CyberMoransđ€
Software Piratesđ can take software and crack it time and time again, even with security in place, this small post is for you. Even with today's most advanced methods of defeating piracy in place (except DRMđ°), it is still relatively easy to crack almost any program in the world. This is mainly due to computer processes' ability to be completely manipulated by an assembly debugger đ
Using this, you can completely bypass the registration process đ„¶ by making it skip the application's key code verification process without using a valid keyđ This works because assembly allows you to speak directly to the processor and force a skip over the registration processâ ïž Thats how you can download FIFA, GTA, Mafia from torrent and play it for free on your PCđ
let's go over how cracking could work in practice by looking at an example program which requires an activation code before being able to use it đ
âïž First, run the program that you are attempting to reverse engineer and try to activate it with a random key to verify that you need a valid software key to proceed. This is to verify that we can come up with the keys đ€
Requirements
đ€ Windows (for examples only, debuggers exist across platforms)
đ€ A debugger: -- IDA, ollydbg, Ghidra etc.-- (we will use ollydbgđ)
đ Run the Program in a Debugger
đ Run ollydbg.
đ Open up the program you wish to bypass with ollydbg.
đ Click the play button to run the program with the debugger attached.
đ Right click the CPU window, and click Search For > All intermodular calls.
đ Search for high interest DLLs. 'GETDLGITEMTEXT', will be for dialog boxes, which get called when you try to enter a software key. By stepping into the function with the debugger, we can examine the registration specifically. 'SENDDLGITEM' could be used as well đ
đ Test to see which one works to break out of the activation loop by right clicking the DLL call and setting a breakpoint for all instances of that call đ
đ Resume the program and enter any software key you feel like. If the debugger breaks (pauses the program's execution) after entering your key, then you know you found DLL in step 5 đ
đ Press F8 back in the CPU window to force the next step until you get to the TEST EAX. EAX is the return of a value, which means that a check is being performed here. Upon examination, we can see that the EAX is checking for a number that is not equal to a null value. This means that if it is replaced with anything other than null, it will run đ
đ Right-click the EAX and change it in hex value to 1, instead of 0.
đ Resume the program again, and you will have successfully bypassed pesky registration and activation codes --and activated the program đ
đConclusion đ€
Subscribe to receive notifications of similar posts đ where we will be reverse engineering malware, vulnerabilities as well as hacking vectors, stories, tutorials and other Infosec stuff...đ
Follow me on twitter for daily Infosec Memes and shenanigansđ
Morans,
Thank you for taking time and hope you learned something new, Like and leave a comment/review and as always, stay awesome! đđ đȘ