Crack Sublime Text 3.2.2 Build 3211 and Sublime Text 4 Alpha 4098 with Hex

Crack Sublime Text Windows and Linux.md

---

How to Crack Sublime Text 3.2.2 Build 3211 with Hex Editor (Windows | Without License) ↓

1. Download & Install Sublime Text 3.2.2 Build 3211
2. Visit https://hexed.it/
3. Open file select sublime_text.exe
4. Offset 0x8545: Original 84 -> 85
5. Offset 0x08FF19: Original 75 -> EB
6. Offset 0x1932C7: Original 75 -> 74 (remove UNREGISTERED in title bar, so no need to use a license)
7. Export File and save it to location you want
8. Backup sublime_text.exe file (just rename)
9. Copy sublime_text.exe modified to directory Sublime Text 3
10. Happy Coding :)

Screenshot

---

How to Crack Sublime Text 4 Alpha 4098 with Hex Editor (Windows | Without License) ↓

1. Download & Install Sublime Text 4 Alpha 4094
2. Visit https://hexed.it/
3. Open file select sublime_text.exe
4. Go to Address: 0000A700 change 80 38 00 to FE 00 90
5. Export File and save it to location you want
6. Backup sublime_text.exe file (just rename)
7. Copy sublime_text.exe modified to directory Sublime Text 4 (i.e C:\Program Files\Sublime Text)
8. Use this License

----- BEGIN LICENSE ----- 
TwitterInc 
200 User License 
EA7E-890007 
1D77F72E 390CDD93 4DCBA022 FAF60790 
61AA12C0 A37081C5 D0316412 4584D136 
94D7F7D4 95BC8C1C 527DA828 560BB037 
D1EDDD8C AE7B379F 50C9D69D B35179EF 
2FE898C4 8E4277A8 555CE714 E1FB0E43 
D5D52613 C3D12E98 BC49967F 7652EED2 
9D2D2E61 67610860 6D338B72 5CF95C69 
E36B85CC 84991F19 7575D828 470A92AB 
------ END LICENSE ------

9. Happy Coding :)

Screenshot

---

Blocked by Microsoft Defender SmartScreen -> More Info -> Run Anyway

Screenshot

---

How to Crack Sublime Text 3 & 4 Alpha 4094 with Hex Editor (Linux & MacOS | With License) ↓

1. Download & Install Sublime Text 3 or 4
2. Visit https://hexed.it/
3. Open file select sublime_text
   • Linux Location: /opt/sublime_text/sublime_text
   • MacOS Location: /Application/Sublime Text [version].app (Correct Me If I'm Wrong)
4. Search 97 94 0D and Change to 00 00 00
5. Export File and save it to location you want
6. Backup sublime_text file (just rename)
7. Copy sublime_text modified to default directory Sublime Text
8. Use this License

----- BEGIN LICENSE ----- 
TwitterInc 
200 User License 
EA7E-890007 
1D77F72E 390CDD93 4DCBA022 FAF60790 
61AA12C0 A37081C5 D0316412 4584D136 
94D7F7D4 95BC8C1C 527DA828 560BB037 
D1EDDD8C AE7B379F 50C9D69D B35179EF 
2FE898C4 8E4277A8 555CE714 E1FB0E43 
D5D52613 C3D12E98 BC49967F 7652EED2 
9D2D2E61 67610860 6D338B72 5CF95C69 
E36B85CC 84991F19 7575D828 470A92AB 
------ END LICENSE ------

9. Happy Coding :)

Screenshot

---

@JavaTryCatchMe

I am the author of SelfPatcher. Please do share the proof you've found that my patcher uses TBF github.com/secretsquirrel/the-backdoor-factory. That would be interesting.

The only 3rd-party lib I used is https://github.com/secretsquirrel/SigThief whose code is fairly short and I believe it doesn't use TBF. I believe I don't I use TBF for sure. The only thing left is https://github.com/Nuitka/Nuitka which I used to compile my module into .pyd/.so files. I don't believe it uses TBF for sure (otherwise, a big news).

