Updated 12 February! academy advanced USEFUL STUPID
(Link to index.html and don't link directly to this page any more... page names will rotate monthly :-)
+HCU: Academy of reverse engineering
hcu97 Founded by +ORC in April 1996 hcu98
projects and essays
by various +ORC's students (and friends)
Where d'you want to go today?

Go to the specific history of the student.htm page
D'you prefer the synthesis of the +HCU projects?
Or d'you want to see the list of all "non-project" essays?
There is also a section Attention shareware programmers
And a very important section Rules and regulations for submission
Nope! I just want the most recent three essays on this page.

Hei! Don't forget to check +gthorne's OTHER +HCU page!

Attention shareware programmers
You'll find a LOT of useful tricks in order to better protect your software inside
the shareware programmer corner
Hey, wanna work for the +HCU ?
hcu98
Some of you are really good, and will surely, IMO, pass next year's strainer (for the +HCU 1999... should be published by +ORC in April 1998)... in the mean time... would you like to work already NOW for the +HCU? Please do, we have already more than 90 contributors (+HCUkers and friends alltogether), yet we need more help!

You may join right now one of the following ongoing projects:

Project_0 Wdasm cracking Wdasm cracked, all versions until 8.7 Project CLOSED!
15 Oct 97 		~
Project_1 "Tools of the trade" Hexeditors, IDA and other VERY important targets new stuff inside
11 Jan 1998 		~
Project_2 Numega reverse engineering (Softice) Numega's 14 days trial protections - Winice 95 and Winice NT and Boundschecker and Smartcheck Project CLOSED!
27 Oct 97 		~
Project_3 Dongle reverse engineering (Dongleling donglelong! The "renaissance" of a truly interesting cracking art!) new stuff inside:
03 Feb 1998 		~
Project_4 CD-ROM faking (Here we need more help!) new stuff inside:
27 Dic 1997 		~
Project_5 Netscape reverse engineering Let's have apps as they should already have been... Let's add new functionality & destroy cookies and applets new stuff inside:
20 Sep 1997 		~
Project_6 Save disabled targets and other "missing parts" protections... ("crippledwarez") new stuff inside:
27 Jan 1998 		~
Project_7 "Most stupid protection" award Incredible but true new stuff inside:
31 Dec 1997 		~
Project_8 Visual Basic reverse engineering Overbloated languages have simple protections new stuff inside:
17 Jan 1998 		~
Project 9 Microsoft bashing All Micro$oft protections explained, see +ORC's 4.2 and WORK new stuff inside:
28 Dec 1997 		~
Project_A VisualC++ "*.DLL reverse engineering" (see Razzia's Visual Basic *.dll tutorial, my filemon1.htm and WORK!... a first essay on MSVCRT.dll reverse engineering has been published here) not yet: will start
as soon as possible 		~
Project_B Demos and Intros
reverse engineering 		(This is a very important NEW sector! The +HCU is HIRING demo experts able to reverse engineer the NEWEST GRAPHIC TRICKS of the demomakers!) not yet: will start
as soon as possible 		~
Special +HCU's projects
Protecti Our protections How to protect better... teasers, models and solutions new stuff inside:
18 Jan 1998 		~
Ourtools Our own tools Tools to reverse the hell out of it: an +HCU workshop new stuff inside:
01 Feb 1998 		~
Programmer's corner The Anti-cracking side How to defeat us crackers at our own game new stuff inside:
12 Feb 1998 		~
Projunpa Packers & Unpackers Compacted programs reverse engineering:
TRON, RTPatch, Protexe, 		new stuff inside:
02 Feb 1998 		~
+HCU's Taxonomy
Advanced Advanced cracking The best essays (Advanced cracking series - started October 1997). Not for beginners! new stuff inside:
12 Feb 1998 		~
Timelock Timelock cracking Timelock dll cracking, the tl32v20.dll and various "timelock" vagaries new stuff inside:
20 Jan 1997 		~
snippets Snippets Various "snippets" about (more or less) useful tools new stuff inside:
21 Jan 1998 		~

Rules and regulations
Before submitting an essay, please read the Rules and regulations page.

