Reverse Engineering Team Board

Reverse Engineering Team Board (http://www.reteam.org/board/index.php)
-   Reverse Code Engineering (http://www.reteam.org/board/forumdisplay.php?f=23)
-   -   Crypkey : How to get sitekey using cKInfo (http://www.reteam.org/board/showthread.php?t=1868)

gnerogeem 09-07-2009 04:26 PM

Crypkey : How to get sitekey using cKInfo
 
This is what I've learn from various website on how to get the sitekey for a software that protected with Crypkey.

1. Get the sitecode from the Authorization box.
2. By using ckinfo, check the code. See the example below.

HTML Code:

C:\Documents and Settings\Test\Desktop>ckinfo.exe /sitecode D182 C81C 5C9F 02A270
CrypKey Copy Protection Information v1.12
(C)2001-2005 thewd, thewd@hotmail.com

Parsing Code    - D182 C81C 5C9F 02A2 70
Decrypting Code - 07BE 362C 0583 4CAB 55
Code Validation - OK
Formatting Code :
                            BE 36 2C05 834C AB55
                            + + --+ --+ --+
  Site Code Id - 0x3E -------          +--------------- Code CRC - 0xAB55
  Allow Add Licence? - Yes --+      -------- User Key Hash (Seed) - 0x4C83
  Allow Easy Licence? - No -----     +--------- Drive Serial Number - unused
  CrypKey Libraries - v5.4 -----+ - Account Number - 300
                                  - Application Id - 1
                                  +- Company Number - 7956300

3. To generate the sitekey, we must find the masterkey and userkey. These keys can be found in the exe or dll of the target s/w. This can be done using Ollydbg and etc.
4. In the Ollydbg, use Ultra String Reference->Find ASCII. Usually these keys are in plain text. See example below.



5. Then check those keys with ckinfo. See example below.

Master key

HTML Code:

C:\Documents and Settings\Test\Desktop>ckinfo.exe /masterkey EA9F 55C4 D8FE 2252 EA98 1B43 EAD1 C446 5D94 C446 F33D
CrypKey Copy Protection Information v1.12
(C)2001-2005 thewd, thewd@hotmail.com

Parsing Key    - EA9F 55C4 D8FE 2252 EA98 1B43 EAD1 C446 5D94 C446 F33D
Decrypting Key - 3C00 0000 2C05 4344 532E 4558 4500 0000 0000 0000 0C19
Key Validation - OK
Formatting Key :
                0000 2C05 4344532E45584500000000000000 0C19
                +-- --+ --------------------------+ --+
  +- Allow Modules -+     +-------- Filename - CDS.EXE +---- Key CRC - 0x0C19
  - WinNT16? - Yes  --- Account Number - 300
  - WinNT32? - Yes  --- Application Id - 1
  +- Network? - Yes  +--- Company Number - 7956300

User key

HTML Code:

C:\Documents and Settings\Test\Desktop>ckinfo.exe /userkey C32E D72B 0235 CA70 E44C 55DD BE
CrypKey Copy Protection Information v1.12
(C)2001-2005 thewd, thewd@hotmail.com

Parsing Key    - C32E D72B 0235 CA70 E44C 55DD BE
Decrypting Key - 1506 0609 0809 060A 080B 0606 00
Key Validation - OK
Formatting Key :
                0606090809060A080B060600
                ----------------------+
                --- Password - 77NGN7WGZ77
                --- Password Number - 518714287
                --- User Key Hash (1) - 0x55
                +--- User Key Hash (2) - 0xF815

6. The purpose for the checking is to find the information that needed to create a valid site key.
7. After that by using ckinfo again, we can generate a valid key for the software. See example below.

HTML Code:

C:\Documents and Settings\Test\Desktop>ckinfo.exe /createkey site
CrypKey Copy Protection Information v1.12
(C)2001-2005 thewd, thewd@hotmail.com

Key Information...
+ Site Code            : D182 C81C 5C9F 02A2 70
+ Plaintext Password  : 77NGN7WGZ77
+ Add To Licence?      : Yes
+ Number Of Licences  : 30
+ Network Licence?    : Yes
+ Licence Duration    : Unlimited
+ Key Level            : 65535
+ Key Options          : 1-16

Key Validation - OK
Creating Key  - 22BE E2D8 A1FF FFFF FF00 007A 4E
Encrypting Key - F434 E114 6EC9 D6F3 31FF C1A7 9B

8. The valid site key is the Encrypting Key. Copy and paste it to the Authorization box and good luck.

Hope this will help others that still finding the right way to generate site key for s/w using Crypkey protection.
If there is any mistake, hope others can give a guide. I'm still learning on this stuff.
For more information about Crypkey, I suggest you all to take a look at this link

http://bbs.pediy.com/showthread.php?...hlight=crypkey

http://bbs.pediy.com/showthread.php?...hlight=crypkey

http://www.woodmann.com/crackz/Tutorials/Crypkey1.htm

http://www.woodmann.com/crackz/Tutorials/Crypkeye.htm

Here is the link for the tools.

