身?第一?音?商品?售者,?在自己的?子?上宣?著 " 拒偕 Copy Control CD " 的理念,似乎是一?搬石钷砸自己的倪,?要得罪唱片公司的愚蠢行?;但事?上是:Copy Control ?制在於呃??位化十分快速的科技?代,?疑暴是唱片公司?求自身利益,暴露了?於高科技的恐慌??苛?待其忠?客?的愚昧行?。
?想一??防鄙拷氧作成本完全弈嫁到消偻者身上,?呗一般的 CD Player 都有可能坐不出?的 CD,又怎?抓得住客?的心呢?然而?於?呢知滓赜富的剿端使用者而言,Copy Control ?疑是?唬人的小把?,想要弈成 MP3 ?非困膣之事!如此本末倒置的行?怎?人不生??我?因此有理由拒偕 Copy Control CD,把一?的金遑用??偕一?由?立唱片公司做出?的?冱唱片,?抗呃肺大?轾利益?前的愚蠢?制,?斤音?一?自由聆逻的空殓!
Changes in This Review :
17. How About Object Method - Changed From the GroundUp.
23. Generic Way for CopyControl Under Windows , Shell or Object ? - New
24. I have an Older Version Than 1.59 , How to Unlock ? - New
25. Changes on Version 3.02 and later - New
26. Is there anything to modify CC parameters - Introducing a new tool
01. How can i detect my program is protected using CopyControl ?
02. What is Major , Minor and Build Number ?
03. How detect version of CopyControl which used to protect software ?
04. Is there any way to find CopyControl Build|Review number ?
05. What is Product Code ?
06. How can I detect Product Code ?
07. What is CopyControl Serial Number ?
08. How to Access CopyControl Serial Number ?
09. What is Product Serial Number ?
10. Where Product serial number is stored ?
11. Where is CopyControl Key Track on floppy ?
12. What is Master Track Specification ?
13. I have a program without its master disk . How can i detect its PCODE
14. What is CCUICA ?
15. How can I change my CopyControl Serial Number to the same used with
Developer ?
16. I know protection specification , I got it from CCLOOK or inside EXE
file , May i create a new copy of MaterDisk ?
17. How about Object Method ?
18. What is CCICA?
19. I have a 720KB MasterDisk which CCICA can't copy that , What can i do?
20. I have a protected program with version 1.72 but Currently I have just
CopyControl Version 1.71 , Is there any Solution ?
21. My Program is using NE or PE shell Protection , Any solution ?
22. The code that i have created using CCREMOTE wont works correctly .
23. Generic Way for CopyControl Under Windows , Shell or Object ?
24. I have an Older Version Than 1.59 , How to Unlock ?
25. Changes on Version 3.02 and later ?
26. Is there anything to modify CC parameters ?
27. I could not found my question here .. ?!
Q : How can i detect my program is protected using CopyControl ?
A : Every protected program needs a couple of files to run . these files
are ccontrol.sys and xxxxxxxx.ccc . Depend on the type of protection
This files may be found in floppy disk which you have as keydisk or
may be with your program files. In most cause these files are hidden
and may be place in a hidden directory.
Q : What is Major , Minor and Build Number ?
A : These topics refer to CopyControl Version . In Version 1.71.12 , 1 is
Major Version , 71 is minor version and 12 is build number.
Q : How detect version of CopyControl which used to protect software ?
A : A couple of ways are Available here. You may use Microcosm CCLOOK.EXE
to extract protection specifications or opening ccontrol.sys in a HEX
editor . If you preafer the second way , So First byte of this file
contains Major Version number and Second contains minor one .
Example : 01 42 in the first two bytes of ccontrol.sys means v1.66 is
used to protect the application .
Q : Is there any way to find CopyControl Build|Review number ?
A : You may be interest to know the build number of CopyControl Version ,
I mean in file , not using CCLOOK , So you can see offset 0x7C of sys
file to retrive this information .
