The Mind That Cracked

This has been one of the most interesting stories from the days of hobby programming. Like most of the hacking community, the biggest turn on for writing programs is “Challenge”. Of the many challenges and victories, I specifically remember this as being one of the most interesting.

I had won the software programming contest at a national level tech fest called Aureole held in JEC. I was riding high on confidence and had the feeling that I could do anything with computers and programming. I even started considering myself as one of the best programmers in the area. The only person I thought came close or at par or better was my senior in college, Kunal.

That summer I came across a software program being distributed by a local coaching class professor called MindsReader by MindsArray. Two things made me look at the software that was being used by the professor to distribute notes. Firstly, the software was being touted as uncrackable. Secondly the notes being distributed on it were really good. To get those notes you had to buy the software and individual notes packages. Considering I had never paid for software in my life (till then) and having released all my projects as Open Source, it was unlikely that I was going to pay for this one either. All the motivation needed to crack it was in place.

Let the hacking begin…

I obtained a copy of MindsReader from a friend who had bought it and got it installed on my PC. At first I thought it would be as simple as installing with the same key that my friend got. Didn’t work. It generated me some key and wanted me to take it to the center or go on the web and generate an activation key for it. I had seen many such software to know that cracking this one would require me to decipher the key generation algorithm… in assembly language! I certainly didn’t have time for that but still gave it a try. Got a copy of SoftIce, an executable decompiler and pointed it to the points where I would think the software triggered key generation algorithm. I was sure that the software was using some kind of hardware ID to tie the generated code to the activation code because the activation code that one person got never ran on another machine than the one code was generated for.

Having spent hours trying to figure out which piece of code was actually generating the hardware ID, my head was aching with all the staring at assembly that I had done for nearly 10 hours. My plan was simple, locate the hardware ID generation logic and hard code it with the ID from my friends computer. Yet finding that place in code was the toughest thing I had done in a while!

The Eureka moment!

I started looking at the problem from the perspective of a developer. If I had to generate a unique computer ID how would I do that? Google. Of the many results I got, the one that jumped out at me was a simple DOS executable program that you could embed with your own program by reading off the hardware ID from it’s output. The sun finally decided to shine on me and I found the exact same DOS exe being used by MindsReader in its “bin” folder! The solution was right there in front of me all the while and I had been bothering myself with the uneasy painful path. The uncrackable software was now to be cracked. The solution was simpler than one would think. When I ran the DOS exec, I captured it’s output on my friends machine. I fired up LECIDE (my self developed C++ IDE) and wrote simple cout>> statements to dump the exact same output as the DOS exec. I compiled and linked the code and named the exe same as the original exe for generating hardware IDs and replaced that in the bin folder, prayed to the Holy Spirit of computer programming and fired MindsReader. Re-entered the registration screen and tried again with the activation key I had borrowed from my friend and the program ran! The feeling of looking at the program run was pure bliss… I had accomplished something that very few dared to try. Yes, it wasn’t as tough as cracking some crazy algorithms would be, but so what? I was the first one to have done that in my small sleepy town and that made me proud enough…

Being a supporter of free software I was now going to enable other peers of mine to be able to run the same software. I would allow them to emulate hardware IDs and also give them a UI to adequately set up hardware id/activation key/notes package combinations. The reason this was helpful is because not everyone bought every notes package. So you could ask different people for which notes package they had purchased and easily manage the emulation process for each package. I christened my tool very appropriately, CrackMind 🙂

Just before I was about to release this cracker out in the wild I called Kunal and showed him what I had accomplished. After all, showing off your accomplishments to another able programmer is what drives the Open Source industry. I expected him to get surprised (or at least act) but he shocked me by confessing that he was the developer MindsArray had hired to develop MindsReader. My sense of victory was dampened a bit because now I couldn’t release it out to everyone or that would get Kunal in trouble. So instead I just distributed the tool to my entire group who reaped benefits of being my friends. Ohh yeah I reaped benefits out of them as well and I still do!