Do not mention the three stages of learning to crack:
Elementary: modify the program. Use ultraedit and other tools to modify the exe file. It is called brute-force cracking, or brute-force cracking.
Intermediate: gets the registration code of the software.
Advanced: Write the registration machine.
Let's talk about this brute-force cracking. The so-called brute-force cracking refers to modifying the source file of an executable file to achieve the corresponding goal. You don't understand? For example, if a shared software is used to compare the registration code entered by the user) if the calculated registration code is equal (that is, the user entered the correct registration code), it will jump to the place where the registration is successful, otherwise it will jump to the place where the error occurs.
Come on, let's see. We just need to find this jump command and change it to the "shape" we need. In this way, can we do what we want? (What do you want to do if a software has hands on your chest ?)
There are two common modification methods. I will give you an example:
No.1
In a software project, register as follows:
00451239 CALL 00405E02 (key CALL, used to determine whether the user entered the registration code is correct)
0045123D JZ 004572E6 (!!! <-- This is the key jump. If the user entered the correct registration code, it will jump to the successful place, that is, at 004572E6)
0045 XXXX YYYYYYYYYY
XXXXXXXX YYYYYYYYYY
XXXXXXXX YYYYYYYYYY
When XXXXXXXX is executed here, the user registration fails.
.. Prompt related information such as incorrect user registration code
...
004572E6... <-- (registration successful !!!)
... Prompts the user to register successfully and other related information
Have you understood it? If not, let me tell you something. When the software is executed at 00451239, the CALL is set to 0045E02 for registration code judgment. Then, a jump statement will be provided, that is, if the user entered the correct registration code, it will jump to the 004572E6 place, jump here, even if the registration is successful. If the registration code entered by the user is incorrect, the user will not jump to 0045123D, but will continue to execute. Wait for it below, which is the registration failure part.
Do not mention the three stages of learning to crack:
Elementary: modify the program. Use ultraedit and other tools to modify the exe file. It is called brute-force cracking, or brute-force cracking.
Intermediate: gets the registration code of the software.
Advanced: Write the registration machine.
Let's talk about this brute-force cracking. The so-called brute-force cracking refers to modifying the source file of an executable file to achieve the corresponding goal. You don't understand? For example, if a shared software is used to compare the registration code entered by the user) if the calculated registration code is equal (that is, the user entered the correct registration code), it will jump to the place where the registration is successful, otherwise it will jump to the place where the error occurs.
Come on, let's see. We just need to find this jump command and change it to the "shape" we need. In this way, can we do what we want? (What do you want to do if a software has hands on your chest ?)
There are two common modification methods. I will give you an example:
No.1
In a software project, register as follows:
00451239 CALL 00405E02 (key CALL, used to determine whether the user entered the registration code is correct)
0045123D JZ 004572E6 (!!! <-- This is the key jump. If the user entered the correct registration code, it will jump to the successful place, that is, at 004572E6)
0045 XXXX YYYYYYYYYY
XXXXXXXX YYYYYYYYYY
XXXXXXXX YYYYYYYYYY
When XXXXXXXX is executed here, the user registration fails.
.. Prompt related information such as incorrect user registration code
...
004572E6... <-- (registration successful !!!)
... Prompts the user to register successfully and other related information
Have you understood it? If not, let me tell you something. When the software is executed at 00451239, the CALL is set to 0045E02 for registration code judgment. Then, a jump statement will be provided, that is, if the user entered the correct registration code, it will jump to the 004572E6 place, jump here, even if the registration is successful. If the registration code entered by the user is incorrect, the user will not jump to 0045123D, but will continue to execute. Wait for it below, which is the registration failure part.
Do not mention the three stages of learning to crack:
Elementary: modify the program. Use ultraedit and other tools to modify the exe file. It is called brute-force cracking, or brute-force cracking.
Intermediate: gets the registration code of the software.
Advanced: Write the registration machine.
Let's talk about this brute-force cracking. The so-called brute-force cracking refers to modifying the source file of an executable file to achieve the corresponding goal. You don't understand? For example, if a shared software is used to compare the registration code entered by the user) if the calculated registration code is equal (that is, the user entered the correct registration code), it will jump to the place where the registration is successful, otherwise it will jump to the place where the error occurs.
Come on, let's see. We just need to find this jump command and change it to the "shape" we need. In this way, can we do what we want? (What do you want to do if a software has hands on your chest ?)
There are two common modification methods. I will give you an example:
No.1
In a software project, register as follows:
00451239 CALL 00405E02 (key CALL, used to determine whether the user entered the registration code is correct)
0045123D JZ 004572E6 (!!! <-- This is the key jump. If the user entered the correct registration code, it will jump to the successful place, that is, at 004572E6)
0045 XXXX YYYYYYYYYY
XXXXXXXX YYYYYYYYYY
XXXXXXXX YYYYYYYYYY
When XXXXXXXX is executed here, the user registration fails.
.. Prompt related information such as incorrect user registration code
...
004572E6... <-- (registration successful !!!)
... Prompts the user to register successfully and other related information
Have you understood it? If not, let me tell you something. When the software is executed at 00451239, the CALL is set to 0045E02 for registration code judgment. Then, a jump statement will be provided, that is, if the user entered the correct registration code, it will jump to the 004572E6 place, jump here, even if the registration is successful. If the registration code entered by the user is incorrect, the user will not jump to 0045123D, but will continue to execute. Wait for it below, which is the registration failure part.
The following lists the two most common cases (refer to relevant tutorials ):
No.1
Mov eax [] can be an address or another register.
Mov edx [] is the same as above. This command can also be pop edx.
Call 00 ?????? Key call
Test eax
Jz (jnz) or jne (je) key jump
You can see, before the key CALL, the software will put the two registration codes into eax and edx respectively, you only need to place d eax or d edx at the CALL to see the correct registration code.
No. 2
Mov eax [] can be an address or another register.
Mov edx [] is the same as above. This command can also be pop edx.
Call 00 ?????? Key call
Jne (je) key jump
The above two situations are the most common, and we will not mention them here. In the next chapter, I will explain the relevant methods to you...
Here is the part about finding the software registration code. For more information, see the next chapter. (Didn't you say that? Why should I lose your bricks? )
Finally, let's talk about the last so-called advanced stage if you believe in yourself. And love Crack, then you will definitely survive this stage, but time varies from person to person.
In fact, there are a lot of skills in analyzing software algorithms. Well, at least I was confused at the very beginning. So many calls, each of which seems to be very important, are all pursued? As a result, many apis were chased. After you have carefully analyzed a software algorithm and written a register machine. You will understand the truth.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
