View Full Version : Threads Deleted
Dan777
03-22-2008, 10:48 AM
There was a thread "How to crack any type of software protection" in the Encryption forum that was deleted. There was some very useful info there for newbs like me.
I did see some spamming that obviously have broken the rules. But why not delete there post, why the thread?
There was over 200 post, I can't be the only * that noticed this missing.
Dan
Moonbat
03-22-2008, 11:17 AM
That particular thread was not deleted by a moderator. It was deleted by an administrator of the forum. I'm not planning to overstep my authority and undelete a thread deleted by an admin, so you'll have to take it up with D.Parker, the admin who deleted it.
Here's the first post of the thread, just for any of you wondering what thread the OP is talking about:
In this tutorial you will learn how to crack any type of software protection using
W*2Dasm and HIEW.
IDENTIFYING THE PROTECTION:
Run the program, game, etc., (SoftwareX) that you want to crack without the CD in the
CD reader. SoftwareX will not run of course, however, when the error window pops up it
will give you all of the vital information that you need to crack the program, so be sure to
write down what it says.
CRACKING THE PROTECTION:
Now, run Win*2Dasm. On the file menu open DISASSEMBLER > OPEN FILE TO
DISASSEMBLE. Select SoftwareX’s executable file in the popup window that will
appear (e.g. SoftwareX.exe). W*2Dasm may take several minutes to disassemble the file.
When W*2Dasm finishes disassembling the file it will display unrecognizable text; this is
what we want. Click on the String Data References button. Scroll through the String Data
Items until you find SoftwareX’s error message. When you locate it, double click the
error message and then close the window to return to the Win*2Dasm text. You will
notice that you have been moved somewhere within the SoftwareX’s check routine; this
is where the error message in generated.
Now comes the difficult part, so be careful. To crack SoftwareX’s protection you must
know the @offset of every call and jump command. Write down every call and jump
@offset number that you see (You have to be sure, that the OPBAR change its used color
to green). You need the number behind the @offset without the “h.”
Now open HIEW, locate SoftwareX’s executable, and press the F4 key. At this point a
popup window will appear with * options: Text, Hex, and Decode. Click on “Decode” to
see a list of numbers. Now press the F5 key and enter the number that was extracted using
Win*2Dasm. After you have entered the number you will be taken to SoftwareX’s check
routine within HIEW.
To continue you must understand this paragraph. If the command that you are taken to is
E*2BF*BF74, for example, it means that the command equals 5 bytes. Every 2 digits
equal one byte: E*-2B-F*-BF-74 => *0 digits => 5 bytes. If you understood this then you
can continue.
Press F* (Edit), this will allow you to edit the *0 digits. Replace the 5 bytes with the
digits *0. In other words, E*2BF*BF74 will become *0*0*0*0*0 (*0-*0-*0-*0-*0).
After you complete this step press the F*0 key to exit.
Congratulations! You just cracked SoftwareX!
Don’t panic if SoftwareX will not run after you finished cracking it. It only means that
something was done incorrectly, or perhaps SoftwareX’s protection technology has been
improved or created after this tutorial. Simply reinstall SoftwareX and start over. If you’re
sure that you completed all steps correctly and the program still will not run, then tough
nuts. Their protection was developed after the writing of this tutorial.
I'll post some of the posts I think are informative, just in case D.Parker chooses not to undelete the thread. But I will say, the thread truned into a 'crack this plzzz' spamfest, and I doubt it will get undeleted.
Moonbat
03-22-2008, 11:27 AM
I found 2 other informative posts
I'm not sure if this will help you but I wrote a tutorial for that crackme with ollydbg. This is just about as simple as you can get and most programs have more to them but for people just beginning its perfict. Anyway hopefully this will help you with olly if you choose to try it. It's a lot better in my opinion.
cim_crackme.exe Tutorial with Ollydbg
*. Run the crackme to see what happens. It wants a Name and Serial.
