Cracking Software with Reverse Engineering 😳
HTML-код
- Опубликовано: 30 июн 2024
- we're in
*this is an educational tutorial of computer engineering on a puzzle program made with the sole intention of being cracked LEGALLY. I do not support and condone any malicious and illegal hacking*
FOLLOW ME ON INSTAGRAM: not_nang
~~
free uncle kenny he did nothing wrong
today we try reverse engineering to crack a program
Like this video? You probably will like this one even more: • Unlimited Free Boba wi...
If you wanna try it:
Lafarge Challenge Program: crackmes.one/crackme/5ab77f56... (This one is for Windows)
Read this fully before trying it: crackmes.one/faq
Checkout other CrackMe's: crackmes.one/lasts
like and sub for more vids and also hmu on ig @not_nang :)
Also heads up, this is more computer engineering than computer science, but theres a ton of overlap (i study electrical and computer engineering, its pretty lit)
faq, who am i?
i study at carnegie mellon (ece) and wanna make coding somewhat entertaining
Music:
Evan King
Rainy Streets by Blue in Green
Coffee and a Glock by YNG Martyr & Lil Toe
#nang #computer #hacking
I followed the steps in this tutorial and then when I patched it my antivirus said it was a trojan and quarantined it lol.
Same lmao
yeah
So what , at least you know what's inside ur code, it's not attached with bad stuff made by **** unknown person.
You can allow it to stay "the virus"....
MS defender can find cracked softwares and treat them like viruses..
It's illegal yes but man sometimes you don't have money and you want to just learn, learning stuff should be free.
When it comes to production things would be different money will not be issue then and only then "money made for spend".
First let us learn so we make money so in the future if ur software worth the credit will pay for sure 😊 with a huge smile 😁.
@@mohammedissam3651 agreed
Imagine using an AV
I always wondered how people made cracks and stuff, now that I've learnt some computer science and watched this video, I didn't realise it could be so simple.
Also if you want an open source reverse engineering tool use ghidra its really good
well, for most software it’s not. This program has no code obfuscation so its quite trivial.
well this is obliviusly made for example tho
nah bro he has the the source code but when you deal with with compiler it's hard
@@GamerFigureyes but I think they’re just surprised how easy it is to wrap your head around this stuff.
Every system seems so complex until you break it down, step by step and practice until it becomes trivial.
Those who don’t practice will never get better and can’t gain the necessary wisdom that comes with time.
I've always struggled understanding registers, but as someone with an uncle that's on the same register as yours, I now fully understand them, thanks! #FreeAllUncles
So true!! 🙌🙌
#FreeAllUncles💀
#FreeAllUncles
My uncle has a alcohol and smoking addiction, he went to a rehabilitation center. 💀 #FreeAllUncles
@@nang88lmfao the word 'nang in my language means 'broke af' and the context of this video just makes that even better 😂
Honestly you're a massive help, you not only made the concept easy to understand, but you made it really funny to learn about it.
"unfortunately" this is not even the tip of the iceberg, there is still a long and painful way to go if you really want to be a reverser enginer.
@@whybkah the point is that it’s enough to get someone interested - I know I am for sure
See this is the kind of content people need to watch when researching complex topics like this. Literally just needed a small bit of Info from this video and got it In seconds good job!
I took an assembly class in college. We did a ton of of projects. I had no idea that it's this easy to exploit an application. pretty awesome
yessir
most modern softwares won't let you this easily
I've been into reverse engineering since way back in 1998, so I have some experience in this area. I just wanted to say that your video is pretty good, and I appreciate your honesty about your skillset.
I have a few suggestions, though. It would have been helpful if you explained the JMP (jump) and why you made changes to that particular code. Additionally, it would have been better if you mentioned the option of using NOP (no operation) as an alternative. In this case, if you NOP the code at 4012BC, it would automatically move on to the next line.
Ultimately, you achieved the same outcome by making it jump to 4012BE, but it's worth noting that you could have just NOPed the jump, especially since the "Good Boy" comes first in the code. It would have been beneficial if you also explained what JNE means and what the comparison was.
Another suggestion I have is to use a breakpoint at 4012AB, then proceed to the next line and examine the stack. If you did that, you would see your correct serial number pushed onto the stack.
