Hehe, I once thought about this too.
The interesting point would be to find a possible weak point in the serial checking routines of e.g. some RSA 1024 based protection schemes. Then you maybe could break that scheme with a special buffer overflow serial.