Q : What is Product Code ?
A : Product code is a unique 8 chracter code that developer considers for
his product. In protection check process that is important that PCODE
be the same as saved somewhere in protected program . In this way one
developer can give you two diffrent program with two diffrent PCODE
and you will not be able to use their keydisks instead each other ...
Q : How can I detect Product Code ?
A : That's very easy, just see name section of file which has .CCC
extension .
Example : I have misc.ccc in my files , So PCODE is : MISC
Q : What is CopyControl Serial Number ?
A : Each CopyControl has ( had ) a unique serial number . Every protected
program will check this serial number , In this way other licenced
CopyControl users can't create a MasterDisk as another because there
is diffrence between their CopyControl Serial Number .
Q : How to Access CopyControl Serial Number ?
A : Refer to a WORD in offset 0x4 of .CCC file . The Serial number stored
here in protection time .
Q : What is Product Serial Number ?
A : Each protected program has a PCODE and each master disk may have a
unique serial number . In this way two diffrent key-disk with same
PCODE and CopyControl Serial Number can not be used instead each
other because they are diffrent in Product Serial Number Field .
Q : Where Product serial number is stored ?
A : This field can be retrived as a WORD from offset 0x6 of .CCC file .
The Lower Byte is used to crypt protected files in some cause , This
is not general and can't be retrived from this offset safely.
Q : Where is CopyControl Key Track on floppy ?
A : Ok, We can use Product serial number to get exact key track number on
floppy disk . ( Product Serial Number & 0x000F ) + 20 is track number
which used as key by copycontrol on floppy disk .
In Version 3.0? and Higher if CCADD fail on making signature track on
its old place then will retry on next tracks and Mark OLD failed one
as Bad Track in the disk FAT section.
Q : What is Master Track Specification ?
A : Protected track has a 8092 sectore with sector id 18. The contents of
This track can't be read and will generate CRC error becuase of the
method they used to write this sector .
Q : I have a program without its master disk . How can i detect its PCODE
serial number and CopyControl Serial Number ?
A : Look at this table , I extracted it from CopyControl CCADD.EXE
Mz:sJaNcPi is CopyControl signature here . CCONTROL is product code
which used to protect this program . CCADD.EXE is the name of program
which Shell method used on it . Look at address 21h in the dump , you
can find 283F as product serial number here. This means Your program
is protected by this serial no . This Serial is diffrent with serial
which master disk is created with . The CopyControl Serial Number can
be extracted from offset 3Ah . This means the Serial No of developer's
CopyControl Was 0x0F5A .
So Here we have introduced a couple of key fileds :
1- Word Before PCODE means Product Serial Number. Was 283Fh in Example.
2- Word Before Fault message Means CopyContorl Serial Number , in our
Example that was 0F5Ah .
Note :
Another Key Field is Byte before CopyControl Serial Number in offset 39
of dump . This Fields Means "Action to Take when Protection not Found"
*10h + "Display error Code?" in protection process using Ccontorl.
Q : What is CCUICA ?
A : CCUICA is one of [I.C.A] products to manage CopyControl Unshelling.
Because of cool shell protcetion on PE and NE files , this utility
just supports MZ files . This utility can be downloaded from [I.C.A]
download site which currently is located on http://ids01.cjb.net .
Q : How can I change my CopyControl Serial Number to the same used with
Developer ?
Although that is possible changing serial number directly using your
protected CopyControl , but we don't want to make it more technical in
operation , so use CCUICA to unshell CCADD.EXE file at first . Then
copy ccontrol.ccc and ccontrol.sys files from hidden directory to the
root directory. Run unshelled ccadd.exe and create a new master disk
using below specifications :
PCODE : CCONTROL
SERIAL : every thing you wish .
Run From Master : No
Programs to protect :
CCADD.EXE Shell
CCREMOTE.EXE Object
After creating new masterdisk , copy its ccontrol.sys and ccontrol.ccc
files to the root directory again . Now the new serial number will be
placed in every product which you protect using unshelled ccadd.exe .