Anyway, your tutorial was very easy to follow, especially for beginners. Great job!
if I had a program with different .exe, because each of them are a piece of the whole program 60GB, How do I know which one to crack? programs name is Siemens Tia V17
@@liloufdezlaralopez8334 Oof, as a controls engineer good luck with that one lol
"instead of storing little kids these registers store data" was the line that made me subscribe
This is honestly a lot more straight forward and easier than I expected.
I’m currently working towards an It degree, and I’m almost done. I straight up learned more from your quick video than I have in any of my classes. Awesome vid man!
Another simple solution is just changing the opcode relative address to 00 instead of 16 so it becomes "75 00". As 75 is the i386 opcode for JNE("Jump if not equal") instruction it will just jump to the line after the instruction.
A different way to think about it is like the following.
if(key != correct)
{
correctKey();
} else
{
correctKey();
}
Both paths lead to the same function in memory.
Why would we want that
@@jacobczekalla8375 I think then there's a typo in your comment
@@thethiny Ahh yes, fixed it lol. Thank you.
@@jacobczekalla8375 lol was confused
@jacobczekalla8375 You understand well. I've done this numerous times over the years, usually to get a key for abandonware.
Your programming skills are nice! You should start a RUclips channel.
Ill think about that!
@@nang88 I have I doubt. Can the compiler compile my ass?
@@faketask5529 why don't you give it a try, film the process
@@iRouRoui Trust me bro I tried that but RUclips sent me some policy violation stuff... I don't know mannn.
he already has one, otherwise you wouldn't be watching this video. You probally commented in the wrong tab tho
I was looking for this the other day and was so pissed that i couldnt find it, started to think it never even existed
Loved the explanation!!
damn dude, barely a minute in and I love the content. Keep this up, you're talented! :)
Thank you so much for sharing your amazing video with us!
Plz consider start a playlist solving all the challenges in the website you mentions, like once a week.
Thanks in advance!
this video has such like 2008 youtube vibes. I’m a fan
Another important thing to mention is that not every registry key system works like this. 99.99% of modern implementations call back to a server that can validate if the key exists, and it's randomly generated per user meaning the only way to crack it is to either remove the key check from the client, or to get the server to generate a key for free.
can people crack modern games by removing the key check from the client, or to getting the server to generate a key for free? is it possible to do either one of these two things at all?
@@Santificated Some games are vulnerable to being cracked and able to go online, but for most games any offline play can be made available just by skipping the online check, yeah.
Clearly you pulled that 99.99% figure out of a certain orifice. Many developers are opposed to their applications having any sort of call home function, not just for privacy reasons, but also because it places limitations on how and where users can use the software. You can also use public/private key encryption to verify a key is legitimate, without calling home. Personally, I don't really mind if people choose not to pay for my software and just use a cracked version. Props to those who crack it themselves.
@@bobbuilder3748 using offline public/private key encryption to verify a key is vulnerable to reverse engineering, and so any application one might seriously want to crack that the creators seriously don't want cracked will use call home DRM as OP describes. Not sure how either of you are getting your data, though.
@@sly-shot Correct. Public/private keys will not prevent reverse engineering. It's still possible to bypass the key checks, but it prevents key generators from being distributed that will work against unmodified releases. I'm not supplying hard data, just observations from my 20+ years working in the industry. I live in a country with strict privacy laws (although about 8 years was working for multi-national companies), so perhaps it's different elsewhere, but any time a call home feature is suggested, there has always push back from developers.
Thx a lot!!! The video was totally helpful for me to understand on the spot how the crack files are made.
haha so glad you made this. You stitched the fragments I had in my mind into a complete fabric of understanding.
I'm on the same boat. I think I now have enough understanding to try it :)
Is this poetry?
The tools are way better some 24 years later! I used to do this with a hex editor for fun... Because the games usually aren't as fun! The shock of seeing what they did to create a more difficult keying code was fun. Some were NASTY the more money you had to sink into what it was back then...
I'm trying to fix old GTA 2 to stop checking for the darn disc and spinning it like crazy! My vintage PC rig is vintage enough that I don't want to see it lose the DVD drive...
Unreal 4 at 560 fps on older hardware is to crazy!
That one joke about your uncle, made me subscribe. Hilarious dude. 😂 instead of storing kids... omfg
This is the best explanation (so far) I have seen on YT. Great work mate!
Just downloaded x64dbg and gave all this a shot, it was piss easy! Just going off memory (no pun intended) and clicking through the video a couple times I got it done in less than 30 minutes, and the second time I did it, while screenshotting each step to my mate, took me around 6 minutes. Super educational video!
