What method to use?

Hi everyone,

I am new to this cracking stuff and I have a couple programs that I want to crack. One has a 28 limit and the other has a 15 uses limit.

I have read some tutorials and I see that there are usualy several ways to crack a program with some being easier and some being harder. So I need to figure out which approach I should start with.

As I understand it there are basicaly 3 different general ways to crack a program.

#1. You can go fishing for a serial number in memory and enter it and you are registered.

#2. You can write a keygen so you can use it for future installations or installations on other computers.

#3. You can edit the code and recompile it so it skips the trial stuff and thinks that it isn't a trial and doesn't ask you for a install code or serial# or registration#.

#4. You can somehow eliminate the time or use restriction so you can use it forever without ever registering it. I don't know if this involves editing code and recompiling.

I would guess that #3 would be the most difficult and #4 would be the easiest. I would like to hear from everyone as to how to decide which approach to use and why. I would like to use the easiest method cuz I am a newbie and I am trying to teach myself this stuff. I just need a starting point.

Any help or advice anyone can give would be greatly appreciated. I think once I figure out how to do one it will be fairly easy for me to do others.

I do have some experience programming in assembly language but not much. I did some programming on the THR68HC11 simulator and running the code on the CPU. The assembly language I see in the tutorials is slighty different but it doesn't seem like it will be too dificult to understand. I see a lot of similarities.

I also did some small programs in C using Borland that ran in the command window so I have some experience with that as well.

Hi,
the first step you should take is to find out where and/or how the program saves number of uses. To find it out you can try filemon and regmon since it is most probable that it is saved in some file or registry. You are right that #4 should be easiest (in most of cases) but be careful - CRC can be hidden somewhere and it can be hard to find.
Also be careful with on thing, assembler used by motorola has some conventions inverse to intel - for example MOV BX,AX moves from AX to BX. Also you mentioned recompiling - that you can't do without sources - you can just patch the code.
To get some ideas, try to look at Krobar's site - here are loads of tutorials that should give you clue what to do.
Regards,
least

The above was solid advice, however if you're looking for an easier approach then read on:

Right, to start off with use the program for that limit, so if it has 15 uses, open and close the program 15 times, then open it for the 16th time, and note down what message box (if any) error you get. If it says something like "Your trial has expired" then you should use your debugger (I use Ollydbg) or dissasmbler, and set a breakpoint (if you're using a debugger) on that string reference, then when you land there, look above the 'bad-boy' string ("Your trial has expired" for example), and look for any conditional jumps and go from there (hopefully there will be a conditional jump very close by, that will jump away from the bad boy code if you turn it into a straight jump (EB)).
I'll write a more in-depth tutorial with an example program for you when I get chance.
Hope this helps.

P.S. - The website mentioned by least can be found below:
hxxp://krobars.reverse-engineering.info/

my first successful crack was using method #4, then few #1, then once #2

then i stopped for many reasons:
1- moved to windows 2000 and softwas was not compatible
2- more complicated protections
3- no enough time (with method #2, on a VB program it took me more than 10 hours for 1 serial)

Thanks guys for the good advice!

I decided to start with the program that has the 15 use limitation. I found the dll where the checks are made and I am currently trying to figure that out.

I am going to try to patch it so that it skips over the trial window and goes right to the program itself. Hopefully I won't screw it up so it doesn't work!

I am using IDA PRO and trying to figure out the syntax of the code which isn't very easy. Alot different than assembly for the motorola! The motorola was way way easier!

Can you give me the link to the program please? I'm having trouble finding a limited use program. Good luck with cracking it.

I have it on a CD. I got for free in a request through their website. I can send you a compressed file if you want. I have a cable modem that I connect with at 2 meg so no problem with speed if you have an IM program. The

I'm sorry but I don't have a link to it. I have no idea where you could download it from. I spent a long time looking for it on the net and gave up on it after serveral hours of searching. You can go request a copy for yourself and you can get your own CD in a couple weeks or so.

Here is the link to request a free copy:

hxxp://quickbooks.intuit.com/commerce/catalog/category.jhtml?priorityCode=0273400000&categoryId=cat0000000000004331582

I hope it works for you if thats what you decide to do.
Let me know what you want to do.

Later.

[JMI]

bartster:

It would be a good thing if you would take the time to read some of the many threads on these forum where it has been stated repeatedly not to post clickable links to software vendors. The issue is simple. When you post a clickable link, this website becomes the "referrer" listed in the webpage that is opened in your browser and the website host can check that "referrer" and have a direct link back here. Not a good plan. It is very easy toa void that issue. Always uncheck the "Automatically parse URLs" button and use "hxxp". "h**p", "wxw" or some such. Then when the user pastes the URL into THEIR browser and fixes the link, THEIR browser becomes the "referrer" rather than this website.
Please observe the rule.

Regards,

Sorry about that. I didn't know and I should have spent more time reading. I should have figured it out when I couldn't click on the links. First time in a forum that I'm not supposed to do that. Now that I know I can be sure not to do it again. I apologize for my mistake.

[JMI]

No apology necessary, but accepted nevertheless. Acknowledgment of the rule and commitment to follow it in the future is more than sufficient. It is simply a precautionary step to increase the chances of longevity of the board.

Regards,

Can you please compress it (preferably with WinRar (better compression then winzip)), and email it to merlin!accessroot.com, replacing the "!" with an "@" character, thankyou.

I compressed it and split it with winrar and put it into a self-extracting zip file. It's 260 pieces with each piece at about 1.5 meg. It's a total of about 358 meg so I don't think the email thing will work unless I send you 1 piece at a time and you have a lot of storage.

Using a free IM program would be much faster and easier than email for a large file like that. Especialy if you have a fast connection like me. I have all of the IM's if you want to do that. I use that way almost exclusively. Let me know how much storage you have for your email and if you want I can send you a few pieces at a time.

If you have any other ideas or suggestions I would be happy to hear them. I hope we can figure out some way to get it to you.