--------------------------------- | How to crack Hex Workshop v2.54 | by da Cracker/CBE --------------------------------- Introduction: ÄÄÄÄÄÄÄÄÄÄÄÄ Many peoples want to know how to crack in our days... So I decided to write my second tutorial, requested by pist0ls. In this tutorial, I'll teach you how to crack Hex Workshop v2.54... I hope that you'll enjoy it! If you have any comment, suggestions, .... please e-mail me at dc_cbe@hotmail.com ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄIndexÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ | | |1) Programs that you'll need to crack Hex Workshop | |2) Finding the location that needs to be patched | |3) Patching the location | |4) Writing a patcher in C++ | |5) Final Notes | ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ 1) Programs that you'll need to crack Hex Workshop ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Here's the list of programs that you'll need to get to crack Hex Workshop: WinDisassembler Hex Workshop (no, really? ;) ) Hacker's View Don't expect to crack it without these utilities! Note: You can get them at http://cracking.home.ml.org, or if you're a CBE member, at CBE's memberz FTP Area And you can get Hex Workshop at http://www.bpoint.com 2) Finding the location that needs to be patched ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Now we're going to find the location that needs to be patched (where you have to modify the program so that it's cracked...) Start Hex Workshop Click on Help --> About Hex Workshop Umm, you a place where you can enter a serial number... Enter "123". Click on "Register" "You have entered an invalid registration number" No, really? ;) Go to the dir where Hex Workshop is installed Copy hworks32.exe to hworks32.bak (for backup) and to 1.exe (for disassembling) Start W32Dasm Click on Disassembler --> Open File to be disassembled Open 1.exe from the directory where you installed Hex Workshop. Click on Search --> Find Text Search for "You have entered an" Umm, you should have found "Name: DialogID_0075" just one line up the error message Now, you know which Dialog ID it uses when you enter a wrong serial #. Search for DialogID_0075 Ignore, the first "Reference to Dialog: DialogID_0075" It's only a thing so that new crackers think that it's the right place, and boom, invalid serial number, even when you patched it. So, search for the last reference to dialogID_0075 Now, scroll up until you find: "* Referenced by a (U)nconditional or (C)onditional Jump at Address: | :004262B3 (C)" <-- Interesting Now, go to the location where the jump occured (004262B3) At this location, you can see "je 00426332" That's it!!! You found the location to patch!!! And now you just need to patch it! (described in part 3) 3) Patching the location ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Click on the location where the jump has occured. In the status bar, you'll see: "Code Data @: 004262B3 @Offset 000256B3h" So the offset address is 256B3 (you don't need the 0's and the h) Ok, remember this. Start Hacker's View to edit the exe file of hex workshop (hiew hworks32.exe) Press F4, select Decode and press enter Press F5 (goto offset) and type 256B3 + Enter Now, you're almost done.... Press F3 (To edit the program) You can see 0F84 and some other things. 0F84 stands for je (jump if equal) Why "if equal"? Because there's a flag set to 0 (wrong) and if the flag of the code that you entered is 0 (wrong), it will be equal to the other flag (quite complicated ;) ) Ok, so we have to replace je to jne (jump if not equal) The Hex code for jne if 0F85, so type 0F85. Now, press F9 to update the file and F10 to exit. Start Hex Workshop. Click on Help --> About Enter any code Click on Register It will ask you your name/company Voila!!! Hex Workshop is now Registered! You've made it! 4) Writing a patcher in C++ ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Now, to release the crack, you have to make what we call a patch. Yeah, you can't distribute the exe for two reasons: 1) It's illegal (a patch isn't illegal: it's your prog; but when a persons uses it, it's illegal) 2) It's quite big for a crack Here's the C++ source code of the patcher: -------------------------------cut here--------------------------------------- #include long filesize(FILE *stream) { long curpos, length; curpos = ftell(stream); fseek(stream, 0L, SEEK_END); length = ftell(stream); fseek(stream, curpos, SEEK_SET); return length; } main() { int counter; FILE *filename; unsigned char readbyte; long int offset[1] = { 153268 }; // Offset address unsigned char data[2] = { 132, 133 }; // Data to be written printf(" ÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜ\n"); // Displays the logo printf("Ûß ßÛ\n"); printf("Û Hex Workshop v2.54 Û\n"); printf("Û ENTER ANY SERIAL # Û\n"); printf("Û BY dC/CBE Û\n"); printf("Û E-mail: dc_cbe@hotmail.com Û\n"); printf("Û Website: http://cbe.ml.org Û\n"); printf("Û IRC: #cbe98 on Efnet Û\n"); printf("ÛÜ ÜÛ\n"); printf(" ßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßß\n"); printf("\nþ OPENING FILE: "); if ((filename = fopen("HWORKS32.EXE", "r+")) == NULL) { printf("OK!\nþ CHECKING SIZE : "); if (filesize(filename) == 678912) { printf("OK!\nþ PATCHING FILE : "); for (counter=1;counter<2;counter++) { fseek(filename,offset[counter-1],SEEK_SET); fscanf(filename,"%c",&readbyte); if (readbyte == data[(counter*2)-2]) { fseek(filename,offset[counter-1],SEEK_SET); fprintf(filename,"%c",data[(counter*2)-1]); } else {printf("ERROR!\nþ FILE ALREADY PATCHED OR DIFFERENT!\n"); fclose(filename); return 1; } } printf("OK!\nþ PATCH SUCCESSFULL! Enjoy it!\n"); } else printf("ERROR!\nþ FILESIZE MISMATCH!!\n"); fclose(filename); } else printf("ERROR!\nþ CAN'T OPEN FILE!!\n"); return 0; } ----------------------------------cut here------------------------------------ Now, compile this patcher (with a C++ compiler) and you can distribute your crack! 5) Final Notes ÄÄÄÄÄÄÄÄÄÄÄ I hope that you enjoyed reading this tutorial as much as I did writing it! I wrote it for pist0ls who is a newbie and who wants to learn how to crack... Good luck, pist0ls! -da Cracker/CBE dc_cbe@hotmail.com http://cbe.ml.org #cbe98 on Efnet