Regristration skip
Results 1 to 5 of 5

Thread: Regristration skip

  1. #1
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,542

    Regristration skip

    Recent demand (s0nIc, JP, Smirc) for good posts have made me post this... however I'm not saying that this is a good post... perhaps it's bad.

    The information I'm going to provide is how crackers can make let your prog think that they did registered and payed while they did not. I'm only explaining a principle, I hope you ppl are smart enough to use it appropriate.

    I'm not sure about the solution for this cause I'm not good in programming, but the way to crack is not so difficult. However feel free to comment or adjust it.

    crack software:

    many software apps that you can download as shareware look for a certain value (registered or not) and then jump to a certain routine / part in the program.

    The program will make you jump to a regristrationfield when you are not registered. This means it needs to compare a certain value and then do some action (jump). That can be the weak part of the software registration. An example in asm:

    # cmp ax, rkey
    # jne registrationfield

    This means that it compares with 'rkey' and if it is not similar it will jump to registrationfield. If we can change the jne to je then it will do the opposite thing. Jump to registrationfield if you are registered. So that way we will not need to register. While 'jne' is jump if not the same, 'je' is jump if it's the same.

    If you want to do this with a real program you will need to search for things that look interesting since asm progs are not easy (IMHO) and relative big. Therefor execute the prog and look what it says when you input a wrong key. Note that down. Then close the prog and open your dissasembler. Search for the thing you found earlier. This will get you to the part were the 'cmp' and 'jne' happens.
    (for instance search on 'invalid key', 'unregistered user', 'wrong key' etc...)

    You will find a line that jumps to a certain adress in the prog. This is were we do not want to jump to. Therefor you need to change the line after the 'cmp', that says 'jne' to 'je'

    This can be done with the hexeditor.
    first we need to get the offset code in order to know the position of the jne we want to change. If you use win32 Disassembler standing on the line will show the offset code.
    When you have that you can open hexworkshop and go to the position we mentioned. You can see the offsetcodes on the left side. Scroll to that offset code. Then go to the right to the hex code you need. Probably something with 75 or 85 in. You will need to change that in 74 or 84 in order to change the 'jne' in 'je'. Now close your disassembler and save the modified file, make sure you made backups before, in case you screw up.

    Now you can restart the prog, and it will skip the registration field.



    # disclaimer -> I'm not encouraging to do illegal things.
    hmm and perhaps this was all general knowledge...?

  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    310
    This is...general knowledge in the cracking scene. I've read tutorials saying exactly this...well kinda..but in much more detail. Good on you for ... thinking of the 'idea'.
    script language=\"M$cript\";
    function beginError(bsod) {
    return true; }
    onLoad.windows = beginError;

  3. #3
    Banned
    Join Date
    Sep 2001
    Posts
    522
    Good post, now to find a way to prevent this, lol.....

  4. #4
    Senior Member
    Join Date
    Sep 2001
    Posts
    310
    Good post, now to find a way to prevent this, lol.....
    i don't think there is a way to prevent this. As long as you can decompile a program, you can see where it looks/checks the registration field and BAM! Cracked...
    script language=\"M$cript\";
    function beginError(bsod) {
    return true; }
    onLoad.windows = beginError;

  5. #5
    Senior Member
    Join Date
    Aug 2001
    Posts
    110
    That's a classic technique of cracking but it's still effective.

    Dome - there is no way to prevent it. morfius is right.
    Listen closely to your enemies. They tell you your faults.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •