You are on page 1of 2

CD-Check tutorial and generic tutorial abou hacking.....

by Xcellent - because Brazil isn't just Football and Carnival!!

Hello to all newbes wanting to learning how to crack!!
Well, hacking and cracking is actually something really good to do,
and is something sometimes hard to do too, depending on what kind of
protection ya will have to fight with.
Enough of &^$ shit!! Let's learn.
Sorry for the gramatical erros but i'm Brazillian
There are things that ya must know, that are the begin of da beggining
like some several and basic ASM knowledgement and have the right tools in hand.
If u don't know about it, look these basic ASM instructions:
Instruction - What da hell they mean!!
- jump if equal
- jump if not equal
- no operation
- compare with something in the registers
- calls something like functions
Well, that's all you need to know. Let's see the tools:
W32Dasm - Disassembler and debugger (
HEXPert or any other hex editor (
The first of all, after have downloaded and installed the tools, let's rave!!
The game I will use to demonstrate is the Quake 3 Arena v1.17 removing the CD
check routine, in this case, and in the most of them, are simple to remove.
1 - Run Quake3 and select single player
2 - Choose any level and play
3 - Fucking shit!! a message came saying: "INSERT THE CD"
Now remember this message for use later and start W32Dasm, click open and select
quake3.exe file, wait the disassembler work and sleep a little........ZZZZZ....z
oh, what? ready, well, *ahem*, ok, click on menu refs - String Data Reference, a
will popup with a lot of messages, now what you need to do is searching for that
remember it? it's "INSERT THE CD". Ok, you find it? no? well, this time the game
use a different name for that dialog that isn't "INSERT THE CD" so we need to fi
something related to CD, like "CD not in drive", "CD not ready" or "Game
CD not in drive". You'll find the last message "Game CD not in drive", so double
on it, and you'll be in the right place, now you will see something like this:
* Referenced by a CALL at Address:
:00432460 83EC54
sub esp, 00000054
* Possible StringData Ref from Data Obj ->"fs_restrict"
:00432463 6834364B00
push 004B3634



call 0041F290
fcomp dword ptr [004AF3F0]
add esp, 00000004
fstsw ax
test ah, 40
je 00432495
call 00445340 <-- calls CD check routine
test eax, eax <-- check the result
jne 00432495 <-- jump if the result is the exp

* Possible StringData Ref from Data Obj ->"Game CD not in drive" <-- else show t
hat fucking dialog
:00432486 68A4BE4B00
push 004BBEA4
:0043248B 6A03
push 00000003
:0043248D E8FE9EFEFF
call 0041C390
:00432492 83C408
add esp, 00000008
Well, look at :00432484, that's the place where you need to change the jne to jm
p, doing this,
even if the value wasn't the expected (CD not in drive) or with the CD in drive
the game
will play!! Easy isn't!?
But to change the bytes, you must know where they are, to do this move the bar (
In W32Dasm) to the
jne, doing this the bar will turn green, so take a look at the bottom of the scr
een and you
will see:
Line: 103161 Pg 2063 and 2064 of 6946 Code data @:00432486 @Offset 00032484 in f
The adress will always be named as Offset and it will be a hexadecimal value, in
this case,
the offset is 32484.
So fire your hexadecimal editor, load the quake3.exe file and search for the off
set 32484.
Got it? now just change the 75 value to EB and save the file.
Run Quake 3, and, wow!! you have cracked it!!
that's enough folks - wait for more....
Xcellent <- page in portuguese only!!! soon in english and
with tutorialz, crackz and toolz