How game cracking works

Copying software is a problem as old as software itself. Software manufacturers immediately sought to prevent people from copying their products. And it’s been a game of cat and mouse ever since, as people figured out how to crack the software so they could copy it. Here’s how game cracking works.

Cracking games, or any other software, is a matter of making the software stop performing whatever checks the manufacturer put in place to defeat copying. It typically takes some knowledge of machine language, and sometimes encryption, to make it work. But once the check is circumvented, the software generally can be copied freely.

How publishers prevent copying

How game cracking works
Before the DMCA made them illegal, there was a whole industry of software that cracked other software for you, or replicated the checks. Historically, game cracking worked by overwriting the checks with do-nothing code.

To understand how cracking works, first you have to understand software protection schemes. In the past, publishers would intentionally write errors to disks that copy programs wouldn’t duplicate, or they would use a nonstandard disk format that copy programs wouldn’t duplicate. That worked until people started writing copy programs that would go out of their way to copy errors or weird disk formats.

Software publishers then moved on to other methods, such as using a coded wheel or slide, or asking a player to look up something in the manual. If you didn’t buy the software and didn’t have the manual, you couldn’t answer the question when the program asked you what the 17th word on page 43 was.

That method worked less and less well as the digital age progressed. In more recent years, publishers turned to using a cryptographic code. When you install the software, you enter the license key, which is unique to you. If you don’t have a key, the software either operates in demo mode or refuses to run.

How cracking works

To copy the software, a cracker finds a way to defeat the scheme. Generally speaking, there are three ways around it, but not all of them work all the time.

Memory dumps

One method is to simply load the program into memory after the check occurs, then dump the contents of memory and, if necessary, write a loader that restores the contents of memory.

This method was extremely effective and nearly impossible to defeat before the advent of memory protection. It doesn’t work well on modern operating systems that prevent one program from reading another program’s memory, so this method has fallen by the wayside. This wasn’t the reason memory protection came into being, but it was a nice side effect, if you were a software publisher. Even though it makes copying software harder, everyone wants memory protection because it makes computers much more stable.

Breaking the key

Another method to crack software is to break the key. Once you know the mathematical formula behind the keys, you can write your own key generator, and generate keys that pass the publisher’s checks.

Publishers get around this to a degree by ensuring each key can only be used once, but this can cause other problems. If you ever bought a game, installed it, and got a message that your key has already been used, you know the pain.

If you’ve ever wondered why you have to type something like de6ec370-3e19-11e9-b210-d663bd873d93 when you install a piece of software, that’s why. The formula for generating these types of numbers is well known, but there’s a random component to it. If a cracker can figure out the random component, he or she can generate keys.

Circumventing the check

The most reliable method for cracking is circumventing the checks entirely. This requires a fair bit of knowledge of machine language, because you have to examine the software on the disk and reverse engineer enough of it to find the part that performs the check. Then you rewrite the check so that the check always passes, or replace the code with do-nothing code so the software blows right through the check. Replacing the code with do-nothing instructions is much easier.

Prior to the DMCA, there was a whole cottage industry of software companies that would reverse-engineer these schemes and then sell you software that would crack the software for you, so you could make as many copies of it as you wanted. A true software cracker considers this cheating, of course, and develops the cracks themselves.

Circumventing checks is more difficult today, since this is tampering with the code. It’s not uncommon for software to perform integrity checks to make sure the code hasn’t changed, because by definition, that’s what viruses do.

Like memory dumping, security dudes like me have made this method nearly obsolete. Ironically, a lot of security dudes like me cracked at least one game when we were teenagers in the 80s.

Related questions

Cracking is a complex subject and it raises a lot more questions. All of them are fair.

Is it safe to use cracked software?

In a word, no. The problem is you have no idea what other changes someone made when they cracked the software. They likely had to circumvent both the protection check and the integrity check to get the program to run, so you have no idea what other ridealongs came with it. It’s entirely possible the software has spyware or other malware injected into it. Your antivirus software may catch it, but depending on how the malware got embedded, it may not. It’s not hard to fool antivirus software if your code hides inside something else.

I once had a coworker who bragged that he runs pirated copies of Windows, Office, and numerous other programs on his family’s computers at home. As I recall, he also had to rebuild his computers a lot more than anyone else I know. Needless to say, if he ever sends me his resume, I won’t be opening it.

How do game crackers make money?

The game crackers I knew in the 1980s didn’t make any money. They cracked games and gave them away because they didn’t like copyrights. But some made good livings doing it, by selling software that would crack software for you. Selling cracked software itself was dangerous, though I’m sure some people did it.

Today there are more obvious ways for game crackers to make money. If they can figure out how a piece of software generates keys, they can sell keys online instead of giving them away. While some people object altogether to paying for software, it seems like the majority of people are willing to pay small amounts for it. They’re nearly as willing to pay $5 as get the software for free.

But a cracker can give away cracked software and still make money. They can inject adware or spyware into the software and make money off the ad revenue. Or more likely, they can inject additional software and mine cryptocurrency on your computer to make money. Cryptocurrency is rather lucrative, so if a cracker can crack a popular title, they can make a lot of money in cryptocurrency by giving it away.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this:
WordPress Appliance - Powered by TurnKey Linux