How To Crack Trial Software With Ollydbg Tutorial Beginners

HOW TO CRACK SOFTWARE 2019! ITS EASY - YouTube. Hi guys in this tutorial i will show you how to crack registration key of any software this method is very easy to crack a software Please Hit Like If You Li. Add the breakpoint there by pressing F2 & restart the program again by pressing Ctrl + F9. Run it again & you will find that it will break it at 00406B40 (where you had put the last breakpoint) Next we will execute code step by step by pressing F8. An Ethical Hacker exposes vulnerabilities in software to help business owners fix those security holes before a malicious hacker discovers them. In this course, you learn all about Ethical hacking with loads of live hacking examples to make the subject matter clear.

Every reverse engineer, malware analyst or simply a researcher eventually collects a set of utility software that they use on a daily basis to analyze, unpack, and crack other software. This article will cover mine. It will be useful to anyone who has not yet collected their own toolset and is just starting to look into the subject. However, an experienced reverse engineer must also be curious about what other crackers are using.

WARNING

This article is for information purposes only. Neither the editorial team nor the author assumes any responsibility for possible harm that may arise from the use of these materials.

Debuggers

Debugging an application is an essential part of studying it, so every reverse engineer needs a debugger at the ready. A modern debugger must support both Intel architectures (x64 and x86), so this is the first prerequisite.

We must also be able to debug kernel-mode code. You will need this every once in a while, especially if you want to look for zero-day vulnerabilities in OS kernels or reverse engineer malware in drivers. The main candidates are x64dbg and WinDbg. The first debugger works in user mode, while the second one can debug kernel-mode code.

x64dbg

This is a modern debugger with a good user interface, a worthy successor of OllyDbg. It supports both architectures (x64 and x86), and there are tons of useful plugins.

Granted, it has its downsides as there are a number of annoying bugs. But it is actively developed and supported. Since the debugger works in user mode, it is of course vulnerable to a wide range of anti-debugging techniques. This is, however, in part offset by the availability of many different debugger hiding plugins.

x64dbg has a built-in decompiler and imports reconstructor (both x64 and x86), supports code graph visualization and read/write/execute/access breakpoints. This debugger has enabled some hackers to break down the infamous Denuvo DRM system!

Why not OllyDbg

We haven’t included OllyDbg here because it is very outdated. It does not support the latest operating systems or x64. The app’s official website announced a x64 version and even reported some development progress, but the site itself has not been updated since 2014. OllyDbg is undoubtedly a milestone piece of software, but now it seems that its time has passed. There have also been fewer kernel mode debuggers since Syser Kernel Debugger, a successor to SoftICE, was abandoned.

WinDbg

WinDbg is one of the best kernel or driver debugging tools. This debugger is supported by Microsoft and included in the Windows Driver Kit (WDK). This is currently the most up-to-date and powerful kernel code debugger. It does not feature the user-friendly interface of x64dbg, but there are not many other options, as other debuggers don’t support kernel-mode code.

WinDbg supports remote debugging and can download debug symbols directly from Microsoft servers. The VirtualKD booster exists to speed up the WinDbg setup for debugging kernel-mode code in a VM. WinDbg is definitely not for beginners, but as you gain experience in reverse engineering and start testing various interesting options, you won’t be able to avoid it.

WinDbg enables you to view various system structures and easily disassemble NTAPI functions. Of course it can also be used to debug “regular” applications, but I prefer to unleash this powerful weapon only when it is really needed!

How To Crack Trial Software With Ollydbg Tutorial Beginners For Beginners

Disassemblers

Reverse engineering cannot exist without static code analysis tools. The current selection of disassemblers is not much better than that of debuggers, but there we still have some favorites. The IDA Pro disassembler is a de facto standard in antivirus labs. Next is the Radare2 reverse engineering framework (many reckon that Radare2 is on par with IDA).

IDA Disassembler

There are two versions of IDA, a paid Pro version and a free Starter version. The free version is limited to x86 and does not support plugins. The Pro version offers full functionality with a large number of supported processor architectures and plugin support.