And now... and now... and now...!
~
The GREAT students' essays
Here they are: marvellous reading! It's almost unbelievable: the quantity (and the quality) of the essays is more and more impressive. Please bear with us the temporary "confusion" ruling this part of this site... we will try to create various section and to "organize" this material
Some of the following essays are "outstanding", some are VERY good, and some are only "good"... yet I believe that all these essays are JUWELS of knowledge, and that if you are serious about studying reverse engineering you should read them ALL (slowly, and working on what you read). I learned a lot, that's for sure :-)

BE WARNED: A lot of essays have been "moved" inside the various "projects" above!
The following roster lists only the essays that have NOT YET found a place inside a"project"... se the academy pages in order to have a COMPLETE list of all essays.. check the complete +HCU database!
(Just click onto the gif below)
HCU
Here the "unassigned" essays:
not assigned
The mathematical coprocessor protection by swann (very interesting) - 02 March 1997

The DOS4GW CD-ROM timestamp by Yamato (he got a new lesson from +ORC for this) - 05 March 1997

Windows 95 Screen Saver Passwords reverse engineering by Lonely Hawk (cryptography) - 20 March 1997

How to reverse engineer AMU for Win95 by Aesculapius - 30 March 1997

How to reverse engineer Xferpro by Aesculapius - 02 April 1997

How to reverse engineer Siren Mail 3.0.0 by +gthorne - 02 April 1997

How to reverse engineer CuteFtp 1.8 (32 bit version)
(The hidden file algorhitm protection) by +Rcg - 08 April 1997

How to reverse engineer ProPinball
(heavy location fetching) by siuL+Hacky- 26 April 1997

How to reverse engineer Portscan v1.2b1
(More about password xoring protection schemes) by Hackmore Readrite - 05 May 1997

Homesite secrets
(Windows95 registry reverse engineering) by Epic Lord - 06 May 1997

Defeating Pete Norton's protections
(PCAnywhere Version 7.5) by Hackmore Readrite - Revised version: 3 July 1997

How to crack VideoCraft Gif Animator
(magic numbers galore) by desert eagle - 12 May 1997

Cracking Sega games
(Once you learn the art you reverse engineer whatever you want) by +Rcg - 13 May 1997

The flag's faking approach
("Brute force" cracking by Xoanon) - 13 May 1997

Reverse engineering of Crypt-o-Text v1.21 & v1.24
(Encryption cracking) by CASIMIR - 21 May 1997

How to Neuter WebWhacker V2.0
(dead listing persistence) by +daQ - 26 May 1997

An interesting tool: BRW
(32-bit reverse engineering) by fravia+ (MSRE) - 26 May 1997

Use of the Win32 API
(WebGenie Software's Downfall) by Saltine - 28 May 1997

Networker, the mistery of the missing file
(how to reverse engineer logically, without too much listing) by Hackmore Readrite - 28 May 1997

How to crack the "uncrackable" test4 by LordByte
(bytes rolling and xoring, table protections) - by Croock, 30 June 1997

How to reverse engineer SERV-U32(FTP Daemon)
(Reconstruction of a missing file) - by TheChineese 03 July 1997
The Eudora serie

How to reverse engineer EUDORA PRO 3.0
(Time trial protection busting) by +Rcg - 30 April 19970

How to reverse engineer Eudora 301's three protections
(How many days left routine - last bytes routine) - by TheChineese 02 July 1997

Reverse engineering Serif PagePlus 4 Trial Edition
(Universal Double protections: time *and* registration number) - by ReZiDeNt - 08 July 1997

Reverse engineering NetScanTools' protection scheme
(How we DON'T crack a really good protection :-) - by Hackmore Readrite - 08 July 1997

A good protection scheme: ZMUD 4.62
(Expiring Registration Codes - A New Breed) - by +Sync - 09 July 1997
_____Help +Sync finish a difficult crack_____
With an addition by Epic Lord! - 25 July 1997

Going undercover and browsing on your own proxy
(hiding Windows applications, cracking Wingate, registry settings) - by +Yamato - 10 July 1997

A tough protection scheme: Advanced Disk Catalog
(Redundant instructions: the undiscovered treasure) - by Aesculapius - 21 July 1997

Adobe's Pagemill Version 2
(bpmd, the 13C680 (15 days) count, registry jongling, stack adjusting) - by Kox - 25 July 1997

How to crack Business Card Designer Plus v5.00b
(The Maths behind a Key Generator) - by plushmm - 26 July 1997

Photoshop Filter Hacking
(registry monitoring) - by +daQ - 31 July 1997

ASM Keygenerator tutorial
(rippng and assembling keygenerators) - by Teraphy - 06 August 1997

Lazy software programming
(The last essay on simple password protection schemes) - by Plushmm - 11 August 1997

