DISCLAIMER: THE FOLLOWING IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY. DO NOT DO THIS. IT IS ILLEGAL IN THE UNITED STATES. IT VIOLATES THE MICROSOFT LICENSE AGREEMENT THAT YOU AGREE TO WHEN YOU INSTALL WINDOWS98. THIS INFORMATION WAS SENT TO ME ANONYMOUSLY. I DO NOT KNOW IF IT ACTUALLY DOES WHAT IT PURPORTS TO DO. I DO WANT TO FIND OUT. DO NOT DO IT.
"To bypass the product key on Windows 98, do the following:
copy the entire Win98 directory from the CD to a directory on the hard drive
extract precopy1.cab pidgen.dll <enter>
debug pidgen.dll <enter>
-e 1ed7 <enter>
xxxx:1ED7 39. 8b <enter>
-e 1edf <enter>
xxxx:1EDF 39. 8b <enter>
-w <enter>
-q <enter>
For those with a hex editor, patch offset 1dd7h and 1ddfh from bytecode 39h to byttecode 8bh. Debug works fine (file is <64k so no segment adjustments are necessary) for patching small files like this one.
run SETUP and type in ANYTHING for the serial number. The only exception is all zeros; that's apparently a backdoor that was shutdown before pidgen.dll was released.
Win98 will use the modified pidgen.dll file instead of the unmodified one stored inside of precopy1.cab archive. Win98 didn't ask for my Win95 CD or otherwise ask for proof of upgrade; I'm thinking that the upgrade requirment is built into the serial number validation routine
which this hacks to accept ANY set of numbers and letters as valid.
For those with SoftICE, break in when Win98 setup is validating the number (the long hourglass after entering the serial). Set a breakpoint
at pidgen.dll offset 1c12h (it's a 16-bit dll). When you break during the hourglass, you'll end up in the middle of pidgen.dll's extremely
nested serial check routine so finding the segment of pidgen.dll is simple."
