are anywhere up in the asm-code.The Bar is on the line which let us jump to the message.Its a jne (jump if not equal).The Bar changed his color to green (he`ll do that only at jump/calls.Now look down on the bottem of the screen.There is a line which looks like:

Line:34985 Pg 467 of 998 Code Data @:00413A82 @Offset00013082h in File:Winrar95.w32

The only thing what we`ve to remember is the number after the @Offset.Its 00013082 (the Bar have to be on the jne).Write it down (you dont have to remember all the 000 its enough when you remember only 13082.Ok now go to HIEW (you dont have to close W32Dasm).Its no matter which kind of exe you start (if H.exe or H95.exe).In HIEW (its like Norton Commander) you can trace through the directorys.Go to your WinRAR directory and click on your WinRAR95.exe.Hmm dont know what that is huh?Click on F4 (select mode window) and then chose "decode".The screen change.You can now see all the jne/je/eax..commands
and have to click on F5.On the top left corner you can now enter the @Offset number (you wrote it down a few seconds before).Here its no matter if you type the 000 or if you type only 13082.Type 13082.You are at the jne command.Now click on F3 (edit).Now you`re able to change the value.Change it from 75(jne) to 74(je) and click on F9(update).Then click on F10.
You have changed the value of jne.Now you can test if it work.Click on your WinRAR95.exe.
The programm start.Now do the same like before.Go to registration and enter any name and code.Click on ok.What happens?No more error messages?A pop up window display that your registration was successfull.The message on the top next to WinRAR was killed (Unregistered Version) and you`re fully registered.Ok.That was the one way.But there is a second.Also we can kill the Unregistered status on the top of the window.We`ll do that now.
Load your uncracked save copy of WinRAR95.If you start it you can see on the top a message which tells you that its a (unregistered version).Go to W32Dasm and load your WinRAR95.w32 file.Now click on String Data References Button.Look for "(unregistered version)" (it have to be exatly (unregistered version) cause there are two of them!).Do you found it?Doubleclick on it.You was warped to the point where is it.Its like before.You have to do the same thing like before.You see the "*Referenced by a (U)nconditional or (C)onditional Jump At Adress:" line?Click on "Goto code location"button and enter the number.Its
00418AAA  and click on ok.You was warped to the point which let the asm-code jump to the message if it is not registered.Its also a jne (jump if not equal) command.Write down the @Offset number its 000180AA (you can leave the 000 alone).Go to HIEW, load your WinRAR95.exe, click on F4 (decode),  then on F5 (goto), enter 180AA and click on enter.
You`re at the jne command.Change the value of jne to je (75 to 74) save it and leave HIEW.
Remember that if you want to manipulate a exe like WinRAR you have to close winRAR on Windows desktop or you`ll recieve a message like "error only read mode".Now if you changed the value you can test if it works.Start your WinRAR95.exe and you see that the message is no more.We killed it.Now you have no message on the top and you can enter any name and code and it`ll unlock WinRAR95.The same way you`ve to do on normal WinRAR.Everytime if you want to crack a simply protection you can use this way.Change jne/je to je/jne.Or to nop it.

Remember the basics:

You have to remember the basics.If you want to crack a game or a application start it and look which kind of error message you recieve.If it is a Windows Message Box you can crack it with W32Dasm.If it is a ingame error message you`ll better crack it with soft-ice debugger.
Remember the error message and make to recovery files of the start.exe.One called *.exx (if you nop or manipulate anything wrong so it wont run or have any errors you can rename it with the original exx file) and one called *.w32 (this file is for W32Dasm you have to use it for disassembling it with Wdasm).Then go to W32Dasm and disassemble the w32 file of your start.exe.If it is disassembled click on String Data References button and look out for the error message (you can also click on search and enter your keyword like sorry or unable...)
you recieved on the screen.If you find it doubleclick on it.On the asm-code enter the *Referenced by a (U)nconditional or (C)onditional Jump At Adress: number in the Goto code location window.Once you was warped to the location write down the @Offset number (you can leave the 000).Start HIEW and load the exe.Click on F4 goto decode.Click on F5 enter the @Offset number (no matter if you do that with the 000 or without them).If you was warped to the place where is hidden the jne/je/jmp/nop you can change the jne to je or the je to jne or you can nop a jmp/call (you can also nop a je/jne command but before you do that try if it run with changing the value).Save it and leave HIEW.Start your programm and see if it works.If not you make something wrong.Try to nop or change other values.If there is no Referenced by a (U)nconditional or (C)onditional Jump At Adress: number you have to trace some lines up and look out for call/jmp/jne/je commands you can nop or change.

How to nop:

Now i`ll explain how to nop commands.Nop stand for "No Operation".If you get any call/jne/jmp/je command you can nop it.The rules for nop are:every two numbers are one byte.That means if we have a number like E8992344 we have there 4bytes which wanna be changed.E8 is one byte 99 is one byte 23 is one byte and 44 is one byte.Replace the number with 90909090.If you do that in HIEW dont be worry when you enter the first 90 that it flips one line down.Enter three 90 again and save it.Also you can nop a 7456 (je) with 9090
or a 7589 (jne) with 9090.No matter if it is a jne/je/jmp/call.Sometimes you`ll see je/jne commands in numbers like F5848976 (i dont know if it is the correct command but i want to show you what to do if you see anytime a long je/jne command like this) at this point you can change only the 84 after F5 (84 is like 74 = je) to 85 and otherwise (85 to 84).What i`ll say is that you dont have to nop it.Most times you have to nop call commands.Or jmp (jump)
This tutorial is only for educational purpose and do this at your own risk. Using this against a network that does not belong to you may result in legal implications based on the law under the owners jurisdiction

What do I need ?

