CRACKING PROGRAMS
Kwanini utumie Trial au limited Program? Uwezo unao shida ya nini Darasa hili hapa pita nayo hii na share na wewe njia nzuri na halali ya kucrack Program zako na kuwa Unlimited
Software Security and Reverse Engineering
What is reverse engineering?
Today the market of software is covered by an incredible number of protected
applications, which don't allow you to use all features of programs if you
aren't a registered user of these. Reverse engineering is simply the art of removing
protection from programs also known as “cracking”.
In Some other words cracking is described as follows: - “When you create a program
you engineer it, in fact you build the executable from the source-code. The reverse
engineering is simply the art of generate a source-code from an executable. Reverse
engineering is used to understand how a program does an action, to bypass protection etc.
Usually it's not necessary to disassemble all code of the application not only the part of
the application that we are interested must be reversed. Reverse engineering used by a
cracker to understand the protection scheme and to break it, so it's a very important thing
in the whole world of the crack.”
In short: - "Reverse Engineering referred to a way to modify a program such that it
behaves as the way a reverse engineer wish."
“Cracking is a method of making a software program function other than it was
Originally intended by means of investigating the code, and, if necessary, patching It.”
A Little bit of history
Reveres egg. Most probably start with the DOS based computer games. The aim is that a
player has full life and armed in the final stage of the game. So what a reverse egg. Do is
just find the memory location where the life and number of weapons are store and then
modify this values. They used memory-cheating tools such as game hack etc. So that they
have full life and armed in the last stage of the program. But in today’s world with the
advent of the shareware concept more and more software author releases the shareware
versions. Hence with this reverse engineering become more tedious, more complex, and
trickier.
Today to protect the software a programmer use various kind of technique, some of them
are old, bad repetitive techniques but some are new. We will discuss them in next section.
Various Protection schemas
Following are the most commonly used schemas
1) Hard coded serial
2) Serial number, name protection
3) Nag screen
4) Time trial
5) Dongle (hardware protection)
6) Commercial protection
7) Other (cd rom check, keyfiles, disabled function etc.)
Let’s study this in detail
1) Hard coded serial: -This is the simple protection as compared to other. In this kind of
protection we have to enter only a serial number and this serial number is same for all
users. Serial numbers entered are compared to the original serial through an algorithm
and if a user entered correct serial then the software registered.
2) Serial number - name protection:-In this kind of protection we have to enter a name
and a serial number. Then our serial no is compared with the original serial, no which is
derived from our name using some algorithm. This protection is some time easy and
some times hard, based on the algorithm a programmer use. Example of this type
protection is most widely used software "WinZip."
3) Nag screen :-In this kind of protection a screen come each time a user start the
application, to remained such that how many days are left or your software are
unregistered or any other message. This is a littlie hard to remove. And most of the
newcomers found it difficult as a new programmer to understand pointers (i.e. –WinZip).
But if a reverse has enough knowledge of windows API then he can easily remove the
nag screen.
4) Time Trial: - According to +ORC This kind of protection has any of following
protection or combination of following protection schema: -
a) To a predetermined amount of days, say 30 days, starting with the first day of
installation. This is referred as "CINDERELLA protection".
b) To a predetermined period of time (ending at a specific fixed date)
independently from the start date... 'BEST_BEFORE a given date' protection.
c) To a predetermined amount of minutes and/or seconds each time you fire
them... 'COUNTDOWN' TIME PROTECTIONS' example of this kind of
programs are some games and audio video player which allows an unregistered
user to play game for some amount of time say 5 minutes etc.
d) To a predetermined amount of 'times' you use them, say 30 times. Strictly
speaking these protections are not 'time' dependent. But they depend only on thing
"HOW MANY TIMES YOU EXICUTE THEM"
5) Dongle Protection: - this kind of protection is supposed to be toughest protection to
crack. This protection is consisting of an EPROM, which was connected with a port on
computer. The program which is protected by this is first cheeks the presence of this and
then cheeks that the program is registered or not all though it implementation is too hard
and hence this kind of protection is not very widely used. This is used in Big Protected
shareware’s. This protection is used by a I/O LPT port (hardware) You will need the
registration Card attached To your PC's parallel port Or other in order to make The
program fully work, otherwise it will be Expired after xxDays / xxUses /rippled or it
won’t work at all. Dongles such as: HASP / Sentinel are most commonly used. Dongles
uses DLLs/VxD to check the "is registered"
Dongle API is also used for some checks.