---

Fwiw, people are less active here. https://gist.github.com/maboloshi/feaa63c35f4c2baab24c9aaf9b3f4e47 is much more active. Actually, SelfPatcher is open-source to some of trusted cracker there, but you don't have to believe me.

First, sorry @Aholicknight sorry I missed your initial comment requesting what I found related to TBF. I saw the defencedog notification and the reply after that, and didn't scroll back far enough.

@n6333373 if I made a mistake, and spending some more time in IDA it is likely so, I apologize. After being pointed to the plugin I noticed the binary distribution which was a bit odd, rather than just the dependencies/tools. I spent about 10 minutes looking for anything horrific originally. It involving compiled python always adds a layer of abstraction. There wasn't anything obvious. There were no obvious network imports but these things can be hidden.

Only a spurious comment about code from BDF.

This paired with the one obvious link as well in the code of "https://github.com/sponsors/secretsquirrel" which first and foremost talks about their primary project of the Back Door Factory and malware related topics.

Again this was a dozen minutes reviewing a suspect random binary in an area where things can often be fraught with malicious code. It wasn't run, there was no deep analysis.

So of course with the comments I went back and took some more time.

As I see it now now:

• After running the extension sandboxed and reviewing the changes made to the assembly on the main executable there is almost certainly no malicious changes made.

• The references I found, while existed, clearly were not from the BDF library but the SigThief library @n6333373 mentioned. Specifically https://github.com/secretsquirrel/SigThief/blob/ffb501bcd86acd439e4458a33e9fc5ebed4b59a8/sigthief.py#L14 . SigTheif doesn't do anything malicious only transfer signatures between PEBs and is not used in a malicious way here.

• There are no other signs of anything malicious, network connections, etc. This isn't a full breakdown but again with a deeper dive than a glancing pass. Can things hide through something like this? Sure but is it likely here? no. I will note I only looked at the windows binary and not the linux library.

As I said at the top and will say it again now, I was almost certainly wrong. @n6333373 is quite believable and I am sorry for the hasty conclusions I initially made.

4169 hex (Windows x64/leogx9r's method): E8 93 58 20 00 49 8B 96 B8 02 00 00 48 8D 0D 5D 0C 00 00 41 B8 98 3A 00 00 E8 7A 58 20 00 -> 90 90 90 90 90 49 8B 96 B8 02 00 00 48 8D 0D 5D 0C 00 00 41 B8 98 3A 00 00 90 90 90 90 90 (Invalidation/Validation Functions) E4 24 00 00 55 41 57 41 56 41 55 41 -> E4 24 00 00 48 31 C0 C3 56 41 55 41 (License Validity Checking) 55 56 57 48 83 EC 30 48 8D 6C 24 30 48 C7 45 F8 FE FF FF FF 89 D6 48 89 CF 6A 28 -> 48 31 C0 48 FF C0 C3 48 8D 6C 24 30 48 C7 45 F8 FE FF FF FF 89 D6 48 89 CF 6A 28 (Server Validation Thread)

After patch just enter anything to license and it should work.

Thank you so much!!!!

@n6333373
fun fact, you could simply provide the source to make it more trusted. If it's using posted methods and just automates it, no reason not to. We are on github already.

@n6333373
fun fact, you could simply provide the source to make it more trusted. If it's using posted methods and just automates it, no reason not to. We are on github already.

Well. I don't care whether you trust it or not. Make your decision. Or buy a license = 100% safe. I have a legit license seriously. I do this for fun.

Fwiw, people are less active here. maboloshi/feaa63c35f4c2baab24c9aaf9b3f4e47 is much more active. Actually, SelfPatcher is open-source to some of trusted cracker there, but you don't have to believe me.

I also provided discussion link there. If you don't trust it, do patch by yourself manually.

it's not safe to run the patcher. Nobody knows if it does anything else. You should run it inside a virtual machine and compare the patched binary to see if something suspicious was added. Go to https://gist.github.com/maboloshi/5baecbddacf43855f13240b63be5673d it's easier to verify the instructions and patch it yourself.

