Some of the removed protections include:
Time limits - example of this is a 30-day trial period, after which the program will no longer run.
Nag Screen - graphic that appears, at programmer determined intervals, asking you to register the software.
Serial Number - the use of an assigned number that is required for the program to function.
A Crack usually comes in the form of an .exe or .com file. Like a file you download from a software company to correct a bug or add a feature, a Crack patches one or more of the applications .dll files or the main .exe file itself.
Is This Legal?
Similar to the other Internet giveaway, Warez, the legality of Cracks is far from being globally defined.
The most common belief stated online is that it is legal to write, upload and even download a Crack, as long as you don't use it to disable a software title's copy protection. However on 10-24-97, it was reported in the U.S. that two separate arrests were made for the "illegal distribution of Cracks."
The news article reveals a few interesting points about how the FBI and the SPA had two sites under surveillance for seven months!
The legality of reverse engineering software has been established in many parts of the world. In Europe for example, this activity is clearly defined as legal in the European Union Directive.
In the United States, several court cases have ruled that the reverse engineering of software is legal, as long as the motive is not commercial gain.
You may have read the above text and said to yourself, "Hey the software license says I am forbidden to decompile the software I own."
You're right, it does. Except, you don't "own it". You are being "allowed to license it"
Cracking the Code
While there are many different ways to penetrate most software programs protections, two popular techniques are focused here.
One cracking method is to disassemble the target programs (.exe) file using Wdasm 8.9, which, as I stated earlier, outputs the programs source code in assembly language (ASM).
While using Wdasm 8.9 will not likely reveal the actual serial or registration number, it will expose the locations in the code where the softwares protections lurk. Once found, these protections are easily disabled, allowing for the program to be registered by entering the wrong info or no info at all.
Another weakness in protection that is commonly exploited by Crackers is the software's reliance on calling Win32 API functions. Two of these functions are GetWindowTextA and LstrCmpA.
After a user provides their Name and Registration Code or Serial Number in a dialog box, these type of API functions are called to "compare to" or "generate" the code needed to register the program.
Using NuMega's Soft-ice debugger a Cracker can easily set "breakpoints" on these functions to display their location in memory. Armed with this info the Cracker can then instruct Soft-ice to "display" the information stored in that segment of memory.
Here is a list of some of the tools used in Cracking:
Hex Editor - used to patch disassembled code.
Wdasm 8.9 - shareware disassembler, also includes a debugger.
IDA Pro 3.7 - interactive disassembler. Learn more about it Here.
DCC32 - De-compiler that kicks out actual C source code. Learn more about it Here.
SoftICE - most powerful Cracking tool in existence. Available from NuMega.
No comments:
Post a Comment