Software Cracks

September 30, 2018

Perspective study within digiKam.

Software cracking is reverse software engineering. It is the modification of software to remove protection methods. The distribution and use of the copies is illegal in almost every developed country. There have been many lawsuits over the software, but mostly to do with the distribution of the duplicated product rather than the process of defeating the protection, due to the difficulty of proving guilt.

The most common software crack is the modification of an application’s binary to cause or prevent a specific key branch in the program’s execution. This is accomplished by reverse engineering the compiled program code using a debugger until the software cracker reaches the subroutine that contains the primary method of protecting the software.

The binary is then modified using the debugger or a hex editor in a manner that replaces a prior branching opcode so the key branch will either always execute a specific subroutine or skip over it. Almost all common software cracks are a variation of this type.

Proprietary software developers are constantly developing techniques such as code obfuscation, encryption, and self-modifying code to make this modification increasingly difficult. In the United States, the passing of the Digital Millennium Copyright Act (DMCA) legislation made cracking of software illegal, as well as the distribution of information which enables the practise.

However, the law has hardly been tested in the U.S. judiciary in cases of reverse engineering for personal use only. The European Union passed the European Union Copyright Directive in May 2001, making software copyright infringement illegal in member states once national legislation has been enacted pursuant to the directive.

The first software copy protection was on early Apple II, Atari 800 and Commodore 64 software. Game publishers, in particular, carried on an arms race with crackers. Publishers have resorted to increasingly complex counter measures to try to stop unauthorized copying of their software.

One of the primary routes to hacking the early copy protections was to run a program that simulates the normal CPU operation. The CPU simulator provides a number of extra features to the hacker, such as the ability to single-step through each processor instruction and to examine the CPU registers and modified memory spaces as the simulation runs.

The Apple II provided a built-in opcode disassembler, allowing raw memory to be decoded into CPU opcodes, and this would be utilized to examine what the copy-protection was about to do next. Generally there was little to no defense available to the copy protection system, since all its secrets are made visible through the simulation.

4 Comments

  • Julius Villas September 30, 2018 at 10:27 pm

    I'm so unlucky since the most important files that should have to be recovered was colored orange, CAN YOU HELP ME FURTHER???

  • Dan Bromberg September 30, 2018 at 10:27 pm

    I used Recuva and the deep scan ran for 6+ hours! It stopped after STAGE 1 [of 3] and I never got to see STAGES 2 & 3 – nor did I see a list of the 5,121,143 recovered files it claimed to have found. I waited for a half hour or so and got frustrated so I canceled it. Perhaps I should have waited longer? Has anyone else experienced a long delay before seeing STAGE 2 or 3?

  • Sozo Sonoken September 30, 2018 at 10:27 pm

    thank you

  • Bradley H September 30, 2018 at 10:27 pm

    I do appreciate the work you put into this video, though some portions were damaged to the point where they couldn't be properly restored, I was at least able to bring back the things that held the most sentimental value to me.  Even though you probably won't see this anytime soon, I thank you for all the help you have provided.

Leave a Reply

Your email address will not be published. Required fields are marked *