Web
: http://mxb.cjb.net
Contact Me : [email protected] or [email protected]
Basic Knowledge
What is cracking
- Cracking can be said as an art of understanding and changing
the working of a program.Usualy it can be said as debugging.But cracking is
much more
than debuging.One of the main problem in cracking is that the program does not
contain
source code information in it and we must work in plain assembly.
What is Patching - Patching is changing the assembly code inside a program.
This can be done using a hex editor.
Why we are using hex values - Answer is simple : Working with binary
values is very
boring and also time consuming job.Hex values are used to make our work simple.
So you should have some basic knowledge about hex numbers.
How to patch a program - First of all the Windows [Operating System]
loads the program
in to memory of PC from the address 0x00400000.Entry point depends on the program
and
can be found out using Win32DASM or SICE loader.Now each instruction has its
own hex
code.Suppose we want to change a 2 byte instruction in to 1 byte instruction.If
we
leave second byte as such and change first byte alone,then we will not get desired
result,so in order to compensate we must disable second byte using a NOP instruction,
which is also a 1 byte instruction.Edit file using a hex editor and go to desired
offset and change hex values.
Now how to find offset - In order to patch we must find exact place inside
the file
from where the code is loaded in to memory.This can be done in two ways.First
one is
using Win32DASM and another way is searching hex string in the file.
What is Offset - Suppose we consider a long string.For example :
ASDWEREWR....
Here the starting letter is 'A' then 'S' then 'D' etc.Offset can be said as
a measure
of position of an element from the starting point.Offset of 'A' is 0 that of
'S' is 1
and offset of 'D' is 2 etc.If we open a EXE file with a hex editor we can see
a bunch
of hex values.Suppose we take in byte format.Consider a string :
AB 12 C4 FE E5 ...
All are in hex format.'AB' is a 8 bit or 1 byte binary.So offset of 'AB' is
0,that of
'FE' is 3 etc.
CRC Cyclic Redundancy Check - This is used to test virginity of a file.To
see if any
body have done something with file like editing etc..To find the CRC the file
is
considered as a long string and it is passed through a algorithm to give a fixed
value.
If any body updates the file the CRC derived from that file will be different
from
original.