2. Type in random name and serial to see what happens. A pop up displays "This is not a valid serial...".
*. Open PEiD and scan the crackme for packer info. It returns the crackme is not packed and is coded with MASM/TASM. This makes it easy!
4. Load file in Ollydbg. Then look up all referenced text strings (Right click, Search for, All referenced text strings).
5. Double click on "This is not a valid serial...". It will take you to where the string is in the code section. If you look up two lines you will see a '>' meaning something jumped here. Select the line with the '>' and it should say "Jump from 0040*0D7" in the bottom.
6. Go to 0040*0D7 and you will find the JNZ that took you to "This is not a valid serial...". Double click it and type in "NOP" and click ok.
7. Right click anywhere and select "Copy to executable", then "All modifications" then click the "Copy all" button. A smaller new windows should pop up, right click in it and choose "Save file". And thats it!
BTW - the only cracking steps are 5 and 6. You don't need a hex editor and all that other stuff because olly will modify things for you and allow you to save after words.
Here is another tutorial I just wrote on finding the serial in the crackme you posted.
cim_crackme.exe Find Serial Tutorial with Ollydbg
*. Load Crackme into ollydbg.
2. Set breakpoint on 40*0D0. (The call to the serial algorithm)
*. Press F* to start the program and have it break on 40*0D0. *Before the program breaks it will ask you for your Name and Serial. Enter the following and press Check.
Name: all-nettools
Serial: *2*45
4. The program will stop on the breakpoint you set. Press F7 to enter the call function. Now your in the serial algorithm. Well almost, it's the five lines (40**5F-40**6B) that create your serial.
5. Set a breakpoint on 40**76 (IDIV ECX). Press F* to land on that breakpoint. If you look at EAX your serial is now inside but it's a bunch of hex numbers (2D2*FF0A).
6. Thats good but the most of the rest of this call function checks for * characters to be at the beginning of every serial. The first two characters are random alphabetical characters. The *rd is the '-' character.
7. To find the other two random characters you must step through the code (F8) until you get to 40**7E. Once there you will see the next instruction is a JE (jump). Olly will show in the status bar below all the code that the CL register equals 'N'. Thats your first random character and you may want to write it down.
8. Press F8 once so your on the JE (jump) instruction. Look to the right of olly and below the registers is the flags (C, P, A, Z, S, T, etc.). Double click on Z's 0 to make it a *.
*. Continue stepping (F8) until 40***C and you will see again near the bottom of olly in the code status bar DS:[0040*04B]=66 ('f'). This MUST be made into a uppercase 'F'. So write down 'F' as the second random character.
*0. Put it all together and the serial becomes "NF-2D2*FF0A". If you were to paste that algorithm in a keygen template you could join CiM.
Moonbat
03-22-2008, 11:34 AM
Those are the few good posts I found in the thread. Everything else was in the following categories.
Requests for cracks - This isn't the place. PM someone, but don't post these requests on the public forum
Asking for help - This is fine, but most posts were like "hey I tried the tut on X program but didin't work halllp!" If you are going to ask for help, give details, and please try to make some sense of what you are saying.
Download links - These can be found anywhere, on virtually every warez forum/torrent site known to man. It's very easy to find whatever cracking/hex editing program you are looking for
EDIT: Tito had some very informative posts, but they were mostly download links, some of which don't work anymore. This is not to say that Tito did not contribute a lot to the community, because he did. I'm just saying that if someone wants the threads solely for the download links, you can obtain them anywhere.
Dan777
03-22-2008, 12:17 PM
Thank you for taking the time to explain and sort out the informative post in thread. I'm sure it's going to be appreciated by many newbie members.
I know it is by me.
Thanks again,
Dan
Yes thank you!:D :cool:
I was wondering the same thing.
john.player
05-25-2009, 10:26 PM
hi m new to cracking(brand new).i want a step to step guide to crack using just ollydbg.i m keenly intrested in this.plzzz give me step by step guide to crack serial of any simple progam.Better if u come online in your favoured time.plzzz
Powered by vBulletin® Version 4.1.8 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.