9. The most common software crack is the
modification of an application's binary to cause or
prevent a specific key branch in the program's
reverse engineering the compiled program code
using a debugger (such as GDB, SoftICE,
until the software cracker reaches
the subroutine that contains the primary method
of protecting the software
The binary is then modified using the debugger or
a hex editor or monitor
replaces a prior branching opcode with its
complement or a NOP opcode
Almost all common software cracks are a
variation of this type.
creating source or machine code that is difficult for humans to understand.
Program that can change itself.
Obsufscate protection branch some way and chnag eit at run time.
People can't so wasily patch exe file.
Encrypt code and unencrypt it at run time
Code segment encryption can make static analysis very complicated but it doesn’t
necessarily make dynamic analysis any more challenging.
This is because at run-time, these encrypted binaries have something called a decryption
11. Disassemble binary code to assembly code using x64dbg
Click Search for string references
You can see the message in this section
Now you know where should you modify
Jump to the correct password section (For example replace jeq with jneq)
12. You can use break point instead of search for strings
Trace program to find the activation instruction
13. Sometimes a verification ID is being checked by the internet
In this case, after you replace jeq instruction, you need to do something else.
You can capture packets sent by the program.
Find the coed segment that check the response and modify it. (Using breakpoint
14. For example expired program and free trial program
Trace all assembly instructions in free trial program and save in the file
Trace all assembly instructions in expired program and save in the file
Compare two files and find instruction that flow changes.
Get the address and modify that instruction
15. immunity debugger
Immunity Debugger is a powerful new way to write exploits,
analyze malware, and reverse engineer binary files.
This is a new king of Windows debuggers.
HIEW - An ultimate hex editor & deasembler
IDA is an all-in-one tool, it's a disassembler for many formats
of binary files (PE, ELF, MachO, etc.), with a built-in
decompiler, hex editor, debugger.
DiE - Protections / obfuscators identifier
Detect it Easy can tell you exactly which one was used to
protect the binary, so it can be easier to find a ready-to-use
solution to remove it (for example - an unpacker or a
Bytecode Viewer - Java decompiler (also for Android apps)
Wireshark - Network sniffer
16. A program to generate activation
codes and serial numbers.
Keygen programs use various
password-cracking algorithms to
find a combination that serves as a
crack the software in order to find a
list of correct passwords
rewrite parts of the software to create
their own correct passwords
17. Product activation
Use of ID numbers and product keys that are printed on the material of software, hardware
In order to activate the product user must enter both of these verification keys
Keygens are often unable to hack software that uses product activation (vendor's database)
Multiple algorithms to ensure that a serial number or product key is not fake (vendor's database)
A secondary algorithm may be used by the vendor to eliminate certain characters within the
18. A program that modifies the machine code of
generally provided by the software provider
themselves to improve the existing product by
adding new features, fixing bugs or improving
Replaces existing functionality in the
program with the purpose of
altering behavior in a way not intended by
the original developer
Example: disabling a section of code that
checks for a valid license with code that
assumes a license exists
19. Involves changing a few byte values in existing code with the goal of altering the existing
behavior without actually modifying the code itself.
If the default trial is 30 days, a crack could change that value to 9999 days. It is minimally