HOW TO CRACK GSE 1.31 by Georgi Chorbadzhiyski 1. PROGRAMS YOU NEED: a) GSE - http://www.europe.de/aps b) CUP386 3.3 - http://www.SuddenDischarge.com/ GSE stands for GenericSavegameEditor, it's used for patching savegames so you can play games easier :) This nice program has very good protection. The program itself is very interesting too. It looks like it's only one program with size around 38,00 bytes. But soon after I begin to debug the program, I realize that in this single EXE are hidden at least 4 or 5 different programs (NOT PROCEDURES!, PROGRAMS) :-)) In every program is used self-modifying code to fool debugger and stop crackers from patching the code also some compressor is used on every program. LOADER - it decodes the begging of the program and call the PARAM_CHECKER PARAM_CHECKER - This program checks program parameters and then load font and palette This is the program we cut in procedure "Patch_1st_time" (look down :) CHECKER - This program checks CPU, coprocessor, memory ........ etc. It is also used to self-check GSE.EXE. It is started every time except when NOCHECK (GSE NOCHECK) parameter is used. REGISTER - This program can be seen if GSE is started with REGISTER (GSE REGISTER) parameter. MAIN_PROGRAM - The SaveEditor itself :) To crack GSE follow this simple code. It's written in pseudo PASCAL so I hope that everyone should understand what's going on :) {--------------------------------------------------------------------------} PROGRAM Crack_GSE_v1_31; PROCEDURE Decode; BEGIN Execute: CUP386 GSE.EXE /1 Execute: DEL GSE.EXE Execute: RENAME GSE.CUP GSE.EXE END; PROCEDURE Patch_1st_time; BEGIN Find this bytes in GSE.EXE : 8B E0 9A 00 00 00 00 and replace them with : EB 05 9A 00 00 00 00 ^^ ^^ ^^ ^^ This 4 zero bytes are modified "on the fly" by GSE END; PROCEDURE Real_Crack; BEGIN Find this bytes in GSE.EXE : E8 A8 26 E8 04 1B and replace them with : C7 06 EB 43 01 01 ^^^^^^^^^^^^^^^^^ Set REGISTERED variable :) Find this bytes in GSE.EXE : E8 3E FE and replace them with : 90 90 90 ^^^^^^^^ Kill final palette fade down. { This should crack the program so it can work like REGISTERED version :) } END; BEGIN Decode; { In the begging GSE is packed with LZEXE 0.91 } Patch_1st_Time; { Remove PARAM_CHECKER } Decode; { Extract MAIN_PROGRAM only } Decode; { Decode MAIN_PROGRAM } Real_Crack; { Crack GSE :-) } Execute: RENAME GSE.EXE GSE!.EXE END; {---------------------------------------------------------------------------} What we have after executing all of the PSEUDO code is GSE!.EXE fully working and cracked. But the c00l font and colors are missing :-(( The programmers of GSE put "font loading" and "palette setting" somewhere in the routines that we cut :( So I wrote small program that loads the font, sets the pal and run GSE!.EXE :-) I think that this should solve the above problem. Enjoy this c00l crack! I wish to send my greetings to: The programmers of GSE: - Good work boys, your program is great and the protection is very good too! Iron Daemon: - 10x for giving me GSE it was lot's of fun cracking it! P.S. Excuse me for my bad english ;)