Q : I know protection specification , I got it from CCLOOK or inside EXE
file , May i create a new copy of MaterDisk ?
A : of course , you should follow these steps :
1- Create a new CopyControl with serial which you have extracted from
file .
2- Use that CopyControl to create a new MasterDisk of you program. Now
use new master disk for protected program .
Q : How about Object Method ?
A : There are several ways for object protected programs . The first is
tracing protected program and jumping over conditional jumps . in this
form you should have an intermediate knowledge on cracking filed.
Second way is replacing CC32.DLL on some protected programs . If you
read the manual of CopyControl , you will find all the things you need
about DLL replacing . In Short you have to create a new CC Master Disk
with your required Serial Number , The Extract Protection Parameters
using CCLOOK , if that is a protection over CopyControl DLL then you
may reprotect a RAW CC32.DLL (DLL which is on CC pack) and replace it
on the program Directory.
Third is replacing that DLL with yours which Exports required function
and ignore all the protections checks , This is Depend on the way they
have used to protect their programs.
Another way is Creating a new MasterDisk for protected program, if you
have not the master disk then you can extract informations from files.
Refering to CopyControl Developers manual may help you too . While I
was patching CCADD.EXE v3.03 , I found a protection check which was
checking protection internally with function 0. ( Full Check ) Then I
Changed Function Number to 3 (Get Parameters Only) . You may have
Some Problems here , But I am Sure My Friends (DISKEDIT Masters) will
Find What I am Talking ABout
Here I found a Generic Way too , Which will answers when you have a
working copy . Read About Generic Ways
Q : What is CCICA?
A : CCICA is another utility by [I.C.A] to manage copying CopyControl
created master disks. This utility knows all 1.44MB floppy disks which
are protected using CC v1.59 to v3.01 .
Q : I have a 720KB MasterDisk which CCICA can't copy that , What can i do?
Q : I have a protected EXE which can not be unshelled using CCUICA ...
A : Try to create the same MasterDisk using a CopyControl.
Q : I have a protected program with version 1.72 but Currently I have just
CopyControl Version 1.71 , Is there any Solution ?
A : Yes , Try to create a new master disk using version 1.71 , then edit
version fields in .ccc and .sys files on master disk . Use CCLOOK on
modified disk . if there is no error so you can use this disk instead
original. If the application used ccmove.dll or ccmove.exe or ccchange
to manage protection , you should replace that files with the version
you modified else you will see Version incompatibility error .
Q : My Program is using NE or PE shell Protection , Any solution ?
A : Try to load it in your prefeared HEX file editor . Find below codes :
3D 00 00 75 12 , or 75 12 3D 00 00 and change them to :
33 C0 90 75 12 , or 90 90 33 C0 90
Remember "Action to Take when Protection not Found" and "Display error
Code?" keyfiled . Change that to 00 . Now shell will be ignored .
If this trick didn't worked and program still shows Error before Run ,
find below code exactly a few bytes before previous patch location :
00 74 1A 50 ... and change it to :
00 EB 1A 50 .
In this form , Shell will be Ignored .
This trick may not work on some versions, so you should run your tracer
and try to BPX MessageBox .
After Program Break , Trace to go back to your program and find compare
instruction Yourself .
No More Hint for GooD Reversers ..
Q : The code that i have created using CCREMOTE wont works correctly .
A : The problem may be diffrence between your CopyControl Serial Number
with developer's one . You should create a new CopyControl with the
same Serial number . If CCREMOTE didn't worked , Try to change serial
number in the CCREMOTE file . This KeyField Described in previous
Questions ...
Q : Generic Way for CopyControl Under Windows , Shell or Object ?
A : It's long so let me describe it more detailed in comming days
Here I have hint for Crackers ...
Start Your FrogsIce .
Load SymbolLoader and Import Kernel32.dll.
