How does the crack of a PC game/software work?


I'd first like to say this is purely for educational purposes. When I was learning assembly, I was tinkering with apps, and found a debugger to debug the programs, it was called as OllyDbg.

I accidentally learned that I could crack apps using it, and to test my idea I did crack an AntiVirus program, and it worked. This is only one of the techniques and here is how it's done.

  1. The app that I cracked came with two modules, files called as avEngine.dll and activation.dll
  2. I opened the activation module in OllyDbg to find the assembly code like this in the .text section.
  1. section .text 
  2. :checkActivation 
  3. push ebp 
  4. mov ebp, esp 
  5. ... 
  6. ... 
  7. call validateCode 
  8. cmp eax, #1 
  9. jne activationFail 
  10. ... 
  11. ... ; Code on successful validation 
  12. ... 
  13. jmp endCheckActivation 
  14. :activationFail 
  15. ... 
  16. ... ; Code to show error message 
  17. ... 
  18. :endCheckActivation 
  19. pop ebp 
  20. ret 
  1. As you see, there is a command after comparing, called as jne which stands for jump if not equals. What should I do if I don't have the real activation code?
  2. I just modified the instruction, from jne to je saying that I wanted to execute the failed code when it succeeded. I saved the assembly and replaced the original file, and opened the app. I entered a random shit and it turned to Pro version.

Things however might not be this simple always. There will be a ton of other checks. You might not get these labels to understand what is what. I got them because I was trying a debug build. This is also a single technique, there are a lots of them real crackers use.