Example of programs, which uses this kind of protection, included some version of CAD
etc.
6) Commercial protection: - Most of the software programmer don’t want to spend
there precious time in deciding which kind of protection they used to protect there
software. Because they think that instead of the spending there time on designing the
security algorithm of there programs, why not they spend time to improving the
functionality of there program??? And here comes the concept of commercial protection.
Today some software company’s designs only security algorithm for various software.
Also they provide general software, which converts fully functional software in to
unregistered version and after paying the registration.
This software gets converted back in to the fully functional registered software after
entering the registration details. some of the companies which uses commercial
protection for there software are macromedia, Symantec etc and some companies which
provides this type of protection are preview systems (vbox protection) etc..
Although this kind of protection has high security because they are professionally
designed but they also have some disadvantages. One major disadvantage is that "if a
person cracks only one program which is protected using this protection, then he has
cracked the entire program which uses this kind of protection!!!!".
For example if a cracker has cracked the flash mx (which is protected by vbox) then he
was able to crack easily all the macromedia software such as dream waver mx etc.,
because all these programs are based on only one kind of protection!
And in the real world there is no protection, which is still uncracked.
7) Other protections: - There are many other techniques which are used to protect
software. These are generally used in computer games. Such as cd rom protection,
disabled function etc. I think most of computer user are familiar with this protection and
already seen this kind of protection. For example: - If a user doesn’t have cd for a
particular game then he cannot be able to play the game directly from hard disk. Because
when one runs the program then the program checks for the cdrom.
Also some protection schemes have disabled functions such as you cannot save your
work or you cannot use any particular function etc.
So I hope now you understand all the protection schemas, which used to protect software.
Ok let’s study how reverse engineering is done. The first thing to keep in mind that
cracker always works with the disassembly and they are familiar with the windows API.
Now all of us computer user knows that computer only understands binary nothing else.
So first we create a program and then compile it now what compiler does is check for
syntax, any error and then he generate the .obj file. As in high level language some
function are prewritten which are stored in library file hence after this we used linker
which links the programs with the library file and then after linking we get an exe file
hence exe file we use is nothing but the collection of instruction in binary formats.
Now to reverse engineer there are different tools available.
What is reverse engineering?
Today the market of software is covered by an incredible number of protected
applications, which don't allow you to use all features of programs if you
aren't a registered user of these. Reverse engineering is simply the art of removing
protection from programs also known as “cracking”.
In Some other words cracking is described as follows: - “When you create a program
you engineer it, in fact you build the executable from the source-code. The reverse
engineering is simply the art of generate a source-code from an executable. Reverse
engineering is used to understand how a program does an action, to bypass protection etc.
Usually it's not necessary to disassemble all code of the application not only the part of
the application that we are interested must be reversed. Reverse engineering used by a
cracker to understand the protection scheme and to break it, so it's a very important thing
in the whole world of the crack.”
In short: - "Reverse Engineering referred to a way to modify a program such that it
behaves as the way a reverse engineer wish."
“Cracking is a method of making a software program function other than it was
Originally intended by means of investigating the code, and, if necessary, patching It.”
A Little bit of history
Reveres egg. Most probably start with the DOS based computer games. The aim is that a
player has full life and armed in the final stage of the game. So what a reverse egg. Do is
just find the memory location where the life and number of weapons are store and then
modify this values. They used memory-cheating tools such as game hack etc. So that they
have full life and armed in the last stage of the program. But in today’s world with the
advent of the shareware concept more and more software author releases the shareware
versions. Hence with this reverse engineering become more tedious, more complex, and
trickier.
Today to protect the software a programmer use various kind of technique, some of them
are old, bad repetitive techniques but some are new. We will discuss them in next section.
Various Protection schemas
Following are the most commonly used schemas
1) Hard coded serial
2) Serial number, name protection
3) Nag screen
4) Time trial
5) Dongle (hardware protection)
6) Commercial protection
7) Other (cd rom check, keyfiles, disabled function etc.)
Let’s study this in detail
1) Hard coded serial: -This is the simple protection as compared to other. In this kind of
protection we have to enter only a serial number and this serial number is same for all
users. Serial numbers entered are compared to the original serial through an algorithm
and if a user entered correct serial then the software registered.
