; this APPEARS to work for PE version 2.01 ; but my x86/cracking skills are zero. ; use a86 to complile and run in the same dir as pe.exe ; the correct way to crack this is with a key file, but im retarded code segment assume cs:code, ds:code start: mov ah, 09 mov dx, offset display int 21h open_file: mov dx, offset file_name mov ax, 3d02h int 21h cmp ax, 05 jz read_only jc of_error mov file_handle, ax set_fhandle: mov ax, 4200h mov bx, file_handle mov cx, offset_high mov dx, offset_low int 21h jc sf_error crack_it: mov ah, 40h mov bx, file_handle mov cx, count mov dx, offset patch int 21h jc ci_error close: mov ah, 3eh int 21h jc c_error open_file2: mov dx, offset file_name mov ax, 3d02h int 21h cmp ax, 05 jz read_only jc of_error mov file_handle, ax set_fhandle2: mov ax, 4200h mov bx, file_handle mov cx, offset_high2 mov dx, offset_low2 int 21h jc sf_error crack_it2: mov ah, 40h mov bx, file_handle mov cx, count2 mov dx, offset patch2 int 21h jc ci_error close2: mov ah, 3eh int 21h jc c_error jmp make_key read_only: mov ax, 4301h mov dx, offset file_name mov cx, 0000 int 21h jmp open_file of_error: mov ah, 09 mov dx, offset of_errorm int 21h jmp finish sf_error: mov ah, 09 mov dx, offset sf_errorm int 21h jmp finish ci_error: mov ah, 09 mov dx, offset ci_errorm int 21h jmp finish c_error: mov ah, 09 mov dx, offset c_errorm int 21h jmp finish make_key: mov ah, 3ch xor cx, cx mov dx, offset key_name int 21h mov ah, 3eh int 21h finish: mov ax, 4C00h int 21h offset_high equ 0000h offset_low equ 9147h count equ 13 patch db 59h,6fh,75h,21h,21h,21h,20h,20h,20h,20h,20h,20h,20h, 0 offset_high2 equ 0000h offset_low2 equ 1207h count2 equ 2 patch2 db 90h, 90h, 0 key_name db 'pe.key', 0 file_name db 'pe.exe', 0 display db 'blah', 0ah, 0dh, "$" of_errorm db 07h, 'Error opening the file.', 0ah, 0dh, "$" sf_errorm db 07h, 'Error setting file handle.', 0ah, 0dh, "$" ci_errorm db 07h, 'Error writing to file.', 0ah, 0dh, "$" c_errorm db 07h, 'Error closing file.', 0ah, 0dh, "$" file_handle dw 0