CTRL-D
G DeleteFileA
Now Run protected Program ...
When you saw that lovely BLACK screen again ...
P
G DeleteFileA again
When you saw that lovely BLACK screen again ...
Step 4 ..5 Instructions
E EDI to know which file is removing , Edit the name to ignore deletion
G
and Exit the program .
A file with the name CC3216XX.DAT will remain on your windows temp dir.
Write a windows 3.1 (NE) exe which makes this DAT file .
replace it inside the CC object , and you never need that CCC and SYS
files again .
Q : I have an Older Version Than 1.59 , How to Unlock ?
A : Sorry I sugget you deadly to put that software into the trash and use
newer version . I have no answer to this , because I may never find
that older version of CopyControl. If Microcosm Send me a Copy I will
Help you then
Q : Changes on Version 3.02 and later ?
A : Its Depend on who you ask about news, Right Now there is a FUN frame
on the Microcosm official site, talking about new changes on winter.
Looks ICE ! But I will tell you the changes ...
1- CopyControl Signature on Floppy !
I guess they add some extra if-then-fuck-customers to their sources!
the signature is as before , just some checks are changed. this made
the must uncompatible new versions ... 01 , 02 , 03 and 04 even .
2- Where Master Track will be created !
Yes they found sometime,it is impossible to make a correct signature
with their new checks ! So they tried to retry this process on next
tracks and Mark Previous one as BAD in the FAT ! Backward Progress.
3- Making some Bugs on Diffrent Systems !
Yes , Your CopyControlled Disk May never work on My Intel - PIII ,
Because the FDC of my MotherBorads wont reply CC what it needs
Or You may See Some Blank Black Screen when pressing P or M keys in
CCLOOK.EXE Or Your AMDK6II may create incorrect KeyDisk SomeTimes.
Or Your Athelon may never accept Active-It Codes
4- Extra object Checking for CCADD.EXE .
Yes," This is very important to stop users , creating new MasterDisk
with an Unshelled version of CC. So We Put CCONTROL exception in our
Product Code field, We Will Ignore CCADD.EXE working with our serial
and we will ask for a fucking CCMB while unshelled program runs..."
Microcosm Developer Said for Himself .
5- New Story Made - "LOLOTNOTYPOT"
I was talking to zanadu on my MSN, Then i made a new story ...
Un4giv3N was too young , he was not able to tell CopyControl , Then
he told it topytontolol , Sometimes Later He added his ages with
add Un4giv3N'SAge,BonousAges assembly command and reversed the app.
So He told his new build "lolotnotypot" ...
Pay 100 USD to get full story at your home . Visa , Checks are not
accepted.
Q : Is there anything to modify CC parameters ?
A : I have to ask , is there any problem ? If there is , Here is a New tool
made by I.C.A called CCEICA . This is a Generic CopyControl MasterDisk
or Active-It Master modifier which make it possible for you to modify
protection parameters visually . This Utility is writen by Un4giv3N and
works in Win32 platform . But As you know none of Un4giv3N's programs
dont work correctly . ( For SCICA users specially , So this utility
will be published as soon with too many BUGS BUNNY !
With CCEICA you dont need any special information about CopyControl .
Before patching CCADD.EXE , I was creating working CopyControls with an
special build of this program .
Q : I could not found my question here .. ?!
A : Feel Free Sending that to Me using Mail. You may be answered Very Soon
Or May your question be added to the FAQ . If you didn't Get Answer
After 2 Week , Then You wont be answered .
Last Update : 31th July 2001
To Contact I.C.A:
WEB : http://www.icagrp.com or http://ica.cjb.net or http://ica.is-online.net
E-Mail: icagrp@bigfoot.com , CCProblem@icagrp.com
FAX : +1-435-3309235
Forum : http://icaf.cjb.net , forums.icagrp.com
Mailling List: http://icagrp.listbot.com , yahoogroups.com/icagrp