http://hotfile.com/dl/11798095/4d5ef..._Pack.rar.html

foffa 09-07-2009 08:30 PM

nice information thanks aloot

keep up the goood work

gnerogeem 09-07-2009 08:40 PM

I'm still learning, so if there is any mistake just tell me.
I'll take it as a reminder.

dreamsat 01-28-2010 08:00 PM

Thank you for information. May I ask you reupload tools. Link is dead. :( Do you have ckinfo 1.12?

gnerogeem 01-29-2010 04:16 AM

@dreamsat
Just google it.
These tools are scattered all over the internet.

evgo 02-22-2010 02:48 PM

About OllyDbg
 
I can`t find on the menu "ultra string references" in OllyDbg.May, some help!

gnerogeem 02-22-2010 04:28 PM

@evgo

This

evgo 02-23-2010 03:24 PM

Quote:

Originally Posted by gnerogeem (Post 19274)
@evgo

This

Thanks mate!
I`m trying to get in Perkins EST 2009B /for education purpose only/ but have a trouble to find master and user key.


P.S:May some MIROR for "http://rapidshare.com/files/79397205/Cracker_s_Kit_2.0.ra"

gnerogeem 02-23-2010 03:38 PM

Just follow the tutorial.

evgo 03-09-2010 01:16 PM

[Please do not quote whole messages. We can already read the message so it is pointless]

Thanks for the replys.I`ve done.
But now I have a license code C548 CDC5 4776 6532 CF48 41C3 , which didn`t recognize of ckInfo 1.13.Is this license code a new protection?
The old was BBA2 2867 CE3D A856 3A?
Thanks in advance!

gnerogeem 03-09-2010 01:58 PM

Where did you got this key?
From the main .exe @ .dll?
Mind showing me some picture?

evgo 03-09-2010 04:02 PM

This is lisence key.From license menu.The software is Caterpillar ET2009C.I have a master and user key,but here is still more.This key is bigger than old one and ckInfo didn`t regognized.


gnerogeem 03-09-2010 04:36 PM

This must be the new version of Crypkey.

Must generate it from SKG.

BTW here is you key
E50F 9059 8803 4716 DF9A 61CD 87

evgo 03-09-2010 04:45 PM

[Please do not quote whole messages. We can already read the message so it is pointless]

What do you mean SKG?I have ckinfo 1.13,is there a new one?

P.S.This key is not valid "Contact DDS Support Center (E-mail: DDS_Support_Center@cat.com) for help. Invalid license key. [CK3002]"

gnerogeem 03-09-2010 04:56 PM

CkInfo 1.13?
The latest one that I heard was 1.12.

BTW, link of CrypKey Site Key Generator (Build 7103)

http://bbs.pediy.com/showpost.php?p=399615&postcount=10

password : VISTA64

or this http://bbs.pediy.com/showpost.php?p=555191&postcount=8

evgo 03-09-2010 05:01 PM

Here are 1.13 :http://depositfiles.com/files/8g3kpz0cp

evgo 03-09-2010 05:08 PM

[Please do not quote whole messages. We can already read the message so it is pointless]

I have this programs, licensed.But when paste the key it`s showing "incorect lenght"

gnerogeem 03-09-2010 05:48 PM

I'm not familiar with this new Crypkey format.
Please see this link http://www.digital-kaos.co.uk/forums...rpillar-63588/

WRP 03-10-2010 04:11 AM

2 evgo :

Caterpillar ET2009C used obfuscated Site Code and Site Key.

evgo 03-10-2010 02:46 PM

To WRP:
Could you explain pls?
I have a working pairs of codes:C548 CDC5 4776 6532 CF48 41C3 =>E50F 9059 8803 4716 DF9A 61CD 87

evgo 03-10-2010 02:49 PM

[Do not quote whole messages. This is your last warning]

That`s for old version ET2009A.This key I made.Version 2009C is whit different protection.

