--------------------------------- | General Tutorial about Patchers | by da Cracker/CBE --------------------------------- Introduction: ÄÄÄÄÄÄÄÄÄÄÄÄ If you read all my four tutorials (the first doesn't help, I think :( ), you should know how to crack: - Basic protections (Hex Workshop) - A bit harder basic protections (WinRoute Lite) - Intermediate Protections (Visual Page) With this knowledge, you should be able to crack about ... 40% of the programs! Well, now, I'm going to make deaper approach to patchers. I hope that you'll enjoy the tutorial! If you have any comment, suggestions, .... please e-mail me at dc_cbe@hotmail.com ÚÄÄÄÄÄÄÄÄÄÄIndexÄÄÄÄÄÄÄÄÄÄ¿ | | |1) C++ Patchers | |2) Turbo Pascal Patchers | |3) Assembler Patchers | |4) Windows Patchers | |5) Final Notes | ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ 1) C++ Patchers ÄÄÄÄÄÄÄÄÄÄÄÄ In our days, many programmers use C++ to do their programs... Why? Because it's a very portable version (ie. Without changing the code, it can work in Unix, Linux, DOS, Mac, Windows, ...) So if we can do a program in C++, why not a patcher? Yes, we can, because in C++, there are two functions to open files as output: A) ofstream myfile(file.exe, ios::binary); B) fopen("file.exe", "r+") The A method needs the file fstream.h to be included (#include ) The B method needs the file stdio.h to be included (#include ) But in this tutorial, for C++, we are going to use the method B, because it also has seek methods (to find the right spot in the exe file) Ok, now comes the source code commented: ------------------------------------cut here---------------------------------- #include // File required to make fopen work! long filesize(FILE *stream) // A function that get the size of the program (to check) { long curpos, length; curpos = ftell(stream); fseek(stream, 0L, SEEK_END); length = ftell(stream); fseek(stream, curpos, SEEK_SET); return length; } main() { // Program start int counter; FILE *filename; unsigned char readbyte; long int offset[2] = { 35345, 35346 }; unsigned char data[4] = { 116, 144, 17, 144 }; // The first number is the original data from the first offset, the 2nd // number is the modified data; the 3rd data is the original data from // the second offset, the 4th one is the modified data, etc... printf(" ÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜ\n"); // \n is a line break printf("Ûß ßÛ\n"); printf("Û Visual Page v1.0 Û\n"); // Name of the program printf("Û REMOVES EXPIRATION DATE + NAG Û\n"); // What does it do? printf("Û Û\n"); printf("Û E-mail: dc_cbe@hotmail.com Û\n"); // Guess what? printf("Û Website: http://www.cbe98.org Û\n"); printf("Û IRC: #cbe98 on Efnet Û\n"); // Come and chat with us! printf("ÛÜ ÜÛ\n"); printf(" ßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßß\n\n"); printf("þ OPENING FILE : "); // Self explanatory ;) if ((filename = fopen("VPAGE.EXE", "r+")) == NULL) { // Replace VPAGE.EXE with the exe file of the program printf("SUCCESS!\nþ CHECKING SIZE : "); if (filesize(filename) == 1266204) { // Replace 1266204 with the exact size of the program (type "dir" in dos) printf("SUCCESS!\nþ CRACKING FILE : "); for (counter=1;counter<3;counter++) { fseek(filename,offset[counter-1],SEEK_SET); fscanf(filename,"%c",&readbyte); if (readbyte == data[(counter*2)-2]) { fseek(filename,offset[counter-1],SEEK_SET); fprintf(filename,"%c",data[(counter*2)-1]); } else {printf("ERROR!\nþ FILE ALREADY PATCHED OR DIFFERENT!\n"); fclose(filename); return 1; } } printf("SUCCESS!\nþ PATCH SUCCESSFULL!