|
|
|
Remember
the basics:
You have to remember the
basics. If you want to crack a game or a application
start it and look which kind of error message you recieve.
If it is a Windows Message Box you can crack it with
W32Dasm. If it is a ingame error message you`ll better
crack it with soft-ice debugger.
Remember the error message and make to recovery files of
the start.exe.One called *.exx (if you nop or manipulate
anything wrong so it wont run or have any errors you can
rename it with the original exx file) and one called
*.w32 (this file is for W32Dasm you have to use it for
disassembling it with Wdasm). Then go to W32Dasm and
disassemble the w32 file of your start.exe.If it
is disassembled click on String Data References button and
look out for the error message (you can also click on
search and enter your keyword like sorry or unable...)
you recieved on the screen. If you find it doubleclick on
it. On the asm-code enter the *Referenced by a (U)nconditional
or (C)onditional Jump At Adress: number in the Goto
code location window. Once you was warped to the location
write down the @Offset number (you can leave the 000).
Start HIEW and load the exe. Click on F4 goto
decode. Click on F5 enter the @Offset number (no
matter if you do that with the 000 or without them).If you
was warped to the place where is hidden the jne/je/jmp/nop
you can change the jne to je or the je to jne or you can
nop a jmp/call (you can also nop a je/jne command
but before you do that try if it run with changing the value).
Save it and leave HIEW. Start your programm and see
if it works. If not you make something wrong. Try to nop
or change other values. If there is no Referenced by
a (U)nconditional or (C)onditional Jump At Adress: number
you have to trace some lines up and look out for call/jmp/jne/je
commands you can nop or change.
|
|
How
to nop:
Now i`ll explain how to nop.
Nop stand for "No Operation". If you get
any call/jne/jmp/je command you can nop it. The rules
for nop are: every two numbers are one byte. That means
if we have a number like E8992344 we have there 4bytes
which wanna be changed. E8 is one byte 99 is one byte
23 is one byte and 44 is one byte. Replace the number
with 90909090. If you do that in HIEW dont be
worry when you enter the first 90 that it flips one line
down. Enter three 90 again and save it. Also you can
nop a 7456 (je) with 9090 or a 7589 (jne) with 9090.
No matter if it is a jne/je/jmp/call. Sometimes you`ll
see je/jne commands in numbers like F5848976 (i
dont know if it is the correct command but i want to show
you what to do if you see anytime a long je/jne command
like this) at this point you can change only the
84 after F5 (84 is like 74 = je) to 85 and otherwise
(85 to 84).What i`ll say is that you dont have to
nop it.Most times you have to nop call commands.Or jmp (jump)
commands.
|
|
Last words:
Thats the end of my tutorial.I
think i forget much of what i want to say but if i do i`ll
say it in next tutorials. My next tutorials will contain
how to handle soft-ice debugger / how to read the
asm-code under W32Dasm and get the valid code from
it / how to get keys from programms with soft-ice / how
to crack with soft-ice / explain more of asm-code and many
more. I hope you enjoyed my tutorial i know it wasnt
easy cause my english is more then bad. I hope you now
know a little bit more about cracking. And if you have some
questions or any ideas for my next tutorials what i can
do better then please mail me at : [email protected]
You can reach me on IRC Dalnet #iglesia. I am not
often online but when i am online i am always in the iglesia
channel. My Greetings goes to:
Rockn Roll... Happy cracking!
Edward
|
|
|
|
Networking
Tips:
Did you know that you can connect two
PC in a LAN w/o using a HUB? Ans. YES you can by simply using
a UTP cable. At one end of the UTP, exchange pin or wire number
3 by pin or wire number 6 so that pin no. 3 is in position
of pin no. 6. Connect 2 PC using this UTP through a NIC.
|
|
|
