Software cracking is reverse software engineering. It is the modification of software to remove protection methods. The distribution and use of the copies is illegal in almost every developed country. There have been many lawsuits over the software, but mostly to do with the distribution of the duplicated product rather than the process of defeating the protection, due to the difficulty of proving guilt.
The most common software crack is the modification of an application’s binary to cause or prevent a specific key branch in the program’s execution. This is accomplished by reverse engineering the compiled program code using a debugger until the software cracker reaches the subroutine that contains the primary method of protecting the software.
The binary is then modified using the debugger or a hex editor in a manner that replaces a prior branching opcode so the key branch will either always execute a specific subroutine or skip over it. Almost all common software cracks are a variation of this type.
Proprietary software developers are constantly developing techniques such as code obfuscation, encryption, and self-modifying code to make this modification increasingly difficult. In the United States, the passing of the Digital Millennium Copyright Act (DMCA) legislation made cracking of software illegal, as well as the distribution of information which enables the practise.
However, the law has hardly been tested in the U.S. judiciary in cases of reverse engineering for personal use only. The European Union passed the European Union Copyright Directive in May 2001, making software copyright infringement illegal in member states once national legislation has been enacted pursuant to the directive.
The first software copy protection was on early Apple II, Atari 800 and Commodore 64 software. Game publishers, in particular, carried on an arms race with crackers. Publishers have resorted to increasingly complex counter measures to try to stop unauthorized copying of their software.
One of the primary routes to hacking the early copy protections was to run a program that simulates the normal CPU operation. The CPU simulator provides a number of extra features to the hacker, such as the ability to single-step through each processor instruction and to examine the CPU registers and modified memory spaces as the simulation runs.
The Apple II provided a built-in opcode disassembler, allowing raw memory to be decoded into CPU opcodes, and this would be utilized to examine what the copy-protection was about to do next. Generally there was little to no defense available to the copy protection system, since all its secrets are made visible through the simulation.