\n"); } else printf("ERROR!\nþ FILESIZE MISMATCH!\n"); fclose(filename); } else printf("ERROR!\nþ CAN'T OPEN FILE!\n"); return 0; } --------------------------------cut here-------------------------------------- 2) Turbo Pascal Patchers ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Turbo Pascal is another language used by programmers... Anyway, here's the source code for a patcher: ------------------------------------cut here---------------------------------- Const Offset : Array [1..2] Of LongInt = ( 35345, 35346 ); Const Data : Array [1..4] Of Byte = ( 116, 144, 17, 144 ); Var Filename: File; Counter : Word; Readbyte : Byte; Begin Write (' ÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜ'+ #13+ #10+); Write ('Ûß ßÛ'+ #13+ #10+); Write ('Û Visual Page v1.0 Û'+ #13+ #10+); Write ('Û REMOVES EXPIRATION DATE + NAG Û'+ #13+ #10+); Write ('Û Û'+ #13+ #10+); Write ('Û E-mail: dc_cbe@hotmail.com Û'+ #13+ #10+); Write ('Û Website: http://www.cbe98.org Û'+ #13+ #10+); Write ('Û IRC: #cbe98 on Efnet Û'+ #13+ #10+); Write ('ÛÜ ÜÛ'+ #13+ #10+); Write (' ßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßß'+ #13+ #10+ #13+ #10); Write ('þ OPENING FILE : '); Assign (Filename, 'VPAGE.EXE'); {$I-} Reset (Filename, 1); {$I+} If IOResult = 0 Then Begin Write ('SUCCESS!'+ #13+ #10+ 'þ CHECKING SIZE : '); If FileSize (Filename) = 1266204 Then Begin Write ('OK!'+ #13+ #10+ 'þ CRACKING FILE : '); For Counter:= 1 To 2 Do Begin Seek (Filename, Offset [Counter] ); BlockRead (Filename, Readbyte, 1); If Readbyte = Data [Counter* 2- 1] Then Begin Seek (Filename, Offset [Counter] ); BlockWrite (Filename, Data [Counter* 2], 1); End Else Begin WriteLn ('ERROR!'+ #13+ #10+ 'þ FILE ALREADY PATCHED OR DIFFERENT!'); Close(Filename); Halt; End; End; Close (Filename); WriteLn ('OK!'+ #13+ #10+ 'þ PATCH SUCCESSFULL!'); End Else WriteLn ('ERROR!'+ #13+ #10+ 'þ WRONG VERSION OF FILE!'); End Else WriteLn ('ERROR!'+ #13+ #10+ 'þ CAN''T OPEN FILE!'); End. -------------------------------------cut here--------------------------------- 3) Assembler Patchers ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Assembler is a quite hard programming language, because it's a low level one (right before machine level code)... Well, here's the Assembler source code for a patcher -------------------------------------cut here--------------------------------- code segment byte public assume cs:code, ds:code org 100h start: mov dx,offset logo ; Shows your logo call write ; write the message call open_file ; Guess what ? mov filehandle,ax ; Put the filehandle in "filehandle" mov dx,offset fsize call write ; write the message call check_size ; Check the current filesize mov di,offset data ; Point di to data table mov si,offset ofs ; Point si to offset table mov cx,2 ; Loop ???? times mov dx,offset crackfile call write ; write the message crackit: push cx ; Save cx call seek_file ; Seek in the file call read_file ; Read one byte and compare call seek_file ; Seek again (back) call write_file ; Write the byte add si,4 ; Add 4 to si 2*sizeof(word) add di,2 ; Add 2 to di 2*sizeof(byte) pop cx ; Bring cx back loop crackit ; Loop Crackit mov dx,offset cracksucc jmp short goback already_patched: mov dx,offset alreadycrk jmp short goback size_mismatch: mov dx,offset sizemismtch jmp short goback error: mov dx,offset erroropen goback: call write ; write the message call close_file ; Close the file mov ah,4Ch ; Jump back to the operating system int 21h Write proc near push ax mov ah,9 int 21h ; Display String pop ax retn Write endp