1 00:00:01,340 --> 00:00:10,370 Hello In this lesson I would like to summarize and reinforce the software cracking workflow so that 2 00:00:10,610 --> 00:00:17,060 he will remember the proper steps to use whenever you crack any software. 3 00:00:18,590 --> 00:00:25,980 So step one always run a program to observe its behavior. 4 00:00:26,100 --> 00:00:34,240 You should running outside of any debugger you just want to see what it does. 5 00:00:34,280 --> 00:00:41,840 Maybe you ask you for a 0 number and if you enter the wrong serial number it will give you an error 6 00:00:41,840 --> 00:00:42,480 message. 7 00:00:44,130 --> 00:00:48,340 Or it could give you a next screen warning you. 8 00:00:48,390 --> 00:00:55,920 You have 30 days trial asking you to buy a license or anything else. 9 00:00:55,920 --> 00:01:10,270 So just observe the behavior first and then second you will want to look a program in the eye. 10 00:01:10,700 --> 00:01:22,070 The IEEE is the type C so that you can analyze to be analyze the program executable which is also known 11 00:01:22,070 --> 00:01:24,370 as the EIC file. 12 00:01:24,380 --> 00:01:35,450 That way you can know what is the proper entry point for the executable and also analyzing you. 13 00:01:35,450 --> 00:01:38,920 The IEEE can also tell you how the think is. 14 00:01:39,060 --> 00:01:42,090 For example the pecker. 15 00:01:42,280 --> 00:01:45,830 In any event I used to compress the file. 16 00:01:47,790 --> 00:01:59,000 Then the third step is to look the program in the SCC for debug and after loading the program existing 17 00:01:59,060 --> 00:02:11,820 for DG You will want to analyze the instructions and then try to reverse the jumps in order to avoid 18 00:02:11,880 --> 00:02:20,220 showing the baton message debate message sheer could be something like wrong see your number. 19 00:02:20,860 --> 00:02:26,950 Or it could be something let me ask you to buy the license for the software. 20 00:02:28,520 --> 00:02:35,020 And then he will want to instead try to make any program. 21 00:02:35,270 --> 00:02:45,470 Sure no good message no good message here will be something like for example correct 0 number and all 22 00:02:46,010 --> 00:02:56,340 this software has been registered or something like that so you should try to analyze the gems and try 23 00:02:56,340 --> 00:03:07,560 to reverse the jumps by playing if there is a f flight the zero flight and then the step four is to 24 00:03:07,560 --> 00:03:17,370 search for proper instruction to patch and to assemble a new instruction to replace the all instruction. 25 00:03:17,390 --> 00:03:28,630 The reason why we patch in because we want to make it permanent thus modifying the zero fly alone is 26 00:03:28,630 --> 00:03:29,890 not permanent. 27 00:03:30,550 --> 00:03:35,830 So that's why Step 4 is necessary and then number 5. 28 00:03:36,380 --> 00:03:45,150 Once you identified the correct instruction if patch maybe you only use A B instructions no operate 29 00:03:45,220 --> 00:03:47,210 no operation instructions. 30 00:03:47,210 --> 00:03:49,100 All you want to jump some way. 31 00:03:49,130 --> 00:03:57,260 So you need to assemble those instructions to replace the old ones after that you can best a file which 32 00:03:57,260 --> 00:04:05,990 is number 5 and then load the new patch and test it and then repeat it again from 4 and 5 4 in 5. 33 00:04:06,620 --> 00:04:14,780 So sometimes you may need to do step 4 and 5 repeatedly a few times until you get a bash which satisfies 34 00:04:14,870 --> 00:04:16,210 your target. 35 00:04:16,340 --> 00:04:19,760 That is to make the program do what you want it to do. 36 00:04:19,760 --> 00:04:31,430 For example become a registered software or become a remove a next screen which gives nagging you are 37 00:04:31,820 --> 00:04:37,670 in queue congratulate you on purchasing the software or whatever it might be. 38 00:04:37,670 --> 00:04:45,650 So that is the summary of all the steps one to find which you always follow whenever you create any 39 00:04:45,650 --> 00:04:46,220 software. 40 00:04:47,240 --> 00:04:48,540 So that is all. 41 00:04:48,920 --> 00:04:49,940 Thank you very much.