IDA does have a built-in debugger with rather basic functionality, but its unconventional interface takes some time to get used to. IDA can also be augmented with the Hex-Rays addon, a decompiler of application source code into C code. This is very useful as it really speeds up program analysis.

Overall, IDA is a very powerful and polished tool with a long development history. Unfortunately, the Pro version costs about $500-1000 (depending on the license type) and they do not sell it to just anybody. So we have to make do with other options.

Radare2

Radare2 was initially conceived as a simple hex editor but grew into a full framework able to debug and disassemble all types of code including firmware, viruses and cracks.

Radare is a set of console tools including a debugger, disassembler, decompiler, hex editor, its own compiler, utility for comparing binary files and much more. There is also a GUI addon named Cutter that greatly improves the look and usability of Radare’s framework.

The framework supports a large number of processors and platforms, which enables it to compete with products like IDA Pro. Another big advantage of Radare is that it is an open source, free and community-driven project.

Additional utilities

We have covered the main tools, but reverse engineering also needs packer identifiers, network monitors, hex editors and many other utilities. Let’s have a closer look to the main ones.

Detect it Easy (DiE)

This is a great packer identifier with a large number of useful functions. For example, it allows you to view file section entropy, which facilitates visual identification of encryption.

It also has a resource viewer with a dump-to-disk feature. DiE enables you to easily access the import table and add plugins and scripts, configure signature scanning methods and view file headers. It fully supports PE and PE+.

There is only one problem with this program: a slow update cycle, although it has not been abandoned. In fact, a new version was released recently!

INFO

You can see examples of working with DiE in my previous articles: “Manual unpacking. Cracking a custom packer based on GlobeImposter 2.0 ransomware” and “The art of unpacking. Gutting the protection of the crafty GootKit banker”.

ExeInfoPE

This is another packer and protector detector. It has an unconventional interface that will not be to everybody’s taste. On the other hand, the program is frequently updated, offers numerous interesting functions and user-friendly tips for unpacking.

Overall, I would recommend it to beginners. ExeInfoPE has a number of automatic unpackers and will tell you which tool to use to crack a bolt-on protection system.

Of course, the program also offers the full set of standard features including a file header viewer, section viewer, hex viewer and even a number of built-in mini-utilities like TerminateProcess and more. ExeInfoPE also supports plugins.

HxD

Sometimes you may need to access HDD, memory or applications in binary mode. This is where hex editors come in handy, as exemplified by HxD. This program is free and frequently updated, supports popular formats, is good for searching and offers a user-friendly UI. There are other well-executed features, such as the ability to remotely erase (zerofill) files. There is also a portable version for easy storage on a flash drive.

HIEW

This hex editor has a long history, but it is still supported by its devs. It comes in free and paid versions (the latter is $20 without updates or $200 with lifelong updates). The Norton Commander-like interface might scare off a younger crowd, but it is easy to get used to. What is especially great about HIEW, is that you can work in “keyboard-only” mode by controlling all its functions via hotkeys.

Pestudio

A useful program for malware analysis. Prestudio automatically scans files samples with VirusTotal, offers an interesting view of the analyzed application’s import table functions, shows the application’s viral markers, used libraries and PE file header info. It also enables you to work with resources. In other words, this is a versatile antivirus tool for initial sample analysis.

PE-bear

Another interesting viewer/editor of PE and PE+ files comes with a packer/protector identifier and shows info on file headers, resources and sections. If you want to, you can view sections in hex mode and disassemble them into regular assembler mnemonics.

PE-bear has a user-friendly UI and file-comparing utility. The program’s only downside, despite its open source code, are its rare updates. So, if you find a bug, you can fix it yourself.

Fakenet-NG

This program emulates working with a network. When studying malware samples, you often need to see all their Internet activities: monitor DNS and HTTP queries, sniff traffic and identify IP addresses of the controlling servers (for example, if you are dealing with a ransomware bot). Your VM should of course be offline, but if the virus detects it, it won’t do all the things that it usually does.

Fakenet-NG is fully supported with frequent updates, so this utility can be used in the latest operating sytems.