open_file proc near mov ah,3Dh mov al,2 ; open file function 3Dh mov dx,offset filenaam int 21h jb error retn open_file endp close_file proc near mov ah,3Eh ; close file function 3Eh mov bx,filehandle int 21h retn close_file endp check_size proc near mov bx,ax mov ax,4202h xor cx,cx ; Check the filelength xor dx,dx int 21h jb error cmp ax, lowsize ; (Lowbyte) jne size_mismatch cmp dx, highsize ; (Highbyte) jne size_mismatch retn check_size endp read_file proc near mov ah,3fh mov bx,filehandle ; read file function 3Fh mov cx,1 mov dx,offset readbyte int 21h mov ah,readbyte cmp [di],ah ; Compare patched bytes jne already_patched jb error retn read_file endp write_file proc near mov ah,40h mov bx,filehandle mov cx,1 ; write file function 40h mov dx,di inc dx int 21h jb error retn write_file endp seek_file proc near mov ah,42h mov al,0 mov bx,filehandle ; move file ptr function 42h mov dx,[si] mov cx,[si+2] int 21h jnc here jmp error here: retn seek_file endp filenaam db 'VPAGE.EXE', 0 filehandle dw 0 lowsize dw 21020 highsize dw 19 readbyte db 0 logo db ' ÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜ', 0Dh, 0Ah db 'Ûß ßÛ', 0Dh, 0Ah db 'Û Visual Page v1.0 Û', 0Dh, 0Ah db 'Û REMOVES EXPIRATION DATE + NAG Û', 0Dh, 0Ah db 'Û Û', 0Dh, 0Ah db 'Û E-mail: dc_cbe@hotmail.com Û', 0Dh, 0Ah db 'Û Website: http://www.cbe98.org Û', 0Dh, 0Ah db 'Û IRC: #cbe98 on Efnet Û', 0Dh, 0Ah db 'ÛÜ ÜÛ', 0Dh, 0Ah db ' ßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßß', 0Dh, 0Ah db 'þ OPENING FILE : ','$' fsize db 'SUCCESS!',0Dh,0Ah,'þ CHECKING FILESIZE : $' crackfile db 'SUCCESS!',0Dh,0Ah,'þ CRACKING FILE : $' cracksucc db 'SUCCESS!',0Dh,0Ah,'þ PATCH SUCCESSFULL!',0Dh,0Ah,'$' alreadycrk db 'ERROR!',0Dh,0Ah,'þ FILE ALREADY PATCHED OR DIFFERENT!',0Dh,0Ah,'$' sizemismtch db 'ERROR!',0Dh,0Ah,'þ WRONG VERSION OF FILE!',0Dh,0Ah,'$' erroropen db 'ERROR!',0Dh,0Ah,'þ CAN', 027h,'T OPEN FILE!',0Dh,0Ah,'$' ofs dw 35345 , 0 , 35346 , 0 data db 116, 144 , 17, 144 code ends end start -------------------------------------cut here--------------------------------- 4) Windows Patchers ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Many of you guys probably know how to program in a visual language (ie. Visual Basic, Delphi, Borland C++ Builder, ...) or even in a non visual language (Visual C++, they call it visual, hahaha). Well, with these programming languages, you can do patchers. From these languages, I only know Visual Basic, so I'm going to tell you how to do a visual basic patcher (even though the users need the Visual Basic runtimes to make it work... But almost everyone has them): A) Start Visual Basic B) Choose Create a new exe C) Do your own design D) Do a button called "Patch it!", or whatever E) Double-click on this button (shows the source code) F) Type "Open file.exe For Binary Access Write As #1" That's the function who opens a file in binary mode for editing! After, you have to tell the location that needs to be patched, the data, etc... At the end, to close the file, type "Close #1". 5) Final Notes ÄÄÄÄÄÄÄÄÄÄÄ If you didn't understand ANYTHING in this tutorial, just use a patcher... It's MUCH easier. For CBE memberz, you can get a patcher in the directory patchers/ from the memberz ftp area... For the others: search the net ;) I hope that you enjoyed reading this tutorial as much as I did writing it! Good luck! btw, my next cracking tutorial is going to be about ummm, dunno yet... =) -da Cracker/CBE dc_cbe@hotmail.com http://www.cbe98.org #cbe98 on Efnet Come and chat with us on IRC!