Ready? Go.

Specifically Max Payne 2, but I'd like to know how to do it in general.

Download Daemon tools or Alcohol.

...

Hi, I'm on the road to becoming a hacker. This isn't about being able to play the game. I've had DaemonTools longer than you've been alive.

Learn assembly.

There is no template for how to make a no-CD patch, although the basic principles are more or less the same. To write a no-CD crack, you're going to need the actual CD, so the crack will be of little or no use to yourself.

The first step is to download a Hex Editor/viewer. My favorite one, and the one I use to view the source code of any program is called Ollydebugger.

The second step is to open up the .exe file that loads the program inside of Ollydebugger.

You will use the debugger to try and determine what kind of copy protection the CD uses. There are a heck of a lot of different tricks that CDs use to verify that the CD is in the drive. If you use a CD-Drive emulator like Daemon tools, well then you probably know about Safedisc, Securom, and some of the other safety schemes that Daemon tools protects against.

When you run Ollydebugger, insert some breakpoints into the program, try to isolate the part of the program that checks the actual CD. This can be done just by inserting a breakpoint into a reasonable part of the program, and then running the program, and if you notice activity in the CD drive before the program freezes, then your breakpoint is too far in so you know the CD-protection code comes before your breakpoint. Conversely if the program breaks before you reach the CD activity, then the CD-protection code comes later on.

Keep refining this breakpoint until you're confident that the breakpoint is inserted into the part of the program that checks the CD drive.

One thing that might be helpful is... check what message the program gives you when you don't have the proper CD inserted, so if it says "Please insert the CD into the drive", then search the source code for that message, it usually will give you some helpful information as to what section of code checks for the CD.

Anyhow... once you found that code, then depending on the protection you will likely just be able to remove it by replacing the instructions by what is called the NOOP, basically it's an instruction that does nothing, just wastes time. Other options are looking for the CALL instruction that enters the protection function and replacing the CALL with something else, or using a JMP instruction to just bypass the CALL entirely.

Basically, how you go about avoiding the protection is something you will have to decide, use some creative means depending on the particular program you're cracking.

All of this information requires that you know how to understand and write actual machine code, and that you have an understanding of how Windows works and what features Windows provides at the low level to interface with the CD drive. Learning this is itself a skilled discipline on its own, but once you know the fundamentals of machine code, and how machine code relates to code you're familiar with like BASIC, or C/C++, then it's pretty easy to do the rest.

Typically, writing a no-CD crack is done admittedly to pirate programs and to contribute to piracy in general, however, the techniques and concepts involved in actually writing these kinds of tools is beneficial in learning how computers work. Every program is really nothing more than a bunch of numbers that represent instructions, and when you open up a program in something like Ollydebugger, you get to see these raw numbers, these raw instructions and you're free to manipulate these numbers in anyway you choose. Learning how to manipulate computer code by starting off with CD protection schemes seems like a reasonable way to get started, however, if you're really interested in learning how to "hack" or whatever, you might find writing your own programs in raw machine code to be far more enlightening and rewarding, but anyhow... that's a choice left to you.

[Edited on 12-5-2005 by Kranar]

I've been trying to get Ollydebugger but every site I've seen has been in French or Arabic, and the ones in English have no relevancy to actually downloading or using the program.

http://www.phuzion.com/14/?p=downloads&id=2

Was there ever a time that you didn't kick ass, Kranar?

Have fun with it. It's certainly not something you learn overnight, but if you have any questions you're welcome to ask.