I've got a product where it use the following features as a protection:
1. It calls home every 10 days to validate "License-File" integrity+validity.
2. It uses SHA1 to protect license text (readable) from tempering.
3. It uses RSA (openSSL
) to protect some text (could be the serial or user info).
I'm willing to Keygen this and somehow (using techniques in my mind) to block home calls and still validate the license file
I've done some debugging using IDA to get more information about the protection and how it works. I reached somewhere and managed to be able to reproduce "SHA1" hash key using given license file which was sent for trial, so I know how SHA1 hash is being calculated
Still I have some difficulties to understand how to produce the RSA encrypted string. I know that RSA uses some private/public keys to protect information. So what I did was to search the internet for some methods/functions used within the victim file (used for licensing) to get a wider picture. These function are "RSA_new" and "RSA_public_decrypt".
Now the question is from the length of the given encrypted string, can I till what is the number of bits the keys would be (if very large I will give up)
? And from the given methods (above) wouldn't be possible to get the decrypted string, so I can tell, at least, what is hidden behind it (the Validate License method should do some validity so it should decrypt it, right)?
EDIT: Actually, I was able to determine the length of the encrypted text using SND Reverser tool 1.4, thanx to Loki & PuNkDuDe
PS: While I was investigating the code in IDA, I noticed some Constant string being used in "RSA_new" function, can that be any help (password/key/something).
Thanx a lot for any kind of help, hints or tips. I would like some ideas please, I'm not a guru in RCE, but still have some knowledge.