I found a very simple way. We have 2 byte value at 00007FF77C7D9144 (in build 4180). This value is set when the program is started to 0 by the instruction:

and word ptr [00007FF77C7D9144], 0

Since the instruction is eight-byte, and I do not want to rebase the program, we replace it with an eight-byte instruction:

or word ptr [00007FF77C7D9144], 0FFFFh

When this value compares with 0 (instruction 00007FF77C0841CF), zf flag doesnt sets to 1, and we have licensed program.

Found elsewhere but it works on Win64. Make sure to run a firewall & prevent from accessing web.

4180: 80 79 05 00 0F 94 C2 -> C6 41 05 01 B2 00 90

This works for most of the Sublime Text 4.X x64 (Including 4107) - block the license check via host or patch it out of EXE

RSA Key Patch (allows any key in right format to work)

Search for ...
4157415656575553B828210000
Replace with ...
33C0FEC0C3575553B828210000

Disable License Check (You can do this via hosts file if you rather)

Search for...
6C6963656E73652E7375626C696D6568712E636F6D
Replace with ...
7375626C696D6568712E6C6F63616C686F73740000

You can now use any license basically that follows the same syntax/format/key.

-- BEGIN LICENSE --
Generic Name
Unlimited User License
EA7E-81044230
0C0CD4A8 CAA317D9 CCABD1AC 434C984C
7E4A0B13 77893C3E DD0A5BA1 B2EB721C
4BAAB4C4 9B96437D 14EB743E 7DB55D9C
7CA26EE2 67C3B4EC 29B2C65A 88D90C59
CB6CCBA5 7DE6177B C02C2826 8C9A21B0
6AB1A5B6 20B09EA2 01C979BD 29670B19
92DC6D90 6E365849 4AB84739 5B4C3EA1
048CC1D0 9748ED54 CAC9D585 90CAD815
-- END LICENSE --```

so this has always been my go-to pair of hex strings to edit since the 4.x age, but since yesterday it's doesn't work anymore with 4180 (string not found)

It's also works for Linux too, btw 😮

Found elsewhere but it works on Win64. Make sure to run a firewall & prevent from accessing web.

4180: 80 79 05 00 0F 94 C2 -> C6 41 05 01 B2 00 90

@Fireshtorm1k your patch is very interesting.

it makes you registered, but at the same time requires a license upgrade.

Found elsewhere but it works on Win64. Make sure to run a firewall & prevent from accessing web.

4180: 80 79 05 00 0F 94 C2 -> C6 41 05 01 B2 00 90

Ditto this. Works on Arch after hexed and chmod.

Click To Download Crack Sublime Text Windows and Linux.md

This link to corlubar . com looks suspicious.
You could be infected with malware when visiting it.
It's safer to stay on gist.github.com

Click To Download Crack Sublime Text Windows and Linux.md

This link to corlubar . com looks suspicious. You could be infected with malware when visiting it. It's safer to stay on gist.github.com

It is... Some kind of scam (advertise spam).
https://www.virustotal.com/gui/url/c7fb2551bbac3b03f79a2630786c883b560957dbc9b13c5f73cd451e9e607acb/details

4180 hex (Windows x64/leogx9r's method):
48 8B 96 B0 02 00 00 48 8D 0D 4A 06 00 00 41 B8 88 13 00 00 E8 11 D0 1A 00 48 8B 96 B0 02 00 00 48 8D 0D BB 07 00 00 41 B8 98 3A 00 00 E8 F8 CF 1A 00 -> 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 (Invalidation/Validation Functions)
41 57 41 56 41 54 56 57 53 48 81 EC E8 03 -> C3 57 41 56 41 54 56 57 53 48 81 EC E8 03 (License Notify Thread)
20 C8 C3 41 57 41 56 -> 20 C8 C3 48 31 C0 C3 (License Validity Checking)
5F C3 56 57 53 48 83 EC 20 89 D6 -> 5F C3 48 31 C0 48 FF C0 C3 89 D6 (Server Validation Thread)

There was no crash reporter code found in this version.
After patch just enter anything to license and it should work.