WRP 03-11-2010 01:19 AM

[Please do NOT quote whole messages. It is unnecessary as we can see the original message already]

A lot of programs use tricks to hide the correct Site Code .
By example : MaxSea and Iconics.
MaxSea example use BlowFish crypto algorithm to obfuscate Site Code.
I need a link to the distribution program to determine algorithm obfuscation.

mech962784 03-11-2010 12:51 PM

Dear Friends

I have tried to use the Ckinfo to get a license for my software (Iconics) , but i am receiving error message :



any help?

gnerogeem 03-11-2010 02:40 PM

@mech962784

Wrong syntax.
Follow these syntax.
>ckinfo /createkey site <your site code>

evgo 03-11-2010 02:45 PM

To WRP:Here are link :Catterpillar ET2009B

[2 messages merged by Git. Evgo - last warning - please stop replying to yourself]

@mech962784

This site code is not for ckInfo/My opinion!/.What is this software?

mech962784 03-11-2010 04:17 PM

Dear gnerogeem

I have tried it and it gave me this:


@evgo:

I think it is crypkey , the software name is Genesis32 V7.2 (It is a SCADA software from company name Iconics), actually it came with a keygen, but unfortnately the Keygen is for V7.0 (OLD), so that it is not working with my version.

if the keygen will help , i can upload it, please i need your help.

gnerogeem 03-11-2010 04:24 PM

Check your protection with PEiD.
Search it on the internet.
Load the main exe, show print screen here.

mech962784 03-11-2010 06:24 PM

Dear gnerogeem

Actually the program composed from more than one exe file, so i have chosen the main one and made the print screen:



also find below the keygen that came with the software , i hope that you can modify it to match the newer version of the software:
http://rapidshare.com/files/36212852...sis32.rar.html

Thanks in advance

Git 03-12-2010 07:43 AM

bolota - This is not a warez site, pleasse keep discussion to reverse engineering.

Git

gnerogeem 03-12-2010 08:32 AM

@mech962784

Basically, the normal Crypkey site code has 18 digits.
Sometimes these codes can be obfuscated and the digit will be more than 18 digits.
Just like evgo, his site code was obfuscted. Maybe your site code obfuscated too.
I don't know how to deobfuscated a code.
So, do try find any one else to try deobfuscated the site code.

rami_rez 03-12-2010 02:52 PM

Quote:

Originally Posted by evgo (Post 19591)
[Do not quote whole messages. This is your last warning]

That`s for old version ET2009A.This key I made.Version 2009C is whit different protection.

et2009c definitely uses two new techniques:
1) it obfuscates the code - the code that you see in license dialog is not a pure CrypKey license code, but a transformed one
You have to RE the file and find it yourself. once you find the alog , you have make a revertive algorithm
It is possible
2) master/user keys of Cryp prot system are also hidden! guys from Canada started to be smarter, good step! they are encrypting/decrypting the key in runtime, so wont see anymore an eatable plaintext keys......

:)
good luck

bedoo54 03-12-2010 06:05 PM

i have CRYPKEY 7.1
 
how can i use this CRYPKEY 7.1 to gen rate key to my software
caterpillar et 2010A
the software in this link

http://www.multiupload.com/HGQIJYL22B

i use ckinfo 12 to creat master key to CRYPKEY 7.1(skg)


plz help me to know how?

my friend send me a key but i still need to know how he do that

my site code:4FC3 C3C6 B803 034A E570 308D
my key is :6123 3079 9077 B2B1 14FD C6D2 FD

the key work good

rami_rez 03-13-2010 07:15 PM

Quote:

Originally Posted by bedoo54 (Post 19647)
...


plz help me to know how?

my friend send me a key but i still need to know how he do that

my site code:4FC3 C3C6 B803 034A E570 308D
my key is :6123 3079 9077 B2B1 14FD C6D2 FD

the key work good

a) read the info from good key using ckInfo, eg:
ckInfo113.exe /sitekey YOur_key_here

b) have you found the user/master keys from the et2010 SW?

c) it looks like the sitecode is obfuscated (intentionally damaged, but still OK in terms of ET SW), look:

ckInfo113.exe /sitecode 4FC3 C3C6 B803 034A E570 308D
CrypKey Copy Protection Information v1.13

Error #03: Error occurred parsing the Site Code - Check Code Length

;)

bedoo54 03-14-2010 09:47 AM

thanks
 
Thanks For Your Nice Reply

WRP 03-15-2010 09:01 AM

[READ THE RULES. Please do not quote whole messages. See sticky post for details]

Your deobfuscated Site Code :

4C33 C78C 0EAD 7030 8D

evgo 03-15-2010 01:37 PM

[READ THE RULES. Please do not quote whole messages. See sticky post for details]

How find that?

WRP 03-16-2010 12:23 AM

I researched and now I know obfuscation algorithm.

yani75 03-30-2010 07:12 AM

Hi.... could help me please?

FB3E 30C4 53EF 6001 5A

What's the site key?

Tnk

gnerogeem 03-30-2010 07:49 AM

@yani75

Please find the userkey first.

yani75 03-30-2010 07:58 AM

ckinfo.exe /userkey FB3E 30C4 53EF 6001 5A

Decrypting Key - 2D88 DDDC 57D0 9445 4A
Key Validation - FAILED

Formatting Key :
88DDDC57D094454A


Tnk


All times are GMT -4. The time now is 04:06 PM.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.