__I'''''''''''''''''''''''''''''''''''''''''''I__ The Ultimate Begginer Cracker's Book v1.0__I'''''''''''''''''''''''''''''''''''''''''''I__ I by basdog22 I ------------------------------------------------------------------------------------------------------------------------------------------------- Well i started writing this tut cause there are NOT a lot of them availiable on the NET even now that knowledge is wide spreaded. This tut is aimed at the very newbies so if you are an advanced or an intermediate cracker through it away cause it just occupies space in your HDD and nothing more. I would like to apologise for my bad English and some spelling mistakes that i will for sure make here.English isn't my mother tongue so don't blame me ;) First of all: Make your notepad's resolution so that the line below will be shown in it's all length <------------------------------------------------------------------------------------------------------------------------------------------------> So lets start: To start learning the art of Cracking you must first understand how your computer interprets and how the machine (PC) understands the commands you give to it. To make it clear: This is what your machine understands---------> 1100110001 each command you make to your GUI is translated to these 1's and 0's named Opcodes for the machine to operate. But you may ask" do i have to learn this shit to be able to crack?" NO "Then how will i understand how my machine interprets?" Here comes Assembly -------------------------------- Assembly is the low level programming language that we must learn in order to crack easier and when i say easier i mean that the more Assembly you know the more you will crack! "That's cool so where will i find this Assembly???" Well i must tell you something about this language.Assembly as i mentioned above is a low level language with no Grafical User Interface (GUI) like for example on Visual Basic etc.There will be no wizard that will make some functions automatically for you or something else. Yes it's not an easy language to learn.So you may be dissapointed but after all if Assembly was so easy everybody would go around cracking progs. <<<<<<>>>>>>> What we need is not to be Assembly proffesionals (The more you know the better though) but to learn some basics for this language. We must for sure learn what Registers,(Un)Conditional jumps and Calls are as long as with some more functions like Ret and Nop. A good start would be like going to our favorite search engines and make a search for "assembly tutorial" or "learn assembly" and you will have hundreds of tuts for it. OK after that you must learn what API's are and why we need them API's are functions that programs use everytime you do something with your computer.From saving a document to clicking a button of a reg box an API is called by the prog. Very important is to read your win32.hlp cause it has a lot of info for API's Generaly you will mostly need the following API's ------------------------------------------------------------------- Hmemcpy -----------> I use it a lot ;) GetDlgItemTextA GetWindowText CreateFileA ReadFile RegCreateKeyA RegDeleteKeyA RegQueryValueA MessageBox MessageBoxA MessageBoxExA MessageBeep GetLocalTime GetSystemTime GetFileTime CreateWindowExA ShowWindow GetDriveTypeA --------------------------------------------------------------------- Tools -------- The 4 major tools we will need are: 1) A BRAIN.No debugger,disassembler or unpacker will make you a good cracker.These are our tools.A writer that has the best paper,the best pen and the best computer in the world is nothing without his BRAIN.Get it ;) 2) A debugger. Yes SoftICE (I use version 4.05) is a debugger and the best of all.Created by Numega and cracked by SoftICE itself.We need to learn API's and Assembly in order to be able of using it.Go now and download it from http://kickme.to/fosi or http://crackpltools.prv.pl/ .Well these are not the only places where you can find Sice.A lot of cracking groups and individual crackers have posted it on the NET. First of all you must know that SoftICE is not like other progs that you can load directly from windows by double clicking.SoftICE loads before windows and works betwen windows and the machine (That is what makes it so powerfull).So you downloaded Sice and you installed it.Next time you reboot your system Sice will load and can be fired up by hitting Ctrl+D.If it doesn't load then you must edit your autoEXEC.bat so that it loads each time you boot.For Millenium users you can load Sice if you download the patch from http://crackpltools.prv.pl/ OK now you installed Sice and when you Ctrl+D you see our mighty gun.The next thing to do is edit your winice.dat found in the directory where Sice is installed. Here is how my winice.dat looks like: ------------------------Cut here--------------------------------- PENTIUM=ON NMI=ON ECHOKEYS=OFF NOLEDS=OFF NOPAGE=OFF SIWVIDRANGE=ON THREADP=ON LOWERCASE=OFF WDMEXPORTS=OFF MONITOR=0 PHYSMB=191 SYM=1024 HST=256 TRA=8 