Вы находитесь на странице: 1из 9



While there are many different ways to penetrate most software programs `  6
will focus on two popular techniques.

One cracking method is to disassemble the target programs

  file using 
  which, as 6 stated earlier, outputs the programs source code in  

While using    will not likely reveal the actual serial or registration number,
it will expose the locations in the code where the softwares protections lurk. Once
found, these protections are easily  allowing for the program to be registered
by entering the wrong info or no info at all.

Another weakness in protection that is commonly exploited by Crackers is the

software's reliance on calling   functions. Two of these functions are
!"  and # $`

After a user provides their % and &  $ or   % in a dialog
box, these type of AP6 functions are called to '`  ' or ' ' the code
needed to register the program.

Using %( )* debugger a Cracker can easily set ' +`' on these
functions to display their location in memory. Armed with this info the Cracker can then
instruct Soft-ice to '`' the information stored in that segment of memory.

6f you've wanted more control over the programs you use²and what techie doesn't²
Angus Johnson's Resource Hacker could be just what you're looking for. This powerful
utility allows you to modify just about any 32-bit Windows program and even Windows
itself. Resource Hacker takes up only 1.35 MB of disk space, works on Windows
9x/Me/NT/2000/XP, and, best of all, it's free. Let's take a look at how Resource Hacker
can be used to spruce up Windows' ever present text editor, Notepad.

A warning on legal issues

Before you read the rest of Brien Posey's article, 6'd like to reflect for a moment on the
legal implications of modifying copyrighted software. Let me first say that 6 am not a
lawyer and this information should in no way be taken as legal advice. This is simply
my understanding of current U.S. laws as they pertain to the modification of
copyrighted software (if you're outside the U.S., you're on your own).

Many End-User License Agreements (EULAs) contain text similar to the following
(taken from the Microsoft EULA that comes with Windows XP Professional found at
\Systemroot\System32\eula.txt): "L6M6TAT6ONS ON REVERSE ENG6NEER6NG,
DECOMP6LAT6ON, AND D6SASSEMBLY. You may not reverse engineer,
decompile, or disassemble the Software, except and only to the extent that such activity
is expressly permitted by applicable law notwithstanding this limitation." Does this
mean that using Resource Hacker to modify Microsoft copyrighted software is illegal?
Unfortunately, as one of my old college law professors used to say, "6t depends."

6f you modify copyrighted software for which you own a valid license for personal use,
you should be OK. 6f you modify copyrighted software and then sell the new program
as your own creation or distribute that software to the public without the copyright
holder's permission, you can probably expect the copyright holder to bring legal action
against you. 6f you modify copyrighted software for which your organization has valid
licenses and then distribute that software to your end users, you may or may not be
violating copyright law. 6n this case, 6 suggest you speak with your organization's legal
department to protect yourself and the organization.

D ,!   -  ".

Abilities, installation, and limitations

Resource Hacker allows you to view, modify, add, and delete resources. Resources can
be just about anything: icons, cursors, or bitmaps. Using Resource Hacker, you can
replace these resources with your own, thus giving your applications a custom look. Of
course, deleting resources can also be advantageous at times. Many programs are
compiled along with far more resources than the application actually uses. By removing
unused resources, you can actually decrease the application¶s size and, in some cases,
you can make the application use less memory.

While changing icons and bitmaps within a program is fun, it¶s just the beginning of
what you can do. You can rewrite just about any text within an application. You can
also redesign dialog boxes and even create shortcut keys for various menu options. You
can even modify the application¶s menus, adding or removing features.
Running Resource Hacker couldn't be simpler. Download the 541-KB zip file from the
Resource Hacker Web site and unzip it to your hard drive. Double-click the
ResHacker.exe file and you're ready to go. Resource Hacker works on 32-bit programs
that do not use compressed executables. 6t will also not work on 16-bit Windows
programs or DOS programs.

Hacking Notepad
6¶ve been debating all day how best to demonstrate Resource Hacker. 6 must admit that
while getting my feet wet, 6 had a lot of fun tweaking a freeware Tetris clone. 6n the end
though, 6 decided that 6 should demonstrate Resource Hacker using a program every
Windows user has, Notepad. The Notepad executable is found in the Windows directory
using the filename Notepad.exe. Before you begin, 6 recommend that you make a copy
of the Notepad.exe file just in case something goes wrong with your modifications.

To open Notepad within Resource Hacker, choose File | Open, browse to Notepad.exe,
and choose Open. Resource Hacker will indicate that it has opened Notepad.exe by
displaying its name in the Resource Hacker window's title bar. Resource Hacker will
also display a tree view of Notepad.exe's resources in the left-hand pane of the Resource
Hacker window. This tree view should now be filled with several folders. 6f you select
one of these folders, its content will be displayed in the right-hand pane. Working with
Resource Hacker is very similar to working with the Windows Registry Editor.

The folders that will be displayed within the column on the left differ dramatically
depending on what program you¶re modifying. 6 want to briefly go over which folders
exist for Notepad and explain what each does.

The first folder is the 6con folder, shown in '  . The 6con folder contains
numbered subfolders, starting with number 1. Each numbered subfolder contains a
resource folder, and each resource folder contains one icon used by the application. 6f
you are planning on modifying the way that an application uses icons, pay attention to
the number of the subfolder pertaining to the icon that you want to change. You¶ll need
to know this number later when you modify the icon group. 6¶ll talk more about the icon
group later in this article.

Figure A
The 6con folder stores all of the icons used by the application.

6f you want to replace an icon, you can do so by right-clicking on the icon object that
corresponds to the icon that you want to replace. Then select the Replace Resource
command from the resulting shortcut menu. This shortcut menu also allows you to save
or delete the icon (resource) if you so desire. When you select the option to replace the
resource, you¶ll see a dialog box appear that asks you for the name of the file containing
the new icon. You must then open the new icon file, select the replacement icon from
within the file, and click the Replace button. This method sounds complicated, but it is
actually rather easy. The only reason for having so many steps is because it allows you
to select icons from files that contain multiple icons.

The next folder used by Notepad is the Menu folder. Like the 6con folder, the menu
folder contains numbered subfolders. Each of these subfolders contains an object which
corresponds to one of the application¶s menus. Since Notepad is such a simple
application, it only has one menu.
6f you look at '  D, you¶ll see that when you select an individual menu object, you
can see the source code used to create the menu. This code may be edited to customize
the menu. You¶ll also notice in Figure B that Resource Hacker displays the menu in a
separate window just above the menu code.

Modifying the menu code is easy. Each menu on the menu bar is designated with the
word Popup, followed by the menu name inside of quotes, and prefixed by an
ampersand. For example, the File menu is designated by the command POPUP ³&File´.
The menu choices are specified just below the menu name between the open and close
brackets. The individual menu items are designated by the MENU6TEM command,
which 6¶ll discuss in greater detail later on.

6f you decide to make a modification to a menu, you must click the Compile Script
button prior to saving the changes.

Figure B

Resource Hacker allows you to modify the application¶s menus.

The next folder available when editing Notepad is the Dialog folder. This folder
contains folder objects, each of which contains one of the dialog boxes used by the
application. Unlike the 6con and Menu folders, these folders don¶t start at one and
increment. 6nstead, every folder is assigned either a name or a number, but there isn¶t
necessarily any particular ordering method.

When you select a dialog object, you¶ll see the code used to create that particular dialog
box. You¶ll also see the dialog box itself in a separate window. 6f you look at '  $,
you¶ll see the Page Setup dialog box used by Notepad for printing.

Figure C

You can modify any dialog box used by an application.

By far the coolest feature of the Dialog editor is the ability to completely customize the
dialog box¶s layout, not just the text. You can drag and drop any element within a
dialog box. You can even resize text, drop-downs, text entry fields, graphics, etc.
Modifying the layout of a dialog box is very similar to working with the Form Designer
in Microsoft Outlook.

String Table
The next folder used by Notepad is the String Table folder. This folder uses a series of
numbered subfolders, each containing a string object. The subfolders are numbered, but
are not necessarily sequential.

Since Notepad is such a simple application, there really isn¶t anything too exciting in
the string tables. You can see in '  , that Notepad uses the string tables primarily
for error messages. 6n some applications though, the String Tables may contain other
types of text messages, such as copyright notices. Any of the text strings can be
modified. For example, you could change the Cannot Print text string to something like
"Turn the printer on and put some paper in it."

Figure D

The String Tables contain all text used within the application.

The next folder used by Notepad is the Accelerators folder. The Accelerators section
has to do with the hot keys that correspond to various menu options. 6f you refer back to
Figure B, you¶ll notice that the first line of the File menu contains the line MENU6TEM
³&New\tCtrl+N´, 1. This command places the New command onto the File menu and
assigns the shortcut key [CTRL]N to it. You will also notice that the command is
followed by the number 1.

6f you go to the Accelerators folder, you¶ll find that there are multiple subfolders, each
with their own name. The MA6NACC folder contains the shortcut keys for the main
menu. You¶ll notice in '  - that the first line of this accelerator object is VK_N, 1,
CONTROL, V6RTKEY. This line indicates that shortcut key number 1 should be
assigned to [CRTL]N.

Figure E
The Accelerators folder allows you to create shortcut keys.

6con Group
The next folder used by Notepad is 6con Group. The icon group contains numbered
subfolders, each of which contains an icon group object. You can see an example of this
object in '  '. As you can see in the figure, the icon group object tells the
application which icons are available and how to display them. You¶ll notice that each
line of this file contains a resolution, color palette, and an ordinal name. The ordinal
name matches up to the subfolders found beneath the icon folder. 6f you look to the
extreme right of the image, you¶ll notice that all of the icons are displayed. You can
easily add your own icons to the application by modifying the icon group and the icon

Figure F
The 6con Group folder creates collections of icons that are defined in the 6con folder.

Although they are not used by the Notepad, some applications, such as the Tetris game
that 6 was experimenting with, use two additional folders called Cursor and Cursor
Group. You¶ve probably seen applications that have a mouse pointer that changes to an
hour glass when the application is busy. 6n these types of applications, the mouse
pointers are defined by the Cursor and Cursor Group folders. These folders work
identically to the way that the 6con and 6con Group folders work.

Version 6nfo
The next folder used by Notepad is the Version 6nfo folder. 6f you select the About
Notepad command from Notepad¶s Help menu, you¶ll see the file¶s version and
copyright information. This information is pulled from the Version 6nfo folder. There¶s
actually more information found in the Version 6nfo object than is displayed on the
About Notepad dialog box. The Version 6nfo object contains additional information that
can be used by asset management software to identify Notepad. You can see the
contents of the Version 6nfo dialog box shown in '  .

Figure G

The Version 6nfo object contains the version and copyright information for the

The last folder object used by Notepad is something called 24. The 24 folder isn¶t used
by all applications and wasn¶t present when 6 was experimenting with Tetris. Although 6
have been unable to find any documentation on the 24 folder, it appears that the 24
object is an XML file that feeds Notepad some operating parameters. For example, as
you can see in '  /, the 24 folder specifies the public key token, the language, and
the processor architecture.

Figure H

The 24 folder holds an XML file listing various operating parameters.

Always make a copy

Now that you have a basic overview of what you can do with Resource Hacker, 6'm sure
you're considering all the different ways you can modify your favorite programs. Just
remember to make a backup copy of any program before you go hacking it. While
Resource Hacker is a handy utility, modifying a program incorrectly can make that
program unstable or simply fail to function.?