Its been some time since I have written a reverse engineering tutorial, & I thought it would be good to cover one at the dead of night :) What I am going to teach you today, is a simple reverse engineering tutorial.We will be cracking A-one Video to Audio convertor today, with just simple cracking. You can also give a read to a step by step guide to crack Winrar to have an insight into reverse engineering & decompiling, however this one is completely different & requires little to no programming & ASM knowledge.
Disclaimer – By Reading this tutorial You agree that this tutorial is intended for educational purposes only and the author can not be held liable for any kind of damages done whatsoever to your machine, or damages caused by some other,creative application of this tutorial.
In any case you disagree with the above statement,stop here.
Requirements
- A-one Video to Audio convertor (Download from yaomingsoft.com)
- OllyDBG
- Time & Patience
Download & install A-one Video to Audio convertor. Now as you can see, its a trial version & once you try to register it, it gives an error <obviously>, & we need to find ways against it.
Now, to being with, fire up OllyDBG & load the A-one Video to Audio convertor EXE file in it.
Now, right click on
CPU window -> Search for -> All Referenced Text Strings
& in Text string window, right click -> paste the "Registration code is error" string (which pops when you input wrong serial) After you find it, double click it & navigate to the memory address.
Now, once you have reached the intended memory address, you can navigate a bit up to see the "register successful" string.
Navigating a bit above will get a simple logic which calls a specific function, & then the function returns a result which is compared to EAX
CMP EAX,1
& then jumps to 407A0F
JNZ SHORT 00407A0F
which is the "register failed" condition.
The whole scenario means that if value of EAX is anything less than or grater than one, the program will be a trial version & will not accept any invalid serial key.
Now, you can put a break point above the function call by pressing F2 & run the program, & enter the serial, the program will break & we can then navigate inside the function by pressing F7
You will get into function code. Add the breakpoint there by pressing F2 & restart the program again by pressing Ctrl + F9
Run it again & you will find that it will break it at 00406B40 (where you put the last breakpoint)
now, we will execute code step by step by pressing F8, once we go a bit down, we find
JNZ Video2Au.00406C4A
which jumps below to
POP EDI
& further we find that the value of EAX is XORed to 0.
so in order to insert a precise value into EAX, we will modify by double clicking
XOR EAX,EAX
& changing it to
MOV AL,1
which will set the accumulator's value to 1 because
EAX - 32 Bit reg <extended>
AX - 16 Bit reg pair
AH / AL - 8 Bit regs
where AL will represent the lower value, & setting it to one will set the accumulator to a precise value of 1, hence setting value of EAX to 1,which will lead to program being registered :)
now once you have done it, right click the code,
copy to executable-> selection.
In the coming window, right click again, save the file & you have a cracked working version of the software, paste it in program files directory & insert any serial.
it will work :D
I hope you liked it :)
like this post ? you can buy me a beer :)
Hey, that's a great tutorial right there mate.
ReplyDeleteCan we follow the same for A-one video convertor only..applying the same logic..?
ReplyDeleteso nicely explained .. great work .. i have seen some videos in u tube ... thankz rishabh
ReplyDeleteHi Risshabd My name is james i am from santo domingo and living in Italy. i.m trying to learn to
ReplyDeletedisassemble (wannabee) and your essay about winrar was very intresting. and very good.
here is my E-mail jamespott@hotmail.com i would to have some more tips on reversE
truly your
james