EDIT: The only reason why I still had it at this point was because I could use it with other apps. However, now that my Spotify Subscription is cancelled, it doesn’t work with anything. It’s mildly infuriating because today, I can’t still use it with other apps like I was able to yesterday.

Please don’t make the same mistake I made. No one should buy this.

  • dzervas
    link
    English
    41 year ago

    We are in the era that other than games, the companies have not yet caught up with anti-cracking techniques. I crack shit as a hobby and everything is fun and challenging until you start to mess with games. It’s insanely difficult, a CONSTANT cat n mouse run and sooooo damn time consuming

    • @El_illuminacho
      link
      English
      31 year ago

      How can I get started cracking software myself?

      • dzervas
        link
        English
        1
        edit-2
        1 year ago

        ok so first of all you need to know programming. nothing crazy but you should definitely know what a “function” “loop” or “variable” is and some basic HTTP knowledge (what is an HTTP reuest, what’s a header, etc.).

        now, your target is to bypass the license check. there are many ways to go about that:

        • the web way: intercept the traffic between the app and the server. maybe the app tells the server “am i licensed” and the server responds “no” and if you just change that you’re golden. to intercept traffic the golden standard is “burp proxy”
        • the exported function way: I’m sure that you’ve seen that all the apps that you install come with various dlls. these are “libraries” which means that they’re a bunch of functions in a package. most times they also include the name of their functions and more often than not you’ll find a “is_user_licensed” that returns a 0 or a 1. hooking that to return 1 will hand you a win
        • the exe exported function way: same as the above but the function lives inside the exe. BTW exes are exactly the same as a DLL (and you can actually execute a dll or import functions from an exe!)

        you can find any function that gets called and has a name (the names are called “symbols”) using frida-trace

        afterwards you can write a frida script (javascript) that either replaces the entire function or append/prepend code to it. most times you want to append code that just returns a value as to not mess with the programs internals

        if you have a .net app though the whole process is WAY easier as you can read all the code of the app using a decompiler - dnspyex is the gold standard

        of course not all apps are that easy to crack. it’s more of a time/mind game and less of a skill one. sure, you get much more efficient and the solutions start to “smell”, but trying to crack an app that has stripped symbols (no function names) and everything is statically compiled (all the dlls are shoved into the exe to make it harder for us) can make your life much more difficult

        since this is a “starter guide” i’m gonna leave anti-reverse, anti-debug and obfuscation completely out of the discussion. unless you get a moderately good grasp what the above terms mean, don’t bother

        I also didn’t talk about actual reversing with a debugger/decompiler/disassembler as I think that it’s better to find out about them as-you-go. don’t start from that. it’s intimidating

        Don’t get intimidated. You’ve got it. Remember that it’s not about skill (ok don’t go cracking IDA Pro or denuvo), it’s about patience and methodology As the hacker say: Try harder and happy hacking 🙂

        NOTE0: ALWAYS ask chatGPT stuff. if it refuses to answer put the question in the context of “malware research” NOTE1: I think that someone somewhere may have told me that a very popular app owned by dickheads used in the 3d printing community is a very good starting point 😀 NOTE2: You’re more than welcome to ask anything - PMs or otherwise

        EDIT: I forgot to mention reversing divas: since this is such a niche thing to do and you spend your life away from grass, some people involved are in the mindset of “this is not for everyone, you’re stupid and you can’t do it, etc”. Fuckem