ProcessExplorer

It would be hard to perform reverse engineering without programs from Sysinternals that monitor how applications access the filesystem and processes. ProcessExplorer shows all processes in a hierarchical tree view, so you can easily see their spawning order. You can also see which dynamic libraries they use, as well as their priority, digital signatures, processor usage and much more.

RegShot

A handy utility for monitoring registry changes. RegShot takes snapshots of the registry before and after you do some system or software changes.

TCPView

A small program for monitoring an application’s network activity. You can see which ports it accesses (both local and remote), together with protocols, process identifiers and transmitted packet counters. Overall, this is one of the most useful tools for any hacker!

Resource Hacker

A popular program for editing resources, including manifests, icons, text dialog lines, cursor info and much more. You won’t need this functionality very often, but when you do, this is a suitable tool to have.

Summing up

We have covered the main utilities used for most reverse engineering tasks. I think this should be enough for a beginner. Your own list will grow as you progress.

Many reverse engineers end up writing their own targeted programs, plugins and scripts. You won’t be able to find tools for every task that will make your life easier. If you know similar software or want to share links to other useful tools, please do so in the comments!

Software cracking groups have been around for a long time. Many people will think that they are unethical because they are defeating the software licensing system to illegally reset a trial software (shareware) or turn it into an fully functional program without having to purchase the license. One may wonder the reason for doing this but most of the time it is not for monetary gain but as a challenge to know how “it works” and to gain more knowledge through unpacking, debugging and analyzing the program. The cracks that are being released to the public are a proof of concept for a specific version and they don’t normally re-crack it again when a new version of the program is released.

Knowing how to crack a program using an available ready made patch, keygenerator or cracked files does not earn yourself the title “software cracker”. Only if you are able to think out of the box and figure out how to bypass the software protection yourself, then you consider yourself as a software cracker. Unfortunately it is nearly impossible to have someone to teach or coach you on how to crack programs other than learning it yourself from cracking tutorials that can be found in YouTube.

How To Crack Trial Software With Ollydbg Tutorial Beginners Tutorial

Before checking out the advanced cracking tutorials, we can show you a very basic and logical method on how to crack programs yourself based on an old patch that does not work with the latest version. For example, an offset patcher for a program called ViceVersa Pro v2.5 build 2512 released on 3 July 2013 by Nemo from team SnD will not work for the current version 2.5 build 2513 (notice the difference in the build number). The patcher reports “wrong filesize or already patched!”

It is possible that the software protection isn’t updated to prevent the patcher from working, but the patcher did not work with the latest version because the program was recompiled, moving the location of the bytes that the patcher supposed to change and failing the CRC32 check. Here is how to detect which bytes are being changed by the patcher and how to re-create a new patcher that could work for the latest version.

1. First you will need to search, download and install the older version of ViceVersa Pro v2.5 build 2512.

2. Then search and use ViceVersa.Pro.2.5.build.2512.patch-SND.zip to patch the program, with the “Make Backup” checkbox ticked.

3. Download dUP2, extract the RAR file with an archiver and run dup2.exe.

4. Click on Project menubar and select New.

5. It is optional to fill up the information in the Patch Info window so that the GUI of the patcher will contain the text rather than blank. Or you can just click the Save button to continue. It is advisable to tick the “Run patch with administrator rights” checkbox because most of the time you’ll need to run the patch from the Program Files directory and it will fail to patch if you do not run it as admin.

6. Right click on an empty space in dUP2, hover on Add and select [Search and Replace Patch].

7. You’ll notice that [Search and Replace Patch] will appear in the Patch Script window. Double click on it to open up a new Search and Replace Patch window.

8. Click compare files button.

9. Now you’ll need to select the original and patch file for the compare module to check for the location of the bytes that was changed by the patcher. Most of the time the original file will have an additional .bak extension at the end while the patched file will be the program’s original file name. Click the Compare button once you’ve selected both the original and patched file.

10. Click OK button to close the comparison done popup. You may see one or a few lines being added to search pattern and replace pattern. Click on the browse button to select the Target File that you want to patch. Click Save.