Windows Commander 3.02
(An "antivirale" protection scheme defeated) - by iNCuBuS++ - 11 August 1997

ASM Edit 1.82a, protected mode cracking
(An excellent use of TSR Cracking) - by madmax! - 13 August 1997

Reverse engineering Windows 95 itself
(Understanding our trade) - by +Rcg - 17 August 1997

aUTOWINNET 95 v4.0b
(An interesting protection based on a "weird" use of a keyfile) - by xOANON / UCF - 19 August 1997

razzia's Tutorial on Key Generators
(Updating a fundamental essay) - by razzia - 22 August 1997

Cracking DNS WORKSHOP
(Teaching a decryption process step by step) - by razzia - 27 August 1997

PhotoVista v1.0 crack Step-by-Step
(A "smearing" protection reverse engineered) - by Nop - 27 August 1997

A "Laying Eggs" target
(reverse engineering a paranoid and tough protection scheme) - by Kox - 30 August 1997

Novell Netware 3.12
(Netware reverse engineering - basic) - by The Undertaker - 03 September 1997

Cool 3D by Ulead - up against nags and smears
(Easy unsmearing and denagging - basic) - by Drlan- 03 September 1997

Taming Monsters, finding clowns
("Easter eggs galore") - by fravia+ - 04 September 1997

Little Cracking Exercises for Newbyes: Simply 3D
(Explained easy targets for our future +friends) - by n00se - 04 September 1997

Webpages source fishing
(Javascript "protections") - by jcr - 08 September 1997

Phone Book Pro 97 v2.31.0 build 482
(Vindicating the "blacklisted" Phrozen crew) - by Silicon surfer - 08 September 1997

How to fix incomplete posted warez
(Previewing the contents of ZIP files before downloading them) - by the kenZone - 10 September 1997

Encryption, a short tutorial
(How to reverse engineer encrypted files) - by Jon - 12 October 1997__NEW!__

Novell Netware 3.12 (2)
(Studying the Licensed User Limits) - by The Undertaker - 13 September 1997

Fido2Int mailer v. 2.00 Key Generator
(A tough Key File Based Protection Scheme) - by Aesculapius - 13 September 1997

Symantec Visual Cafe
(Demonstration of some principles of code reading) - by Crushed_ICE - 17 September 1997

Enterprise REXX
(Reversing a "tool of the trade) - by +drlan - 18 September 1997

MKS Toolkit Release 5.2
(150 identical protection schemes) - by +drlan - 18 September 1997

TTFPlus 3.3 32-bit demo
(A "quiver" in Visual Basic 5) - by Vizion - 18 September 1997

Regview: the 2 minutes crack
(encrypted counters) - by +Rundus - 20 September 1997

A little tutorial on key generators
(Netscape Cache Explorer) - by +MaLaTTiA - 20 September 1997

Jeremy Lilley's protexe! exe/com v5.5
(Exploring a weak protection scheme) - by The Undertaker - 24 September 1997

The "call relocation table" and its importance :-)
(Some teachings from a small protection inside sruler) - by fravia+ - 25 September 1997

How to Reverse Lotus SmartSuite-97
(Date coding magic number galore) - by +Rcg - 26 September 1997

Blowfish Advanced 97 beta 1
(encryption decryption) - by Jon - 12 October 1997__NEW!__

Wingroove V0.9e for Windows (v3.1 and Bug '95)
(the 'PrestoChangoSelector' encryption method) - by dph-man - 14 October 1997__NEW!__

Reverse engineering the Linux OS, a first approach
(disassembling Linux) - by SiuL+Hacky - 15 October 1997__NEW!__

Cracking (partially) Java Workshop 2.0
(getlocaltime and getsystemtime galore) - by +Alt-F4 - 21 October 1997 - 3 January 1998__NEW!__

Norton speed disk trial 1.0 for Windoze NT4
(The mysterious IRATRIAL.DLL and the "vectoring breakpoint" trick) - by FootSteps - 21 October 1997__NEW!__

Norton speed disk trial for Windoze NT4 (second part)
(An Addendum to the no more mysterious IRATRIAL.DLL) - by FootSteps - 27 October 1997__NEW!__

HyperChem 5.0 - 'Same old sauce'
("Don't lure us any more") - by +Sync - 27 October 1997__NEW!__

Adaptec DirectCD Upgrade - IDA for beginners
("Software updates: 'Previous version' checks") - by zeezee - 5 November 1997__NEW!__

The 'Commercial protection schemes' serie
(saving the gullible shareware programmers from commercial crooks)


Cracking Unlocker for newbyes
(Defeating Lame Commercial Protection Schemes) - by +DataPimp - 2 November 1997

"A Software Licensing System designed to provide invisible security"
(Spectralab 4.32: How to PATCH) - by +joNaH - 11 November 1997

Dongle Bashing ~ End of the dongle old aera
(How a single +HCU reverser can easily blow a whole commercial sector out of history)
by Frog's Print - 29 January 1998 __NEW!__

How to USE nag screens
(Nagscreens and CRC checking show us the way) - by ^pain^ - 11 November 1997

How to make key generators
(Reversing some 'mathematical' routines) - by ^pain^ - 11 November 1997

Linux cracking: the live approach (acrobat reader)
("Linux advanced reverse engineering: imported functions") - by SiuL+Hacky - 12 November 1997

Mark's 14 protector's commandments
(And other useful tricks of a programmer-cracker) - by Mark - 13 November 1997

O'Basic - a script language and a real joke
(meeting and defeating an unknown DLL) - by Pepper - 20 November 1997

Cracking MicroSoft ACCESS as a programming language
(how MS helps to open a nice program) - by Pepper - 20 November 1997

BEGINNERS: Slowly cracking a paranoid protection
(The importance of a methodological approach and an 'hidden file' scheme)
by Indian_Trail - 20 November 1997

UNBOX: Why and how to create complete Crack Systems
(RSAGNT32.DLL cracking and a nice trick to avoid difficult memory CRChecking)
by Pepper - 21 November 1997

CRACKING BORLAND'S VCL PROGRAMS
(High level languages allow high level cracking)
by +trurl - 24 November 1997

MemMonitor95 Standard 4.0 and its ThunkConnect32 relations
(Half-crippled program / Unhiding an hidden window / Thunk vagaries)
by FootSteps - 24 November 1997

UncleVan's "live approach" techniques (for beginners and semy-advanced)
(simple nag-screen (-dialogs) removing, limit-protection cracking, fishing serialz, and some key- generator programming)
by UncleVan - 29 November 1997

How to keep uptodate with the +HCU academy
(Cracking The Maze Of Essays At fravia+ Web Site)
by wlc - 29 November 1997

Software history and cracking (CuteFTP)
("Regmon and Filemon and your cracking is almost don" :-)
by +Rcg - 07 December 1997__NEW!__

DOS  Navigator v1.50: how to spy our targets
(TSR spying and "classical old style" cracking)
by Frog's Print - 10 December 1997__NEW!__

Palmtops cracking (HP100/200lx)
(A -LATE- TUTORIAL FOR THE HP 100/200lx)
by Frog's Print - 10 December 1997__NEW!__

Kremlin 2.0: they learn, we learn
(Lesson for shareware-programmers: Don't place the protection scheme in a DLL)
by Jon - 24 December 1997__NEW!__

Control panel applets cracking
(Cracking Seattle Labs' SlMail 2.6 Build 1098)
by flipper - 01 January 1998__NEW!__

Game hack secrets
(how to stop lamers from hex-editing your cracks)
by Jon - 05 January 1998__NEW!__

How to crack HTMLedPro32 2.0d
(Destroy it to make it work)
by Edi - 02 February 1998__NEW!__

Cracked Metal, runtime dll creation
(Cracking HoTMetaL Pro 4 Evaluation Version)
by Fallen - 04 February 1998__NEW!__

BEGINNERS: KeyGenerator for AddItem:
(Turning a *NAG* into a keygen)
by Jon - 12 February 1998__NEW!__
+HCU's Taxonomy!
You'll find some new "subdivisions":

 Advanced cracking

advanced
Advanced cracking series
(Started 19 Oct 1997 - Updated 12 February 1998)

Timelock cracking

timelock
TL32V20.dll
(Started 07 May 1997 - Updated 20 January 1998))

Snippets

snippets
Various "snippets" about (more or less) useful tools
(Started 28 Oct 1997 - Updated 28 January 1998)
feel free to send good commented essays
please read the Rules and regulations section before submitting an essay.
homepage links red anonymity +ORC tools counter measures
cocktails redjavascripts search_forms antismut mail_fravia+
Is reverse engineering legal?
academy noanon our protections HCU tools Visual Basic
There is a crack, a crack in everything
That's how the light gets in
fravia+ January 1998