MACROS=32 DRAWSIZE=2048 INIT="wl;code on; altscr off; lines 57; wc 32; wd 8; wr; faults off;" INIT="X;" F1="h;" F2="^wr;" F3="^src;" F4="^rs;" F5="^x;" F6="^ec;" F7="^here;" F8="^t;" F9="^bpx;" F10="^p;" F11="^G @SS:ESP;" F12="^p ret;" SF3="^format;" CF8="^XT;" CF9="TRACE OFF;" CF10="^XP;" CF11="SHOW B;" CF12="TRACE B;" AF1="^wr;" AF2="^wd;" AF3="^wc;" AF4="^ww;" AF5="CLS;" AF8="^XT R;" AF11="^dd dataaddr->0;" AF12="^dd dataaddr->4;" CF1="altscr off; lines 60; wc 32; wd 8;" CF2="^wr;^wd;^wc;" ; WINICE.DAT ; (SIW95\WINICE.DAT) ; for use with SoftICE Versions greater than 3.0 (Windows 95) ; ; ************************************************************************* ; If your have MORE than 32MB of physical memory installed, change ; the PHYSMB line to the correct # of Megabytes. ; If you have LESS than 32MB you can save a bit of memory by ; specifying the correct # of Megabytes ; Example: PHYSMB=32 ; ************************************************************************* ; ***** Examples of sym files that can be included if you have the SDK ***** ; Change the path to the appropriate drive and directory ;LOAD=c:\windows\system\user.exe ;LOAD=c:\windows\system\gdi.exe ;LOAD=c:\windows\system\krnl386.exe ;LOAD=c:\windows\system\mmsystem.dll ;LOAD=c:\windows\system\win386.exe ; ***** Examples of export symbols that can be included ***** ; Change the path to the appropriate drive and directory ;EXP=c:\windows\system\vga.drv ;EXP=c:\windows\system\vga.3gr ;EXP=c:\windows\system\sound.drv ;EXP=c:\windows\system\mouse.drv ;EXP=c:\windows\system\netware.drv ;EXP=c:\windows\system\system.drv ;EXP=c:\windows\system\keyboard.drv ;EXP=c:\windows\system\toolhelp.dll ;EXP=c:\windows\system\shell.dll ;EXP=c:\windows\system\commdlg.dll ;EXP=c:\windows\system\olesvr.dll ;EXP=c:\windows\system\olecli.dll ;EXP=c:\windows\system\mmsystem.dll ;EXP=c:\windows\system\winoldap.mod ;EXP=c:\windows\progman.exe ;EXP=c:\windows\drwatson.exe ; ***** Examples of export symbols that can be included for Windows 95 ***** ; Change the path to the appropriate drive and directory EXP=c:\windows\system\kernel32.dll EXP=c:\windows\system\user32.dll EXP=c:\windows\system\gdi32.dll EXP=c:\windows\system\comdlg32.dll EXP=c:\windows\system\shell32.dll EXP=c:\windows\system\advapi32.dll EXP=c:\windows\system\shell232.dll ;EXP=c:\windows\system\comctl32.dll ;EXP=c:\windows\system\crtdll.dll ;EXP=c:\windows\system\version.dll ;EXP=c:\windows\system\netlib32.dll ;EXP=c:\windows\system\msshrui.dll ;EXP=c:\windows\system\msnet32.dll ;EXP=c:\windows\system\mspwl32.dll ;EXP=c:\windows\system\mpr.dll EXP=C:\windows\system\vb40032.dll EXP=C:\windows\system\msvbvm50.dll EXP=c:\windows\system\msvbvm60.dll ----------------------------Cut here----------------------------------------- You can copy this and paste it on your winice.dat after you cleaned up your entries. 3) A disassembler.W32Dasm is prety nice and you will find it much easier than IDA which i think is better.There are a lot of add-ons for W32Dasm which will help you view string references in Visual Basic progs and much more. 4) A Hex Editor.The best is Hiew but i use NitroHex by NitroBit (Choosing a hex editor is personal preference and you should use the one that best feats your needs). From here on it is good to have a File monitor like Filemon, a Registry monitor like Regmon and a string ripper (there are a lot of them availiable on the NET).SmartCheck by Numega is prety good for cracking Visual basic progs (Numega must be declaired our best friend ;) ).ProcDump is a nice tool for unpacking. OK now we have all our tools ready to destroy every protection that we might encounter.What else??? Well if you have read all this tut you can understand what follows...A LOT OF READING You must go and read as many tutorials as you can.Never believe that you know enough,there are a lot of protection schemes and there will be more ;) but there are a lot of different aproaches and thanks god there will be more :D).When you crack a program don't stay on it,bypass it and go for another one.Get as many crackmes as you can because thay include protections simmular to real programs. Visit sites that give you knowledge like http://fravia.kilrathi.pl/ and stay away from sites that spread cracks and serials. ```````````````````````````````` """""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" Thanks for reading this shit.I hope you gained some knowledge from this tut. My main goal was to help people who are interested in starting with the art of cracking (Not even newbies) but didn't know what tools to get and how to make them work. If you think that i should add some stuff in this tut or anything else you can send me your ideas to basdog22@yahoo.com i would apreciate it. """""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" In my next tutorial version 1.1 i will describe how some of our tools work and maybe some Assembly courses. Till then go out there and have a drink with your girl and have fun cause the real life is out there... to be continued...