I searched the forum and checked the rules, everything seemed ok so Im posting this.
I cracked a few programs, WinRAR was one i did in about 3min.
Zen cracking @ its best, i just found the call by luck!
Anyway, i wrote this tutorial to inspire new crackers like GoldenDragon inspired me
The Kit I uploaded (under Files) contains all the files to do this offline.
It has the tools, tutorial, target and a few gfx etc.
=========/ Tutorial $tart >
...:: WinRAR v3.x cr4cking Tutorial (tested upto WinRAR v3.70) ::...
-={ Target - WinRar v3.70 }=-
-={ Cracker }=- @be*! (aka NoWares)
-={ Tools used }=- W32Dasm / Patch Creator (CodeFusion & ResourceHacker)
-={ Date }=- 3rd - July - 2007
Files:
rarlab.com/rar/wrar370.exe
uploading.com/files/IZOOGVQZ/WinRar_Cracking_Kit.rar.html
...:: Intro ::...
Since winrar has updated twice, I will call this version 2 of the tutorial.
I will expand a little on modding the default installer.
...:: $tart ::...
Open up WinRAR.exe in W32Dasm (I use W32Dism, patched with extra features)
and search the 'str ref's' for anything that looks suspicious.....
I found 'evaluation copy' first, but there are loads of references that lead to the same cmp
cmp byte ptr [004b2124], 00
'rarreg.key'
'rarkey'
'Registered to'
'Evaluation copy'
'Correct registration'
'Thank you for your support' etc etc..
The fist thing I did was patch the 'Evaluation Copy' value in hex
from 803D24214B0000
to 803D24214B0001.......
The 01 on the end is the variable for the compare,
So changing this will make the compare using the wrong condition.
It worked but still says '40 Day Trial Copy' in the about box. There must be more cmp's
So I decided to search for the compare in W32Dasm instead of a reference (cmp byte ptr [004b2124], 00)
There were loads,....... Why have the same compare for every one of the above??
They all seem related to the registration process.
So, maybe if I patch the whole lot it may make a difference.
...:: $earch the file ::...
Open up your favourite Patch creator, I use CodeFusion v3.0
The first page can be filled how you want, don't forget to 'Edit About Dialog'.
Then......
...:: Patching ::...
Click the + & add WinRAR.exe
Click the + & Enter the info....
Find - 803D24214B0000
Replace - 803D24214B0001
Make sure you select 'Replace All' from the dropdown box.
And click OK.
Run the patch on WinRAR.exe
It works*!
All references to the trial are removed & all features are enabled
Some times it pays to look for similar calls to different references.
...:: Cleaning up ::...
Now, if you want to remove the CodeFusion credits from your patch....
Before compiling the patch, Turn OFF
'Encrypt Executable Data' &
'Pack Executable File'
or the data your looking for will be scrambled & dangerous to change.
Make the patch.
Open WinRAR.exe in a hex editor & search for...
-={ CodeFusion Runtime }=-
And replace, I use (same length)....
-={ Patch Presented By }=-
Then I used ResourceHacker to replace the icons & edit the text.
I use ResourceHacker ALOT. It's good when used with CodeFusion.
You can add extra pictures, move the boxes around, chaange box names etc, etc.
Finaly, pack the finished Patch with a compression program. (Upx, AsPack, ARMProtector etc)
You should experiment with ResourceHacker it's a great reversing program and has more uses than you may think.
...:: Changing the name in 'About' box ::...
I wanted to add my name in the about box, but couldnt find it in the .exe so I tried other options..........
I used FileMon to see if it checked for a keyfile by setting 'key' to highlight.
It showed 15 results pointing to 'rarreg.key'
So I decided to put some text in the file it's checking.....
Make a file called 'rarreg.txt'
First I just entered...
I win
Cracked by Abe+!
And changed it to 'rarreg.key'
But in the about box, it still said.....
Registered to
Cracked by Abe+!
So now I know the 'Registered to' will stay there, I have to add that first.........
Registered to
Å߀±!_Ð_©mñí
¤ Tëàm -> DTA ¤
It works, time to roll a fat one*!
Well thats it. I have included all the programs needed to complete the tutorial.
I have used this method on the past four versions of WinRAR. And if it's like WinZip, following versions
will probaly use the same method. (same idea, different addresses)
..:: Make It A Corporate Edition (no serial needed & extra programs) ::...
Copy the cracked WinRAR folder to a new location.
You can now add programs here, but you will need to make reg file changes manually.
Also add any files and folders you added to Uninstall.lst or they wont get deleted when uninstalling.
Highlight all the files in the new folder (not the folder its self or it will cause errors due to an extra folder in program files/winrar/*your folder*)
Add them to an archive and set these options...
Compression = Best
Create SFX archive
Put recovery record (i always set recover to 3% in advanced tab)
Lock archive
Click the advanced tab then SFX options.
All these options are listed below - took me fukin ages to figure this out, so I wont go into too much detail. Just be carefull with the shortcuts.
To call the installer use...
Setup=uninstall.exe /setup
Dont worry about the icons etc, thats next.
Lets Mod the WinRar Installer
open Resource Hacker and load winrar.
Click action and change bitmap then icons. I usually use the icons from the original winrar.exe as people trust them (I mimic the whole installer page really
Then click 'STARTDLG' in the left panel. In there you can drag and drop the installers window contents. Right click to edit or add an item.
To save any changes there you will need to click 'compile script' then save th file (save to a new file again because it freezes sometimes)
Thats about it, roll another fattie
=========/ Tutorial 3nd <
...:: Cracked By ::...
@be+! aka NoWares -=- No:WaRe$* Crew
Comments Please?
P.S. If you like the software, buy it. I did('nt)! The software makers would die if we didn't
07-24-2007, 11:06 PM
Linear Mode
Similar Threads