2) Serial number - name protection:-In this kind of protection we have to enter a name
and a serial number. Then our serial no is compared with the original serial, no which is
derived from our name using some algorithm. This protection is some time easy and
some times hard, based on the algorithm a programmer use. Example of this type
protection is most widely used software "WinZip."
3) Nag screen :-In this kind of protection a screen come each time a user start the
application, to remained such that how many days are left or your software are
unregistered or any other message. This is a littlie hard to remove. And most of the
newcomers found it difficult as a new programmer to understand pointers (i.e. –WinZip).
But if a reverse has enough knowledge of windows API then he can easily remove the
nag screen.
4) Time Trial: - According to +ORC This kind of protection has any of following
protection or combination of following protection schema: -
a) To a predetermined amount of days, say 30 days, starting with the first day of
installation. This is referred as "CINDERELLA protection".
b) To a predetermined period of time (ending at a specific fixed date)
independently from the start date... 'BEST_BEFORE a given date' protection.
c) To a predetermined amount of minutes and/or seconds each time you fire
them... 'COUNTDOWN' TIME PROTECTIONS' example of this kind of
programs are some games and audio video player which allows an unregistered
user to play game for some amount of time say 5 minutes etc.
d) To a predetermined amount of 'times' you use them, say 30 times. Strictly
speaking these protections are not 'time' dependent. But they depend only on thing
"HOW MANY TIMES YOU EXICUTE THEM"
5) Dongle Protection: - this kind of protection is supposed to be toughest protection to
crack. This protection is consisting of an EPROM, which was connected with a port on
computer. The program which is protected by this is first cheeks the presence of this and
then cheeks that the program is registered or not all though it implementation is too hard
and hence this kind of protection is not very widely used. This is used in Big Protected
shareware’s. This protection is used by a I/O LPT port (hardware) You will need the
registration Card attached To your PC's parallel port Or other in order to make The
program fully work, otherwise it will be Expired after xxDays / xxUses /rippled or it
won’t work at all. Dongles such as: HASP / Sentinel are most commonly used. Dongles
uses DLLs/VxD to check the "is registered"
Dongle API is also used for some checks.
Example of programs, which uses this kind of protection, included some version of CAD
etc.
6) Commercial protection: - Most of the software programmer don’t want to spend
there precious time in deciding which kind of protection they used to protect there
software. Because they think that instead of the spending there time on designing the
security algorithm of there programs, why not they spend time to improving the
functionality of there program??? And here comes the concept of commercial protection.
Today some software company’s designs only security algorithm for various software.
Also they provide general software, which converts fully functional software in to
unregistered version and after paying the registration.
This software gets converted back in to the fully functional registered software after
entering the registration details. some of the companies which uses commercial
protection for there software are macromedia, Symantec etc and some companies which
provides this type of protection are preview systems (vbox protection) etc..
Although this kind of protection has high security because they are professionally
designed but they also have some disadvantages. One major disadvantage is that "if a
person cracks only one program which is protected using this protection, then he has
cracked the entire program which uses this kind of protection!!!!".
For example if a cracker has cracked the flash mx (which is protected by vbox) then he
was able to crack easily all the macromedia software such as dream waver mx etc.,
because all these programs are based on only one kind of protection!
And in the real world there is no protection, which is still uncracked.
7) Other protections: - There are many other techniques which are used to protect
software. These are generally used in computer games. Such as cd rom protection,
disabled function etc. I think most of computer user are familiar with this protection and
already seen this kind of protection. For example: - If a user doesn’t have cd for a
particular game then he cannot be able to play the game directly from hard disk. Because
when one runs the program then the program checks for the cdrom.
Also some protection schemes have disabled functions such as you cannot save your
work or you cannot use any particular function etc.
So I hope now you understand all the protection schemas, which used to protect software.
Ok let’s study how reverse engineering is done. The first thing to keep in mind that
cracker always works with the disassembly and they are familiar with the windows API.
Now all of us computer user knows that computer only understands binary nothing else.
So first we create a program and then compile it now what compiler does is check for
syntax, any error and then he generate the .obj file. As in high level language some
function are prewritten which are stored in library file hence after this we used linker
which links the programs with the library file and then after linking we get an exe file
hence exe file we use is nothing but the collection of instruction in binary formats.
Now to reverse engineer there are different tools available.
Comments
Post a Comment
solate forever