Really nice and interesting video man. Made it very entry level to understand. Loved it
Nice video! I would assume most keygens nowadays are done on a server so the actual translation code isn’t exposed which explains why keygens are way less popular now
3:30 was just crazy with the music as well great job on the vid btw
you deserve more subs
keep doing what you do man!!
I appreciate that!
This was a legitimate intertaining video ! In a world of short span attention this kept me intertained ! Congrats
I love your explaining.
i have nitifications on but i never got notifs for the last 2 videos lmao -- only reason I checked the channel again was cuz of some bot in ur comments .. but I remember this being a good video so ..
good reupload :D
ily. yeah idk about these bots LMAO
bro your content is great. keep up the good work!
I really really like your approach, keep it up Bro
Amazing content! Keep it up
Bro just explained my entire Year 1 C++ class in 8 minutes
Registers are where the processor temporarily stores data. Your program is loaded into memory and arithmetic is done by the processor.
nice vid man
this video led me to take the computer architecture course at my school. thank you for opening my eyes man. i might have graduated with cs without ever touching assembly
loool Love the jokes. Keep up dude. Awesome video. Subbed
Great video, though a bit over my head. I came here because I want to debug/decompile a databin unpacker--the one tool that's out there seemingly doesn't extract everything and I have no idea the compression method used to try and get into it myself. I have my own tutorials on hex editing save files and messing around with a game's active memory to make instant changes, but this would be a leap for me. If you check your comments, would you be willing to give me some direction? Thanks.
Yeah that was pretty straight forward, as long as you're able to read assembly. That explains why almost every login or password system I've ever came across uses servers.
I appreciate your work bro
Cool, always learn from you. Impressive
i actually learned something, thanks for this video.
Really like It thx ,could u more reverse engineering video? Thx and keep It up
Great video! Super clear and entertaining :) Question tho... What if you can't find the string with the dialogue from the registration box? I've tried searching for every bit of text in there, but I can't find anything as cut and dried as the "bad boy..." example. How do I find the right code if I can't search something that specific?
Same issue with a program called "My Recover". Presumably not a rare issue to encounter. So it would be surely worth to address instead of leaving it unanswered.
so this is how normal ppl start learning reverse engineering. I just jumped straight into the difficult stuff, didn't get anything since the program was rather complex and used multiple system libraries and i just dropped the shit even knowing a little more about computers than this vid explains
Great video!
bro uncle kenny caught me off guard. great video thx
3:52 #freemyboyuncleKenny 🙏
Thank you, I managed to create my own crack on this.
Damn fr? hahahahahhahah
Great content!
this is so cool nang
Thank you nang. Very cool.
Your outro music has not improved.
But again - great vid
Thanks Doublelift!
Fire video bruhman
I mean...that's not what they mean when they say write a keygen. The whole point is to reverse engineer the algorithm to find out how the password is created for the given username. While this is technically a "key generator", you're still just patching the program.
I did this exact "exercise", although with no UI in Linux and a really primitive debugger, in my Assembly Language course in my fifth semester. I remember looking for the password for five days while searching through thousands of registers and trying different subroutins until I realized that I could just change JNE to JMP and be done with it 😂.
did you saw the first airplane fly??
In the crackme community you are expected not to simply change the binary file (also called patching), but to write an external program that provides you with valid keys. Only then have you really solved the task. The reason is simply because patching is far too easy.
Great content. Keep up
hilarious & educative! great video
Even better the second time
Awsome video!!!!
this video is explaining something that look very f#cking overwhelming and yet it does in a hillarious way and it do teach how to no get intimidated by assembly, good job dude
As someone who has some programming background but is oblivious to this stuff, awesome video. Was super easy to follow
Or you could just byte patch the jump instruction in a hex editor after you find the location in your debugger. No key gen required.
could you teach me how
Yes, which is why crackmes usually have a no patching rule so you can actually experience the challenge
@@trixiz8647 ignore him, the guy did it in the video.
ok,,,, but what do you do if there are no strings to go off of?????? most of the time there wont be strings..
solid intro to reversing
Can you make a full guide on how to reverse engineering please :D
Didn’t even notice it was gone😂
Now try cracking it when protected with VMProtect 😂😂😂
This is amazing, well done 👍
So easy to understand, great tutorial you did right there. I'm gonna crack my Playstation next.
