Direct load OD, observed that pop may be MessageBox, then search for the windows api functions
Follow the disassembly window follow function, here, directly breakpoints
Run the program, go to the breakpoint, as FIG.
Then find Stack window have to call CALL, this call is naturally MessageBox function, then direct the disassembly window for this call be followed, found a jump affect whether or not to operate above the call, then the next breakpoint directly
Then continue the program, but also an error, continue to follow this CALL
00401245 . E8 18010000 call CRACKME.00401362
Above the presence of the jump instruction, a breakpoint
00,401,243th / 74 07 short CRACKME.0040124C
Then continue the program, click on the re-registration, the first breakpoint went before, a nop instruction
Continue to run, to place a second error, be unconditional jump jmp
Finally, we continue to find a successful pop
Save to save the above to open the program to test success
