When cracking a program is it better to find the error message and prevent it from triggering or is it better to find the "success" message and redirect the jumps to the "success" message"?

Every Program is different. but be aware that just forcing the program to show the "success" message most often does not defeat any protection.

You see the "registered" message all right, but the program continues to be protected/limited.

I understand that if you blindly change a conditional from say "JNZ" to "JZ" so it points to the "success" instead of skipping down to the "Error" then there still may be a time limitation. But would it it be better even though it could take longer to trace the "Success" portion to it's origin? If the latter you could download the cracked executable, enter your name and serial and it'll pass those off as valid and successful and will display that it's registered to you or you could choose the former and simply overwrite the executable.

I really don't care which one I receive but I would rather have "Registered To: Andrew" than "Registered To: \~=:= Cracked By Someone =:=~\".

I'm sorry for babbling.

Howdy,

Dont worry about babbling .

I am not understanding what it is you want to do.
Do you want to change a ready made crack/keygen ?

Do you want to actually reverse the protection ?

Do you want to just change what the "message box" says ?

Woodmann

My question wasn't intended to help me crack one particular program but to help me get a better grasp of what I should do. One program got me irritated because I can't get my head around the ASM coding to figure out how reverse the protection. I'm looking at simpler executables to practice on in the meantime so I can understand what to do and what not.

Howdy,

You are on the very best road to understanding.

The best advice I can give you is to be patient.
Pick one target and trace/follow everything and make notes.
Notes on paper or within the program you are working on.

Analyze this same program over and over again until you
understand it without even thinking about it.

Yes you can take an already made crack and reverse it to see
how someone else might have defeated it. You can only learn.
There is nothing to lose. read/disect everything.

Woodmann

Now I get your question better, but the answer is the same.

Be ready to use more than one approach, what works in one instance fails in another protection.

As a first approach, and every program is different, I would locate the error message, or the quit routine or the time is over nag etc, and find the code that triggers it. Then I deactivate that mechanism/code and see if the program runs OK by default.

I usually perform a static dasm and then read through the source code throughly. If I feel somehow the target was written by a very inexperienced script-kiddie (seen this numerous times), I'll use a hex/text editor to look for hardcoded values first. The only time a debugger is the first thing I'd use would be if the target was packed and there was no automatic unpacker for it.

Usually the protection code is concentrated in one area. Find all references to this area and change appropriately. Save and finish.

Experience says that the deeper you did the best solution/way you will find

Just one more suggestion, instead of changing jumps, dig deeper into the code and try to change what generates the value to match the jump you want to take.

SiGiNT