Also available here

Thanks! Worked great on my Linux machine.

It's also works for Linux too, btw 😮

Found elsewhere but it works on Win64. Make sure to run a firewall & prevent from accessing web.
4180: 80 79 05 00 0F 94 C2 -> C6 41 05 01 B2 00 90

I found a very simple way. We have 2 byte value at 00007FF77C7D9144 (in build 4180). This value is set when the program is started to 0 by the instruction:

and word ptr [00007FF77C7D9144], 0

Since the instruction is eight-byte, and I do not want to rebase the program, we replace it with an eight-byte instruction:

or word ptr [00007FF77C7D9144], 0FFFFh

When this value compares with 0 (instruction 00007FF77C0841CF), zf flag doesnt sets to 1, and we have licensed program.

Wow perfect, thanks it worked!!!
how did you arrive at this conclusion??

I found a very simple way. We have 2 byte value at 00007FF77C7D9144 (in build 4180). This value is set when the program is started to 0 by the instruction:

and word ptr [00007FF77C7D9144], 0

Since the instruction is eight-byte, and I do not want to rebase the program, we replace it with an eight-byte instruction:

or word ptr [00007FF77C7D9144], 0FFFFh

When this value compares with 0 (instruction 00007FF77C0841CF), zf flag doesnt sets to 1, and we have licensed program.

Wow perfect, thanks it worked!!! how did you arrive at this conclusion??

Ida pro, and some debugging. I'm very glad that I helped someone at least

I found a very simple way. We have 2 byte value at 00007FF77C7D9144 (in build 4180). This value is set when the program is started to 0 by the instruction:

and word ptr [00007FF77C7D9144], 0

Since the instruction is eight-byte, and I do not want to rebase the program, we replace it with an eight-byte instruction:

or word ptr [00007FF77C7D9144], 0FFFFh

When this value compares with 0 (instruction 00007FF77C0841CF), zf flag doesnt sets to 1, and we have licensed program.

Wow perfect, thanks it worked!!! how did you arrive at this conclusion??

Ida pro, and some debugging. I'm very glad that I helped someone at least

Ohhh,
thank you again, brother. Respect++

Found elsewhere but it works on Win64. Make sure to run a firewall & prevent from accessing web.

4180: 80 79 05 00 0F 94 C2 -> C6 41 05 01 B2 00 90

It works perfectly—thank you!

Does anyone have a patching method for Build 4180 Linux?

Does anyone have a patching method for Build 4180 Linux?

Found elsewhere but it works on Win64. Make sure to run a firewall & prevent from accessing web.

4180: 80 79 05 00 0F 94 C2 -> C6 41 05 01 B2 00 90

It's working for Sublime Text 4180 Linux builds too.

After patching via hexed.it need to chmod +x 👍

How to make it work on Mac M1 ?

It runs, but i does not accept any of the above licenses

It runs, but i does not accept any of the above licenses

I'm going to guess and say it's allowed to connect to the internet and thus, it's throwing the error of the license key. This is why it's crucial to use a firewall.

What should i put in the /etc/hosts ?

I was thinking more of a software firewall. While I'm not at all familiar with the Mac OS, in Windows one good firewall choice is Simplewall. In Simplewall, I can prevent sublime_text.exe from the accessing the net 100%. I'm sure some time sharpening your Internet search skills will produce the same results but you're entirely on your own. Good luck!

I added on my /etc/hosts:

127.0.0.1 www.sublimetext.com
127.0.0.1 sublimetext.com

but it is still saying the license is invalid =/

It runs, but i does not accept any of the above licenses

today i'm gonna try on macos too. I've tested on Ubuntu 22.04, it's working.