OFTEN USED API's IN REGISTRATION SCHEMES AND OTHER

 
Windows programs use API's to interact with the kernel. Hence, also finding input from users in a registration window for example is done with API's. A technique to find info on and to land in the registration scheme, is to use the API's to our advantage. The API's that most used in this matter are :

DialogBoxes:

DialogBoxParamA
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetWindowTextA
GetWindowWord

MessageBoxes:

MessageBeep
MessageBoxA
MessageBoxExA
SendMessageA
SendDlgItemMessageA
 

Registry Access:

RegCreateKeyA
RegDeleteKeyA
RegQueryValueA
RegQueryValueExA
RegCloseKeyA
RegOpenKeyA

Reading/Writing files:

ReadFile
WriteFile
CreateFileA

Reading data from INI file:

GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA

Reading data (other) :

LoadStringA
lstrcmpA
MultiByteToWideChar
WideCharToMultiByte
wsprintfA

Time And Date:

GetFileTime
GetLocalTime
GetSystemTime
GetSystemTimeAsFileTime
SetTimer
SystemTimeToFileTime

Creating a NAG-window:

CreateWindowExA
ShowWindow
UpdateWindow

Find messageboxtext :

SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetWindowTextA

For a registration scheme,
I normally place a breakpoint in one (or all) of the next API calls :

GetdlgItemTextA
GetWindowTextA
lstrcmpA
GetPrivateProfileStringA
GetPrivateProfileIntA
RegQueryValueExA
WritePrivateProfileStringA
WritePrivateProfileIntA


Do you really have no idea what API to break on or have you tried "every" API but you don't succeed ?
---> rightclick ---> search for ---> all intermodular calls ---> rightclick ---> set breakpoint on every command ---> click "ok" button from registration or whatever you need to do ---> you will definitely break somewhere !!!
REMARK :
If you break to soon, even before you can click the "ok" button, then this (these) breakpoint(s) is (are) useless
and may be removed till the program lets you click the required button ;)