My Logic In Life

- Never argue with fools, others may not know the difference.

Sunday, April 23, 2006

Wanna crack?

Hmm.. so you wanna learn how to crack softwares...good

To start with it is very important that you have some knowledge about assembly language. Cracking is primarily 'reverse engineering' i.e disassembling a program and then modifying the code which will be in assembly language. You do not need much understanding of the assembly language for this tutorial but for cracking 'real' softwares you need some really good understanding.

Tool used: win32dasm89 - it is a disassembler that breaks down and translates the computer programs assembly language in to a form the user can understand (barley) enough to find what you need so you can change.

Now here is a really really simple program that I wrote in VB6 ( I can't crack others softwares and show as that would put me behind bars :( ... thats applicable to you too \:D/ ) which we are going to crack.

About my program..


In the textbox type 12345 and click submit. You will get a message "Success". If you enter any other number you will get a message "The number you have entered is incorrect".

Ok enough of raving about my cool program..close it and open win32dasm. Click "open file to disassemble" and choose wannacrackme.exe


Click the indicated button ("strn ref") . You will get the screen as shown below.

Double click "Success"
You will be taken to the part indicated by the black arrow
Now we should be looking at the code above "success". Scrolling up we find that this part of the code was referenced by an unconditional jump statement at the address 00401C41 (this and all the other addresses will be different on your machine).

Press shift+F12 and type that address here. This will take you to a some place similar to this..

Now check out the lines of code above the jmp statement you are in. The statements

test something
je something

and the other lines of code around it tells us that some value is compared with some other value and if both are equal then it jumps to some location and ultimately leads to the string "Success"

So instead of je (jump if equal) we are going to change it to jne(jump if not equal).

00401C3A 7407 je 00401C43

in 7407 , 74 is the opcode for the mnemonic "je" . The opcode for the mnemonic "jne" is 75.

Choose
Edit->Quick edit


Change the 74 to 75 under modify bytes and click save.

Now run pwannacrack.exe ...

Hooray! whatever number you enter other than 12345 will give "Success" !!!

PS: OMG! I was supposed to be creating the PPT for the final review on wednesday ... my teammates are going to kill me tomorrow ...shit!...

5 Comments:

At 11:23 AM , Blogger Aswin Anand T.H. said...

Super tute da!! :D Just loved it :)

and atvb for ur review

 
At 8:43 PM , Blogger logic said...

@aswin

thx dude

 
At 9:55 AM , Blogger logic said...

yup! its very old... actually used to do this when i was in my 11th..then totally lost touch :(

 
At 8:56 PM , Blogger Yuvi Panda said...

Hehe.:D Dude, Put a Disclaimer somewhere on the Top:D

 
At 3:38 AM , Blogger logic said...

its my software i am cracking...don't i have the right? :( ... but i'll consider the disclaimer ;)

 

Post a Comment

Subscribe to Post Comments [Atom]

<< Home