Help with WinMLS 2004

I am having some problems with WinMLS 2004.

I am getting stuck with the nag screen. I can enter in any code and it will let me in (after an error message). So I am getting closer. Before I couldn't enter the program period.

Any guidance would be appreciated on winmls 2004.

To prove my worthiness (I'm not being lazy). I reversed the previous version winmls 2000. Please see attached .txt file for instructions how I unlocked the 2000 version. *Found out there is another check in 2000.

The good news is that 2004 is not packed. Both have the softlocx5.ocx files. WinMLS has different passcodes to "upgrade" to higher features.

Here is a link for the 2000 version should you want to see my edits that might help with 2004:
winmls 2000:

Code:

hxxp://www.winmls.com/downloadWinMLS/WinMLS2000/WinMLS2000_Release3Build010c.exe

winmls 2004:

Code:

hxxp://www.winmls.com/2004/WinMLS2004_Ver1.07Installation.exe

Thanks,

-Malt

I am close for 2004.

You are still asked to register or try for free.

Click Register.

Then type in some letters and press the enter key (not the unlock button).

You now enter in with no errors to use the program. Most is working. I have to test the features.

Here are the text notes to get 2004 so far.

P.S. I used olly...so copy/paste is from olly. look for comments for patch areas.

Nag is gone. Here is the modified code -> see NOP,NOP

Code:

004DF56D   .  E8 6E290000            CALL WinMLS.004E1EE0
004DF572   .  85C0                   TEST EAX,EAX
004DF574   .  90                     NOP                                      ;  must nop to allow closedialog for opening nag
004DF575   .  90                     NOP
004DF576   .  8B16                   MOV EDX,DWORD PTR DS:[ESI]
004DF578   .  8BCE                   MOV ECX,ESI
004DF57A   .  FF92 C8000000          CALL DWORD PTR DS:[EDX+C8]
004DF580   .  E9 C6020000            JMP WinMLS.004DF84B
004DF585   .  385E 5E                CMP BYTE PTR DS:[ESI+5E],BL
004DF588   .  0F84 CE000000          JE WinMLS.004DF65C
004DF58E   .  395E 64                CMP DWORD PTR DS:[ESI+64],EBX
004DF591   .  7E 0F                  JLE SHORT WinMLS.004DF5A2
004DF593   .  8B06                   MOV EAX,DWORD PTR DS:[ESI]
004DF595   .  8BCE                   MOV ECX,ESI
004DF597   .  FF90 C8000000          CALL DWORD PTR DS:[EAX+C8]
004DF59D   .  E9 A9020000            JMP WinMLS.004DF84B
004DF5A2   >  53                     PUSH EBX
004DF5A3   .  8D4C24 24              LEA ECX,DWORD PTR SS:[ESP+24]
004DF5A7   .  E8 A4E7FDFF            CALL WinMLS.004BDD50
004DF5AC   .  8D4C24 20              LEA ECX,DWORD PTR SS:[ESP+20]
004DF5B0   .  C68424 8C000000 06     MOV BYTE PTR SS:[ESP+8C],6
004DF5B8   .  E8 D85F1900            CALL WinMLS.00675595
004DF5BD   .  807C24 7C 01           CMP BYTE PTR SS:[ESP+7C],1
004DF5C2   .  75 45                  JNZ SHORT WinMLS.004DF609
004DF5C4   .  8B46 60                MOV EAX,DWORD PTR DS:[ESI+60]
004DF5C7   .  C646 5C 01             MOV BYTE PTR DS:[ESI+5C],1
004DF5CB   .  BF 58B47400            MOV EDI,WinMLS.0074B458                  ;  ASCII "EVALUATION"

Well now that it's working... how would one go about finding the code to create a valid serial#?

[ahmadmansoor]

Dear friend sorry for late in replay .....my friend ur problem not in nop some jmp ...ur problem is in this file "WINDOWS\system32\Softlocx5.ocx" it is packed file and it is chack the unlock Number .....so if u unpack it , it will solve 90% of ur problem ...it is packed with Cranch PE ....
so happy new work ....unpack then SN PAtch

[Avi_RE]

Quote:

Originally Posted by Maltese

I am close for 2004.

You are still asked to register or try for free.

Click Register.

Then type in some letters and press the enter key (not the unlock button).

You now enter in with no errors to use the program. Most is working. I have to test the features.

Here are the text notes to get 2004 so far.

P.S. I used olly...so copy/paste is from olly. look for comments for patch areas.

Any chance to external link
Thanks