I have an application that I want to be able to run without the CD, but cannot.

The program does not use the GetDriveTypeA function, or any GetVolumeInfo type calls.
I've run RegMon and FileMon with it and it doesn't access anything in the registry and none of the file accesses raise any flags. It installs no .ini-s or .dll-s.
I can't find the error message in the string or dialog references in WDasm32.
The program is installed on the computer, but requires the CD to run.

I'm basically only using WDasm32 for this, because SoftIce isn't working on my computer, and I am doing this at work, so i don't have a whole lot of time to screw around with trying to get SoftIce running properly.

I've done some basic reversing so I do have some idea of what to look for, but here I am just drawing total blanks. It looks like I am on the completely wrong track. Can anybody give me any ideas of where to start with this one?

Howdy,

Prolly a protected disc. You dont say if you have the reg code/serial so,
we may need that to continue.

What kind of app's need to have the CD ? Map softwares ? Phone listings ?

Woodmann

Current CD-protections are eons beyond the good old GetDriveTypeA/GetVolumeInfo ones (aah, those were the days...). Today they're right up there with the meanest packers, if not even worse...

Of course there might still exist easier ones today too, like on some low-budget titles like e.g. such ones as Woodmann mentions, but just so you are prepared for the worst...

Hi,

Welcome to the messageboard. You'll learn a lot of tricks here, so I hope you keep coming back for more.

I am going to address only the lack of error messages that you have encountered while using the protected application.

1. Some History: Originally, windows was 16 bit. All messages were stored in the executable or external files in normal ASCII. Then came the OS expansion, where ASCII was not enough. Therefore, UNICODE came into picture (you need to understand the difference between UNICODE and ASCII - look up some documentation). Wdasm32 belongs to pre-UNICODE era. It will not be successfully able to read unicode strings (in fact, they do not even exist as far as Wdasm32 is concerned). You can try loading some plugins for wdasm32 from www.programmertools.org, but I doubt they will assist very much.
Solution: Go to www.sysinternals.com and grab the small programs called strings.exe. It will list all unicode and ascii strings in all files in all subdirectories (useful, because you do not know where the protection lies)

2. Some Tricks:
2.a. Trick No. 1: Instead of putting an error message in the initial program, the ascii values in hex are there. So, even if you search the files, you will not find it. An example:

OLD STYLE (easily searchable)
if bad_guy
then messagebox "Put CD rom"
endif

NEW STYLE (difficult)
m1 = ASCII(36) // which is actually 'P'
m1 = m1 + ASCII(67) // which is actually 'u'
....
m90 = m89 + ASCII(6F) //which is 'm'
if bad_guy
then messagebox m90
endif

2.b Trick No. 2: Instead of putting an error string in unicode or ascii, its encrypted. Difficult, but not impossible. (Requires you to pinpoint the decryting routine - of course there is one, else no one would be able to read the messagebox)


3. Some Protections: If I were a big shot gaming/application organization, I would simply go out and purchase for big bucks programs like CD-Cop, Safedisc, Laserlok, etc. Tough to break, but once broken, can be used endlessly on any CD protected with this program. The most difficult to break.

As you see, these are but some of the tricks used to protect the CD-ROM. And oh yes, just because a file (using filemon) is not called .INI or .CFG does not mean its unimportant. Sometimes even the .TMP files are protections (like in older versions of Wdasm32).

And yes, get SoftICE to work. You will benefit a lot from it. I'd suggest you concentrate more on learning and mastering the tools, then crack. And yes, its really a good idea to break older protections first (though not absolute necessary)

Have Phun