How To Crack Programs Yourself with

Offset Comparison Tool

Author: Raymond

3 Dec

A lot of times I’ve seen and heard arrogant people claiming that they are hacker and they
can crack programs. OK, cracking a software is VERY easy if use a patcher released by
crackers. But what if there are no ready patchers for them to use? Can they find the
weakness in the software protection system and know which byte to patch in order to turn
the trial software into a registered version? Perhaps not…

Usually when a program is updated, the patcher to crack the program will no longer work
because most cracks will verify filesize and has CRC32 checks. Although the patcher
won’t work, it is possible for you to create your own patcher to crack the latest version of
program “BASED” on the previous crack.

Here is how you can create your own crack based on previous the crack. I am teaching
you this because I want to show you the logic. Do take note that this method will not earn
you the title “CRACKER” or “REVERSE ENGINEER” but it does make you a bit
smarter

A crack usually works on specific version of a software. For example, a crack that is
made for version 2 usually won’t work for version 3. Even a crack for subversion of
program such as 2.1 can’t work with software version 2.2. That’s because most of the
time when a bug is found on a software, the developer will fix the bug and recompile the
code. The place(offset) where the crack is supposed to patch is no longer at the original
place, thus making the crack useless. Most of the cracks has filesize and CRC32 check
feature to make sure you’re using the crack on the correct version of a software. Simply
patching any version will result in the software itself become unstable.

OK, let’s get started with a scenario. You have a software called RayCalculator v2.2 and
there’s already a crack for it. Now the updated RayCalculator v2.3 is out but currently
there’s no crack. The RayCalculator v2.2 crack can’t be used to crack the RayCalculator
v2.3 because it failed the filesize and CRC32 check. Here’s how you can POSSIBLY
create your own working crack for RayCalculator v2.3 based on the RayCalculator v2.2
crack.

Most cracks can create a backup of the original file in case you need to restore it back.
You need to check the program’s folder to find out the backup filename. If the original
filename is raycalc.exe, most probably the backup filename would be raycalc.exe.bak ,
raycalc.exe.old , raycalc.old or raycalc.bak.
What you need to do now is use dUP 2 to find where is the location/offset that the crack
patch.
1. Download dUP 2 from the link at the end of this article, extract and run dup2.exe

2. Click New Project button located at the right side of the dUP 2, and click Save button
on Patch Info window.

3. Click Add button, select Offset Patch and click OK.

4. You will notice that [Offset Patch] will appear at the main (Patch Data) window.

Double click on [Offset Patch] and you’re now in Offset Patchdata window.

5. Load original file and patched file by clicking the “…” button at the Compare Files
area and click Compare button. Remember, the original file is always the one with .bak
or .old extension at the programs folder.
Now you’ll know where the RAW Offset being changed with what byte.

6. Open up the original file(raycalc.exe.bak) with a hex editor. You can use Cygnus Hex
Editor which is free.

7. Press CTRL+G, enter the RAW Offset that you see from dUP2. Select Hexadecimal
and click OK. You’re now at the offset where the crack patches.

IF the programmer did not update the registration security protection, the old version
raycalc.exe.bak data to crack is the same as the updated raycalc2.3.exe. Now, look for
noticeable data around the data where the crack is suppose to patch. For me, I see
“hkJGHRF*&(&$KLJSDFLKJ“. Do NOT find something like “.U..E….” because it’s
confusing and tough to identify.

8. Use your mouse to select the data, right click and copy.

9. Open raycalc2.3.exe in hex editor, press CTRL+F to bring out the Find box and paste
the data by pressing CTRL+V. Try to find the data to patch by referring the old
raycalc.exe.bak. I found mine which is the exact same data.

10. In dUP2, I can see that the old byte 74 and 14 is being replaced with 90 and 90.

Go back to Hex Editor, change the data 74 14 to 90 90 for raycalc2.3.exe and save it.

Voila! It works! I’ve just cracked the latest updated program based on the previous crack.
With dUP2, I can also create my own patcher for the latest updated RayCalculator
version 2.3 program.