Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Hrishikesh Choudhari - Overview Of Cracks


Published on

I, Hrishikesh Choudhari, made this presentation alongwith my best friend Arnold Pereira, at the NMIMS Annual Festival in Feb 2008. In this presentation, we showed how we made a crack, and gave a live demo while bypassing the CD protection scheme for a current game.

Published in: Technology
  • Be the first to comment

Hrishikesh Choudhari - Overview Of Cracks

  1. 2. An Overview of Software Cracks
  2. 3. Percentage of pirated software in business
  3. 4. Cost of pirated software in million dollars
  4. 5. ? What are cracks
  5. 6. Cracks are small programs designed to patch or modify other target programs.  Such modification usually involves illegally removing copyright information, removing the requirement to officially register the target program, or the conversion of a shareware/trial program with limited functionality into a fully functioning version. 
  6. 7. Time limit trials CD Protection Serial Keys Registration
  7. 9. Reverse Engineering
  8. 10. step-by-step execution of the program machine code into assembly language
  9. 11. Assembly Language is low-level machine language consisting of OPCODE Shows the position of the program bug by executing the program step-by-step Translates machine code into assembly language Allows to see the raw and exact contents of a file and manipulate binary files
  10. 12. Demo
  11. 14. Related Work
  12. 15. A patch is a small piece of software designed to update or fix problems with a program. This includes fixing bugs replacing graphics and improving the usability or performance.
  13. 16. A Hotfix is a single cumulative package containing several encompassed bug fixes. An encompassed bug fix is a software bug fix which is the not the main objective of the software patch, but rather the side-effect of it.
  14. 18. Applications
  15. 19. Game Trainers Game trainers are programs made to modify behaviour of a computer game, usually using addresses and values. It can "freeze" a memory address disallowing the game from lowering or changing the information stored at that memory address. It simply manipulates the data at the memory addresses specified to suit the needs of the person cheating at the game.
  16. 20. Malware Analysis Dynamic analysis -- we study a program as it executes. Here, tools of the trade are debuggers, function call tracers, machine emulators, logic analyzers, and network sniffers. Post-mortem analysis -- after effects of execution like logging, changes to file contents or to file access time patterns, data that was written to swap space, data that still lingers on in memory.
  17. 21. Heuristics Analysis The anti-virus program to decompiles the suspicious program, then analyzes the source code contained within. The source code of the suspicious file is compared to the source code of known viruses and virus-like activities. If a certain percentage of the source code matches with the code of known viruses or virus-like activities, the file is flagged, and the user alerted.
  18. 22. Safeguards
  19. 23. Code Obfuscation Obfuscated code is source code that is very hard to read and understand, often intentionally mainly for the purpose of deterring reverse engineering, reassembling, or recompiling. Another famous C example is: _ (__,___,____){___/__<=1?_(__,___+1,____):!(___%__)?_(__,___+1,0):___%__==___/ __&&!____?(printf(&quot;%d &quot;,___/__),_(__,___+1,0)):___%__>1&&___%__<___/__?_(__,1+ ___,____+!(___/__%(___%__))):___<__*__?_(__,___+1,____):0;}main(){_(100,0,0);} This program prints out the prime numbers less than 100.
  20. 24. void primes(int cap) { int i, j, composite; for(i = 2; i < cap; i++) { composite = 0; for(j = 2; j < i; j++) composite += !(i % j); if(!composite) printf(&quot;%d &quot;, i); } } int main() { primes(100);
  21. 25. Code Morphing Obfuscation by code morphing refers to obfuscating machine language or object code rather than obfuscating the source code. Completely replaces a section of the compiled code with an entirely new block that expects the same machine state when it begins execution as the previous section, and will leave with the same machine state after execution as the original. However, a number of additional operations will be completed as well as some operations with an equivalent effect.
  22. 26. Showtime
  23. 27. Bibliography: Hacker Disassembling Uncovered – ISBN 1931769222 Video courtesy –
  24. 28. Thank You Hrishikesh Choudhari Arnold Pereira