Home > Articles > Security > Software Security

  • Print
  • + Share This
From the author of

Cracking

The art of cracking could fill a book by itself. In short, this is the process of debugging a program, with one small twist on the concept of debugging. Instead of targeting errors in a program, crackers target the key points in a program that perform security and anti-piracy checks. This is done using programs such as IDA Pro, Hex editors, and Softice to systemically work through a program and follow each execution thread to its end. By using cracking tools and knowing how to hook into a program, a good debugger can produce a crack for a program in a few hours. This type of activity is so productive that almost EVERY software title available for purchase (or download) has a corresponding crack that disables any anti-piracy protection.

For example, Warcraft 3, which hit the shelves this summer, can be downloaded in its full form from various sites online. Included in the unpacked files is a folder labeled "Razor1911" (another warez group). This folder includes two programs written by crackers that are used to bypass the piracy checks of the game. The first is a key-generator program that creates random serial numbers that are needed by the Warcraft 3 game to validate the installation software. In addition to this little program, the main executable files of Warcraft 3 have replacement files that were altered to allow Warcraft 3 to run without an original CD.

Needless to say, software developers are aware of these cracks, and are constantly searching for ways to stop crackers from subverting their protection schemes. Due to this vigilance, the warez groups need dedicated and smart crackers who are willing to debug software and find the loopholes in the software needed to bypass the latest protections. In addition, these same crackers need to be able to understand Assembler language and to re-create algorithm-type functions to create serial generators such as the one used with Warcraft.

Like the call for help for PARADiGM provided, the following is an example of a shout out for assistance from another major warez group, ORIGIN.

"We are also currently looking for several PROVEN crackers and trainer makers to join the team. Can you do SAFEDISC/C-DILLA or SECUROM or VOB protections? What about quality menu driven trainers? Contact us NOW! Use the contact information below."

Safedisc/C-Dilla, SecureROM, and VOB are all protection methods used by software distributors to stop people from making illegal copies of their CDs. If a CD is copied, and one of these methods of protection is used on the CD, the copy won't be accepted by the game as a legitimate copy. Using proprietary methods for hiding data in subchannels or disguising the data in other ways, CD protection schemes attempt to thwart would-be pirates from making copies.

Unfortunately, each of these methods leaves its signature behind on the CD, which makes detecting it rather easy. For example, Safedisc/C-Dilla can be quickly spotted because the CD will typically contain a file named "00000001.TMP".

Ironically, many of these disks can still be copied by just using the right CD-creation software. There are even "backup" programs available that will allow a person to copy their CD as a single file and then mount the file as a fake CD-ROM. For example, Daemontools.com provides one such program that is fully legal as a CD backup tool, but also can be abused to bypass all of the major protection schemes.

  • + Share This
  • 🔖 Save To Your Account