What is cracking?
Cracking is a process of changing the code of a executable program to make it work the way we want. Cracking is generally used by programmers to remove the limitations, forced upon the users
by some software. Trial Version Programs can be cracked to may them work forever. Though this is illegal, it’s the computing brains that can rule the programming world. Knowledge of assembly language is essential for cracking. Following are some of the wellknown programs that are used in cracking.
Tools for Cracking
- W32dasm 8.9
This is a dissembler that decodes the executable application file into assembly language mnemonics for viewing & editing. The first step in cracking involves the conversion of the executable file( i.e file with .exe extension) into the assembly language mnemonics file. W32dasm gives away the memory addresses of the labels & Subroutines used in the program.
2. Hacker’s view 5.66
This is used for viewing and editing of the *.EXE file in order to crack it. A listing of the Assembly
language mnemonics with their equivalent opcode can be viewed in HVIEW. The executable file can be updated with the changes using this program. As we know the addresses where each subroutine begins (can be found out with W32dasm) we can directly edit the hexcode in those subroutines.
These cracking tools can be found in the following website:
http://cracking.home.ml.org
General Algorithm Consider a trial version software which can be tried for 30 days. After the initial 30 days, the program prompts for the user to enter a Valid Registration Code to allow him access to the program. These types of programs can be cracked quite easily. The general algorithm for a Registration Code Check in a software package is as listed below:
REGCHECK
Step1 : Get the registration code from the user.
Step2: Check if the registration code is valid.
Step3: If it is valid, call PROGRAM
Step4: Print “Illegal registration code”
Step5: End.
PROGRAM
Step1: Program starts here.
.
.
.
.
.
StepN: End
Equivalent code in an assembly language program :
REGCHECK
Step1 : MOV AX, REG CODE (REGCODE is the user input)
Step2 : CMP AX,BX (Assume the correct registration code is in BX )
Step3 : JE PROGRAM (Jump on Not Equal is similar to JNZ)
Step4 : OUTPUT(“Illegal Registration Code”)
Step5: HLT
PROGRAM
Step1 : Actual Program starts from here
.
.
.
.
Step n : END
The algorithms presented above are selfexplanatory.
Now, the modifications necessary for cracking into this software without the registration code is as explained below.
The TenStep To Crack
1. Run the Executable Program and enter any key in the Registration Code input box. Note down the error message displayed, when an Illegal registration code is entered in the prompt. (For eg. “Invalid
Registration Code”)
2. Make a copy of the EXE file as a backup. (This is to be in the safer side)
3. Run W32dasm and Disassemble one of the EXE files
4. Click String data Reference, to find the address of the string “Invalid Registration Code”
5. Once you have found out the address, look for commands like CMP, JE, JNE etc before the error string.
6. Note down the address of the Conditional Jump command that appears before the error string.
7. Now we know where the program jumps when a valid registration code is given.
8. If the conditional jump command is JE, replace it with JNE. If it is JNE, replace it with JE. This can be done by using Hacker’s View. Open the executable file in HVIEW. Search for the address of the conditional jump statement. Replace the opcode for JE with the opcode of JNE. (JNE –hexcode75, JEhexcode74). Update the EXE file and run the program.
9. Now, the program has been changed in such a way that, entering any invalid registration code allows access to the program.
10. Finally, Remember not to enter the correct registration code as this will cause the error message “Invalid registration Code” to pop up on your screen.
You can watch video for better understanding Click Here
Thank You.
0 comments: