Documente Academic
Documente Profesional
Documente Cultură
Introduction
There are many kinds of cracks, but most of them involve a change to
part of the code of the app. This is indicated by the cracker explaining
the part of the code that has to be modified and the required
modifications to the original hexadecimal chain to crack the app.
Prev.
Let's Go
We are going to apply the three explained steps to a real application:
Acquisition 112.3, an app developed from a stolen code.
/Acquisition.app/Contents/MacOS/Acquisition
md5: feb943956a60081aad0214e39a508794
7c 08 02 a6 bd a1 ff b4 42 9f 00 05
->
38 60 00 01 4e 80 00 20 42 9f 00 05
7c 08 02 a6 bd a1 ff b4 42 9f 00 05
->
38 60 00 01 4e 80 00 20 42 9f 00 05
48 02 3d 91
->
38 60 00 01
48 02 16 d9
->
38 60 00 01
48 01 fa cd
->
38 60 00 01
7c 08 02 a6 bd a1 ff b4 42 9f 00 05
->
38 60 00 01 4e 80 00 20 42 9f 00 05
md5: 614751bb63336d2a8a47b5cf68fb03c1
First of all, get a copy of Acquisition 112.3, and then:
◦
◦ Drag and drop the Acquisition main executable on the Terminal
window:
◦
◦ Hit Enter. Terminal will find out the MD5 value:
◦
14. Cool! The MD5 matches the one listed by the cracker. Acquisition
developer David Watanabe hasn't had the time to update
Acquisition yet. You can crack it!
◦ Using Resorcerer
◦ You're going to crack the same app but this time using
Resorcerer. Of course, you'll need a new (untouched) copy
of Acquisition 112.3.
◦
◦ The first thing you have to do is to delete all the blank spaces
in the original chains of hex values and the new chains of
hex values the cracker wrote (if he/she did it), because
Resorcerer does not accept the blank spaces. After that,
you'll have these instructions: Acquisition 112.3 [k]
◦
◦ /Acquisition.app/Contents/MacOS/Acquisition
◦
◦ md5:feb943956a60081aad0214e39a508794
◦
◦ 7c0802a6bda1ffb4429f0005
◦ ->
◦ 386000014e800020429f0005
◦
◦ 7c0802a6bda1ffb4429f0005
◦ ->
◦ 386000014e800020429f0005
◦
◦ 48023d91
◦ ->
◦ 38600001
◦
◦ 480216d9
◦ ->
◦ 38600001
◦
◦ 4801facd
◦ ->
◦ 38600001
◦
◦ 7c0802a6bda1ffb4429f0005
◦ ->
◦ 386000014e800020429f0005
◦
◦ md5:614751bb63336d2a8a47b5cf68fb03c1
◦
We'renot going to repeat the MD5 checking procedure again.
We'll skip that step now, but you should always check it to
avoid wasting your time trying to apply a crack to the
wrong file.
Launch Resorcerer, choose File/Open... and browse to
find the Acquisition main executable, as indicated by
the cracker (Acquisition/Contents/MacOS/Acquisition):
Click Open. You'll see this window.
Select the "<Data Fork>" line and click the Open button.
A new window will appear.
In the new window, click the grey triangle in the upper
left corner, just to the left of the "Insertion Offset: 0"
text.
You'll now see the "Find", "Replace with" and
"Replace & Find" boxes, and the "Go to Offset" box.
The "Hex" checkbox in the upper left corner should
be checked; if not, check it now.
You should check now the new MD5 to find out if you
have applied all changes in the right way (see the
"how to" above).
Some developers just ban the fake numbers in a way that's very easy
to hack. They include a list of banned numbers inside the application
code. But, because they do not encrypt these banned numbers, you
can simply change a single letter or number in the banned registration
and then register the app using the banned number!
To make this type of change you can use the app of your choice. Just
check the "ASCII" matching button if you use HexEdit or uncheck the
"Hex" checkbox if you use Resorcerer. Then simply search for find the
banned username, e-mail or number and replace it with something
else the same length.
We'll check this using HexEdit only, but it is the same if you use
Resorcerer (just uncheck the "Hex" checkbox).
This registration data was published in Serial Box for ImageBuddy 1.6:
Name: PHREKBBS
Code: 5123-9826-3615-9834
The developer banned that registration, but he didn't encrypt the
banned registration so it's very easy to find:
19.
20. You can replace the PHREKBBS name changing any character of
the name, or you can simply write another name with the same
number of characters. For example you can write KCN-CREW in
the "Replace with" box and then click the "Replace" button. You'll
see this:
21.
22.
23. Now the banned name is KCN-CREW while PHREKBBS is free
again.
24. Close the search window, save changes and quit HexEdit. Now
you can launch the modified app and register it using again:
25. Name: PHREKBBS
26. Code: 5123-9826-3615-9834
27.
Prev.