WebDAV. Accessing a filesystems, or anything collection-like, over HTTP. It’s a fantastic invention. Sadly, every Windows version in the past decade has contained a botched client implementation of this protocol.
Fact #1. I run WebDAV servers.
Fact #2. Some people still use ‘Windows’.
Herein lies a problem.

So I have been on the hunt for a sane third-party implementation for Vista. And it just so happens that a certain ISP (XS4ALL) offers WebDAV access. They must have run into trouble with Vista’s anti-implementation of WebDAV too as they’re offering a third-party WebDAV client to the Windows hoi polloi.
And it happens to work rather well. You get an extra ‘drive’ so to any userspace program it’s just as if it’s interfacing a regular filesystem. One problem, though:

It seems to be ‘configured’ to disallow access to other servers than XS4ALL’s.
Of course, we could locally spoof their DNS record and pray the software will accept our dodgy SSL certificate, but that does not scale to the end-users that wish to connect to my WebDAV server.

Start by downloading XS4ALL-webdisk.exe from this page. It says its version number is 5.00.06 and its MD5sum should be 9d008d79099cd1c74abe6e0f1397b0a1. If you get a different checksum don’t worry – you may still be able to crack it, because at the very least you know what to look for when you’re done reading this. I can’t provide you with the version I downloaded because I don’t own the copyright and I haven’t received a license to redistribute.
Go ahead and run the installer. Then, try connecting to a WebDAV server of choice and observe that any attempts will be defeated.

Next, get a hex editor. Here’s the freeware one that I picked. With your editor, open wdfsctl.exe from wherever it is you installed the Webdisk. You should see something resembling this:

To the left, in blue, is the offset. It’s the position in the file. To the right of the offset are bytes in hexadecimal representation. To the far right is the text representation of those bytes.
Now, an .exe can have text mixed in with executable code. A text representation of executable instructions does not make sense which is why you encounter copious amounts of gibberish in the right column. But, as you scroll up and down in the file, you’ll discover lots of proper English sentences in the right column. Select the text and the corresponding bytes will be highlighted. Move over to those bytes in the middle column, change them, and observe that the corresponding text representation also changes. It works the other way around, too. Fun as that may seem we can’t go around changing strings (bits of text are called strings) willy-nilly. Specifically, we cannot change their length or position. Why not? Well, bits and pieces of the program are referenced from other bits and pieces of the program by their offset. Change the offset (position) of some program instruction in the binary (by adding text in front of it or something) and you’ll have to update any and all references to this position. It can be done but we aren’t going to do it. HxD helpfully warns you if you’re trying to do it.
OK, let’s go string hunting. We’re looking for something that is matching xs4all.nl since the restriction most probably works by whitelisting. It took me a quite a while to find it, but it’s at offset 6DAB2. You’ll find the string x.s.4.a.l.l...n.l there. Look over to the hex representation and you’ll find it’s a pattern of characters separated by 00. That’s called null-delimited. Mind you, the 00 you see in the hex representation is not the same as ‘00′ in the text representation:

• Enter a ‘.’ in the text representation and you get 2E in the hex representation.
• Enter a ‘0′ in the text representation and you get 30 in the hex representation.
• Enter a 00 in the hex representation and you get a ‘.’ in the text representation.

It’s the hex representation that counts. Now, after some poking around I established that this string itself is null-terminated, too. So, to end the string, the hex representation has to read 00 00 00 because the characters inside the string are null-terminated as well. That’s two levels of null-termination.
After discovering this, it’s time to dick around with patterns. Change the ‘4′ in x.s.4.a.l.l...n.l to a null by typing ‘00′ in the hex representation at byte 06, offset 0006DAB0. Run the program. Try to connect to https://ha.xs/quux . Chances of success are very slim, but the program doesn’t stop you from trying! You can put anything in front of ‘.xs’ and it will try to connect. Change byte 00 to ‘a’ (in the text representation) and convince yourself that the program will now get out of your way should you attempt to connect to https://fabuloushaxs/quux, but it still stops you from connecting to https://fabuloushaxz/quux.
It appears that the string we’ve just changed has to match the end of the host we’re trying to connect to. So, originally, for https://justconnectmetomyserveralready.net/mydir it would check whether it ends with xs4all.nl which, of course, it doesn’t. However, we can make the string very, very short. In fact, we can make it empty, causing it to always match the end of any host we enter. To do that, just enter 00 in the hex representation at byte 00 at offset 0006DAB0. Connect to your favourite WebDAV server. It works, doesn’t it?

What we have just done is actually pretty basic. ‘Real’ crackers, the folks that let you bypass registration requirements or serial number checks, use tools to look into the memory area of a running program to see which steps make up its behaviour. They don’t just edit some strings, they add and change instructions (and offsets). That requires a much deeper understanding of what’s going on.

There’s various other stuff to be modified. You can change the window title or the help texts. I disabled the auto-update by replacing the URLs at offset 0006BA60, maybe you should do so too.

Now for some legalities. For me, to publish how I edited this .exe, is perfectly legal — especially considering the educative character of this post.
Redistributing the original program wouldn’t be legal. Me or you distributing any modified versions wouldn’t be legal, either. That’s basic copyright law.