How tf did u know i was picking my nose
Reverse engineering
2:21 I was literally picking my nose dude
didn't even know that this was known as reverse software engineering. we did a lot of this back in the day when we wanted something (like flashfxp for xbox modding). me and my buddy used hexeditor and learned by fkn around and screwing everything up. just had to identify where to do changes. was way easier back in the day though.
Dude I subbed just for the jokes. Had man rolling over here.
so you basically convert a program into assembly code, find an error message that gets sent when you put in the wrong code, look for that in the assembly code using memory spots instead of variables/strings, then attempt to understand how jump if not equal statements work, and then find the conditionals for that statement.
and that's how you hack into ubisoft :)
Well that a lot more complicated because of denuvo and stuff
coolest dude on earth😎⁉️
Fact
Cool. I remember downloading cracks and keygens back in the day. There was always that moment of hesitation. Do I want to keep using this software or do I risk getting a virus? The best keygens were the ones with that kickass midi music.
sony vegas 8
Had a good chuckle when you got to registers.
friend building chair speaking chinese had me subbed
Hello, can I ask you something, maybe you will find it interesting. A ransomware called x101 encrypted my . 500 gb in one minute.
The files now have the extension .x101 .
After researching the vrus seems very new, it's about half a year old and from what I've read about OTHER ransomware I think my files were partially encrypted, just the beginning and maybe the end.
The files are TS video files from 700mb - 4GB each.
Fortunately, I had saved some files on an external SSD. It appears that the encrypted files are exactly the same size as the original unencrypted files on the external SSD. I already tried to snap the extension back in place, it didn't work :)))) why did I think it would work?
Is there any possibility to find the encryption mode by comparing an infected file with the uninfected one (identical file) or to delete the encrypted part and leave the code unencrypted and the video will go, possibly missing the beginning and the end?
With what program could I open them to see the binary code consisting of 0 and 1? Which is better according to you, free and open source if possible. I know there is always a pensource / free variant.
it could work if you know what exactly changed when you compare the 2 files
Hey Great Video
I have programs like a software to dim the monitor light. The problem is his background is the normal standard program withe. It blends me every night if I will dim the light.
I really wish the background of it would be dark. Can you show how to Reverse Engineer a software and make his background like dark mode ?
program I mentioned is Free Monitor Manager but it could be any.
Greetings
use lux
cool thanks!
BTW Adding a breakpoint to the variables when he is demoing the keygen is an easy way to spot out the actual key and not need to guess
I'm hoping for you're future RUclips contents, New subscriber here!.
Thanks! Lots coming :)
Hey man you are awesome 😎
Guys similar channel suggestions please
Glad i got this refresher on this topic. Instantly put it to use and cracked + patched a program i use. It's funny how much a single letter `n` change can unlock 🤣
I like to make these more challenging- You could make it autofill the password field with the correct code, or even just bypass the entire login on start up.
These are basically new outdated tuts. Man I'm old.
I think of it as basic instead of outdated. Cracking programs with modern means of defence would probably be too hard and boring for the target audience
can the same approach be used on the Change Machine ID-based license software?
A little late, but... If you got the full software executable, you can circumvent anything given enough time. Just find the spot in the code that checks the machine ID, and circumvent the check, or make it always succeed. It gets a little more complicated if the application needs to fetch parts of itself from an external source like the internet or security dongle, in which case you may need a donor for the missing data, but I haven't thought about it much.
Around 2000s A lot of games tried to encounter pirates by obfuscating the check by spreading out the code to check for validity, all over the source code. Kinda like solving a math problem throughout the day, among the other daily tasks you might have. Then doing multiple different tests.
☠️uncle kenny
Really underated channel!!
New subscriber incoming
Very top-level breakdown. Takes me back to the good old days. I miss old apps being weak, like Winzip %04x%04x byte patch. RIP jne 9090.
how with online activation programs...??
If the key on this crackme is always the same then it is not that much of a challenge.
A crackme in which you HAVE to understand the algorithm that generates a different key for each user and you have to do it without bytepatching would be way harder than this.
Even then, compared to the amount of obfuscation, anti debug measures that software has nowadays, makes cracking a bitch to deal with.
You can still debug using the integrated debugger of an emulator.
Exactly, you will have to regenerate (Pseudo) Code for the algorithm that takes String as an input and generates an Int by passing it through the function call of the algorithm.
This tutorial is so good
Nice
Now I can't wait to see why DENUVO is so hard to crack.
Exactly, and it's worse when the only person able to crack it is crazy and former a cult.