Important Note: You should only see a few search and replace patterns added to the list and not too many until the dUP2 program hangs. If there’s too many, you may have selected the wrong original or patched file for comparison.

11. The final step is to create your own patch by clicking the Project menu bar, select Create Patch and save it to your hard drive.

12. You can now install the latest version of ViceVersa Pro v2.5 build 2513. After installation has been completed, copy the patch that you’ve created with dUP2 to the program’s folder, run it and click the Patch button. This time you should see the message “File Patched! OK”.

13. The patch that you created works! As you can see from the screenshot below, the program is now licensed instead of using the evaluation period.

Remember, the method shown above will work if the software protection is unchanged and provided if you are still able to find the older version of the program which the old patch works on.

Final note: You may have noticed that the patcher created by dUP2 is being detected as a virus by some antivirus software but dUP2 program itself is not detected. Rest assured that both dUP2 and the patcher created by it are free from virus. Think about this, if dUP2 is capable of creating a virus, shouldn’t the antivirus have detected dUP2 as virus too?

Disclaimer: This article is for educational purposes only and we do not encourage software cracking. The software ViceVersa Pro was used as an example in this article and we do not have intention of cracking it. If you find that a shareware is really helpful, you should purchase a license to support the author for them to continue improving it.

You might also like:

Manually Update AVP Tool Kaspersky Virus Removal Tool Signature Databases5 Free Real Time Non-Indexing Search Programs for WindowsChange or Remove Button Missing at Control Panel Add or Remove ProgramsCrack or Decrypt VNC Server Encrypted Password10 Ways to Run Programs as Administrator in Windows

Please can this work with manycam 6.6.0 or could you help in cracking it and give a link to download it have search google for it but all i found are trojans and old versions

Reply

In a way, this is just ripping of code from other crackers who must have had invested a lot of their time in developing the patch (including learning the art). It would have been more educational for people to learn it the old way. Well whatever, for people wanting to use shortcuts, this trick may be damn useful.

BTW, I suggest updating the post to use the patcher from AT4RE as it supports more features.

Reply

This patch is all in one, means all program also can use this patch?

Reply

If I have a software program where no patch was ever created how can I design my own?

Thank You

Reply

very nice

Reply

Wow if you think this is hard you must be compleate noob I mean COME ON Read and try it I can ftp/telnet into most sites this is easy :) thanks for posting I made a private crack for ms10 wiht this method :) thanks again

Reply

Hey this tut is great. i was able to re-crack a program!

Reply

thanks for your article mr. raymond.. i found it very useful..

Reply

Hello, Raymond. I like this article i am going to try this. Thanks for this……..

Reply

Hi raymond its nice to meet this article! i want to crack some programs for my knowledge! thanks a lot!

Reply

hi raymond..
very nice article.

Reply

i have just pointed my 13 year old to this as i dont have much time to show him and he managed it first time>>>:)

Reply

hi
your idea is fantastic .thanks for posted

Reply

Thank you very much!
I think it’s very useful with me.

Reply

it is very useful and worth trying for

How To Crack Trial Software With Ollydbg Tutorial Beginners Pdf

Reply

wow this is great!….

thanks a lot….

Reply

good

Reply

Hi thanks for this article i hope it would help me.

Reply

How To Crack Trial Software With Ollydbg Tutorial Beginners Photo Editing Software

i’ve never actually met someone braggin around about cracking himself the newer version of some program nor i’ve thought about it. But this certainly is very useful, i’ll try it on some next update.
Thanks a bunch Ray

Reply

Hey Raymond,
Thank you very much for teaching this to me. I always keep finding cracks on the internet. But now I can make my own cracks ! :-)

Reply

Wow interesting, im glad i signed up to receive your blogs. Excellent information keep up the good work!!

Reply

wow thanx man

Reply

Thanks, Ray!

I’ve often wondered about how to do this.. very informative!

Reply

How To Crack Trial Software With Ollydbg Tutorial Beginners Download

Hi Raymond, I love your tutorials they are so useful. Thank you for your hard work :)

Reply

Trial Reset 3.0 Downloads

Great mini tut thank for kepping us informed

Reply