    Windows Os
    Cain And Abel

Step 1. Finding the target

So first off we need to find a computer or the computer to hack into. So if your
plugged in to the LAN, or connected to the WAN, you can begin. Open up Cain and
Abel. This program has a built in sniffer feature. A sniffer looks for all IP addresses in the local sub net. Once you have opened up the program click on the sniffer tab, click the Start/Stop sniffer, and then click the blue cross


Another window will pop up, make sure “All host in my subnet” is selected, and then
click ok.


It should begin to scan.


Then IP’s, computer names, and mac addresses will show up

Now remember the IP address of the computer you are going to be breaking into.

If you can’t tell whether the IP address is a computer, router, modem, etc, that’s ok.
During the next step we will begin our trial and error.


Step 2. Trial and error

Now, we don’t know if we have our designated target, or if we have a computer or
printer, or whatever else is on the LAN or WAN.
If you did get the IP of the target though, I still recommend reading through this
section, for it could be helpful later on.
Click on the start menu and go to run, type in cmd, and click ok.
This should bring up the command prompt.
From here we will do most of the hacking.
Now I will be referring to certain commands that need to be inputted into the
command prompt.
I will put these commands in quotes, but do not put the quotes in the code when you
type it into the prompt.
I am only doing this to avoid confusion.
Let’s get back to the hacking.
Type in “ping (IP address of the target).” For example in this tutorial, “ping”
This will tell us if the target is online.
If it worked, it will look something like this (note, I have colored out private


IF it didn’t work, meaning that the target is not online, it will look something like this:


If the target is not online, either switch to a different target, or try another time.
If the target is online, then we can proceed.

Step 4.Gathering the information

Now, input this command “nbtstat –a (IP address of target).” An example would be
“nbtstat –a”
This will show us if there is file sharing enabled, and if there is, it will give us the:
currently logged on user, workgroup, and computer name.


Ok, you’re probably wondering, “What does all this mean to me?” Well, this is actually
very important, without this, the hack would not work. So, let me break it down from
the top to bottom. I will just give the first line of information, and then explain the
paragraph that follows it.
The information right below the original command says: “Local Area Connection,” this
information tells us about our connection through the LAN, and in my case, I am not
connected through LAN, so the host is not found, and there is no IP.
The information right below the “Local Area Connection,” is “Wireless Network
Connection 2:” It gives us information about the connection to the target through
WAN. In my case I am connected through the WAN, so it was able to find the Node
IpAddress. The Node IpAddress is the local area IP of the computer you are going to
break into.
The NetBIOS Remote Machine Name Table, give us the workgroup of our computer,
tells us if it is shared, and gives us the computer name. Sometimes it will even give us
the currently logged on user, but in my case, it didn’t. BATGIRL is the name of the
computer I am trying to connect to. If you look to the right you should see a .
This means that file sharing is enabled on BATGIRL. If there was not a to the
right of the Name, then you have reached a dead end and need to go find another IP,
or quit for now. Below BATGIRL is the computers workgroup, SUPERHEROES. If you
are confused about which one is the workgroup, and the computer, look under the
Type category to the right of the < > for every Name. If it says UNIQUE, it is one
system, such as a printer or computer. If it is GROUP, then it is the workgroup.

Step 5. Getting In

Finally it’s time.
By now we know: that our target is online, our target has file sharing, and our target’s
computer name.
So it’s time to break in.
We will now locate the shared drives, folders, files, or printers. Type in “net view
(IP Address of Target)”
An example for this tutorial would be: “net view”


We have our just found our share name. In this case, under the share name is “C,”
meaning that the only shared thing on the computer is C. Then to the right, under
Type, it says “Disk.” This means that it is the actual C DISK of the computer. The C
DISK can sometimes be an entire person’s hard drive.
All’s that is left to do is “map” the shared drive onto our computer. This means that
we will make a drive on our computer, and all the contents of the targets computer
can be accessed through our created network drive. Type in “net use K: (IP
Address of Target)(Shared Drive). For my example in this tutorial, “net use
K:” Ok, let’s say that you plan on doing this again to a different
person, do u see the “K after “net use?” This is the letter of the drive that you are
making on your computer. It can be any letter you wish, as long as the same letter is
not in use by your computer. So it could be “net use G…,” for a different target.


As you can see, for my hack I have already used “K,” so I used “G” instead.
You may also do the same for multiple hacks.
If it worked, it will say “The command completed successfully.”
If not, you will have to go retrace you steps.
Now open up “my computer” under the start menu, and your newly created network
drive should be there.


Now, if you disconnect from the WAN or LAN, you will not be able to access this
drive, hence the name Network Drive.
The drive will not be deleted after you disconnect though, but you won’t be able to
access it until you reconnect to the network.
So if you are doing this for the content of the drive, I recommend dragging the files
and folders inside of the drive onto your computer,
because you never know if the target changes the sharing setting.

Congratulations! You’re DONE!

-Commands used in this tutorial:
NBTSTAT -a (IP Address of Target)
NET VIEW (IP Address of Target)
NET USE K: (IP Address of Target)(SHARENAME)
-Program used in this tutorial:
Cain and Abel