The Cracking Manual.txt

(86 KB) Pobierz

The Cracking Manual
�������������������������������������������������������������
Written By The Cyborg - April 3, 1992

Disclaimer
The author of this text shall hold no liability for special,
incidental, or consequential damages arising out of or
resulting from the use/misuse of the information in this
file.

The Cracking Manual

INTRODUCTION

Introduction
------------
Welcome to the wonderful world of cracking. What is
cracking? If you don't know and you're reading this, ask
yourself why? Anyway, cracking is the art of removing copy
protected coding from programs. Why do this? In recent
years, software companies have been fighting to keep copy
protection in their software to avoid their work to be
illegally copied. Users feel that such copy protection is
ridiculous in that it violate their own rights to make
backups of their sometimes expensive investments.
Whichever side you may favor, this manual will go into
some detail on removing copy protection from programs. If
you feel offended by this, then I would suggest you stop
here. Please note, I do not endorse cracking for the illegal
copying of software. Please take into consideration the hard
work and effort of many programmers to make the software.
Illegal copying would only increase prices on software for
all people. Use this manual with discretion as I place into
your trust and judgement with the following knowledge.

Page 1

The Cracking Manual

WHAT YOU WILL NEED

What You Will Need
------------------
Like all programming, cracking is the debugging stage of
software development. It is the most tedious and hectic part
of programming as you shall see. However, unlike software
development, you are given no source code, only the machine
level code commonly called machine language. Cracking
demands patience. No patience, no cracking.
Before we begin, you will need certain tools. These
include:

- A decent computer. By this, I mean at minimum a 286
computer with 2 or more megs of RAM. A 386 is the
ideal since it can load a debugger into usable memory.
- A source level debugger (eg. Turbo Debugger)
- A low level debugger (eg. DEBUG)
- An assembler system (eg. MASM, LINK, EXE2BIN)
- A hex dumping program (eg. Norton Utilities)

The source level debugger is what you will try to be using
most of the time. It provides many features that are a
convenience to the cracker, such as interrupt redirection.
Become comfortable with its features. However, in some
instances, the source level debugger may not be suitable for
cracking huge games since the debugger itself may take up too
much memory. In such a case, a low level debugger must be
used since their memory usage may be considered negligible.
This manual will focus on its use.
The assembler package will be used in the creation of
the famed loaders, which provide the cracker with dynamic
memory alterations without changing the original program.

Page 2

The Cracking Manual

CRASH COURSE IN ASSEMBLY LANGUAGE

Crash Course in Assembly Language
---------------------------------
If you are already well familiar with the assembly
language, you may wish to skip this section. Cracking
demands the knowledge of assembly language. If you wish to
become a "serious" cracker, you might like to read up more
about this fascinating language. This section will only give
you enough info for intermediate level cracking.
At this point, you should familiarize yourself with
DEBUG and its commands as we will be using them shortly.

Registers
---------
One of the neato things that you will be fooling around
most often with are called the registers. Registers are like
variables (such as in BASIC) that are located within the CPU
itself. These registers may hold a positive integer from 0
to 255 or from 0 to 65535. They can also hold negative
integers from -128 to 127 or from -32768 to 32767. The
registers are given names as follows:

AX => accumulator - this register is most commonly used
for mathematical or I/O operations
BX => base - this register is used commonly as a base or
a pointer register (we'll talk more about this
later)
CX => count - used commonly for counting instructions
such as loops
DX => displacement - much like the base register

The registers stated above are considered general purpose
registers, since they can basically be used to store whatever
the user wants. Let's try putting some number in these
registers. Type in "R {enter}". You should see a bunch of
info, of which are four of the above mentioned registers.
Now, type in "RAX {enter}". Then type in a number like
8FABh. Type in "R" again and noticed how the accumulator
(AX) has change its number.
These general purpose registers can also be "split" in
half into its higher and lower order components. Instead of
having one register AX, you can have two registers, AH and
AL. Note however that while you have a range of 0 to FFFFh
for AX, you will now have a range of 0 to FF for AH and AL.
You cannot change these directly in debug, but be aware that
programs will use it. If AX contains 0A4Ch, then AH will
contain 0Ah and AL will contain 4Ch.
The following are called the segment registers:

CS => code segment - the block of memory where the code
(instructions are located)
DS => data segment - the block of memory where data can
be accessed. In block move operations in which

Page 3

The Cracking Manual

huge blocks of memory are moved, this is commonly
the segment in which the CPU reads from.
ES => extra segment - also another data segment. In
block move operations in which huge blocks of
memory are moved, this is commonly the segment in
which the CPU writes to.
SS => stack segment - this is the block of memory in
which the CPU uses to store return addresses from
subroutines. (more on this later)

In introductory level of cracking, we don't mess around with
these registers. Later, we will see how we can use these to
trick a program into thinking other things, but that's later.
You can also change these registers in debug. Type in "RCS
{enter}". Then enter "0 {enter}" and notice how the CS
register changed.
There are other registers that we use to see what the
program is doing. These registers can also be change in
debug. Included are the following:

SI => source index - this register is used in
conjunction with block move instructions. This is
a pointer within a segment (usually DS) that is
read from by the CPU.
DI => destination index - this register is also used in
conjunction with block move instructions. This is
a pointer within a segment (usually ES) that is
written to by the CPU.
BP => base pointer - a pointer used commonly with the
stack segment
SP => stack pointer - another pointer used commonly with
the stack segment (this one, you don't touch)

By now, you may probably be confused about this
segment/pointer bit. Here is an analogy that my straighten
things out.
Pretend you are in kindergarden learning to read. There
are four black boards surrounding the room. These black
boards are like SEGMENTS. Let's pretend the front blackboard
is the code segment (CS). The teacher has written some
instructions on pronunciation rules. This is what the
students refer to when they try to pronounce words. In a
program, this is what the CPU refers to when it follows
directions.
Okay, now the teacher has gone to the blackboard on the
left of the classroom. We will call this board the data
segment (DS). The teacher has also written a set of words on
the board. Then she uses a wooden stick or a POINTER to
point to a word. Let's pretend this stick is the source
...

The Cracking Manual.txt

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: