Cracking Projects For Newbies

Project6 - Task1
Thursday, 04-Feb-99 02:13:20
    203.57.68.10 writes:

    Hi everybody

    Excuse me for butting in like this but I only discovered this Page a on 4/2/99 and didn't want to get left behind on Project 6.
    Don't know if this is the sort of posting you are after but I just wrote as I did.

    I would like to say thank you to Sandman, for the idea and the time. I have searched the Net for info on cracking and this DIY school is the best thing yet.



    File: Memo 95
    Date:4/2/99

    Start:


    Order.txt:
    Name is used to generate key
    Name will be shown in about box after reg.

    Help file: 30 days evaluation period.
    no crippling features
    nag screen is removed if regd.
    Allows unregistering of the game and re-registering
    (suggest that the ser# is stored in an .ini file or the registry)
    Code is 16 digits and hex (Alpha - Numeric)


    OK...

    Opening up the program file in UEDIT32:

    uses writeprivateprofilestring
    & getprivateprofilestring further suggesting an .ini file

    uses RegOpenKeyExA RegQueryValueExA further suggesting registry entries

    On registering displays:
    T h a n k y o u f o r r e g i s t e r i n g % s .
    Dialog box

    Curious??
    T h e p r o g r a m h a s b e e n m o d i f i e d ! - T h e c o d e c o n t a i n s n o n - h e x a d e c i m a l c h a r a c t e r s !

    Perhaps the program preforms some kind of check on itself? But why??
    We are not going to be entering any non-hex chars??

    Search for "get"

    uses ::GetWindowTextA GetWindowTextLengthA

    There is no getdialogitemtexta so one of the above must be used to gather the user entered ser#.
    GetWindowTextLengthA would suggest a possibility that the name field length is used in the key generation.

    ::GetTimeZoneInformation

    Suggests that the program calculates the 30 period using the system clock not some internal counter

    Checking the API functions using DELPHI> Windows API help


    Nothing that looks like a hard coded ser#, but then nobody makes it that easy!!

    Noticed that the program was created using Microsoft Visual C++
    So open it up in Microsoft Visual C++ developer studio.

    Firstly I learn that KUPA is the Hungarian word for Cup (Hey u can never know too much)
    Next I notice on the About Dialog box a small button in the lower left corner, need to check that out when I kick the program up.
    Next I notice that the buttons have no captions :
    This probably means that the program inserts a certain text depending on a tested condition. (??Registration??). This could be another attack point once the program is disassembled.
    Next. The register dialog box properties show that it is set to uppercase, where as the name box is not set. This would suggest that the ser# is alpha-numeric.

    OK!
    Time to fire this puppy up.........

    I think it uses .ini files and the registry so:

    First I copy win.ini and system.ini for comparison
    Next I fire up Norton Registry Tracker and take a snapshot
    Finally. There is no install program but that does not stop me from using cleansweep and force logging.
    If the program creates it's own .ini file or in fact any files cleansweep should pick them up.


    Ok....I see the nag screen. The small button i noticed was for the authors mail link.
    I AGREE (of course I do)
    Then shut the program down. I want to see what it's done before I start messing.

    Nothing!!!!!!

    Restart it.....

    Try to register
    Notice that the code box will not let me enter anything except Alpha and Numeric values
    (ie no symbols - _ etc)

    check norton and cleansweep no changes.

    OK... Fire up regmon and start again.
    Ah well Norton isn't infallable.
    So the program stores the registration name and key in the registry under
    HKCU\software\Kertes Gabor

    It also checks the registry twice once on load and once on quit, OR just before the nag screen.

    At this point I would fire it into W32dasm for a look at the strings and code
    But the instructions said no softice yet, I don't know if you would consider this the same?

    No sign of the .ini file I suppose that would be for the windows 3.1 version



    ShADe

    I would also like to thank KALI

    I had no way of checking for the .ini file. I will download Filemon.

    ShADe


Message thread:

ShADe: Project6 - Task1 (04-Feb-99 02:13:20)

Back to main board


Message subject:

Name: (optional)

Email address: (optional)

Type your message here:




Back to main board

Copyright © InsideTheWeb, Inc. 1997-1999
All rights reserved.