Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 05-04-2005, 12:56 AM
HoR HoR is offline
Junior Member
 
Join Date: May 2005
Posts: 1
Default

Hello everyone. Yes I'm a newbie to these forums (I hope I dont bore you with my questions) I am very interested in reverse engineering and I'm glad theres a place to learn now. Anyways on with my question.

I have this software called "censored" [http://censored]. Its a software package for businesses to basically keep a list of employees and crap and its a 45 day trial. I probably just remove the 45day nagger but I want to have a little fun. I was able to figure out the registration key using SmartCheck 6.03 and that was great but I wanted to attempt to make a keygen but the way the algorithm is doesn't seem to make sense, so I'm wondering if I'm over looking something somewhere.

It uses a series of 6 uppercase letters, but when I tried matching Alpha characters together (which I hoped this company just rearranged the alphabet) it didn't work. Looking further into the program with PE Explorer and disassembling it there looked to be a relation to the computer name (if you change the computername it changes the software key letters) and some long key with letters randomly taken from it... Its just frustrating because I feel that I'm over looking something that is probably really easy and the answer is right in front of me.

Any light on this subject would be great. If you need code examples, pictures whatever let me know and i'll get them up asap. The tools I have available to me are SmartCheck 6.03, SoftIce 4.05, W32Dasm and some others as well (im also willing to share these programs with everyone [providing that is allowed here] ed, sna: IT IS NOT).

Phew, sorry that was a long post. :P
- HoR
__________________
"hack for knowledge not for personal gain. I learned that the hard way, its a horrible experience getting taken out of your home in handcuffs at a young age. 1995 was indeed one of the longest years of my life..."
Reply With Quote
  #2  
Old 05-04-2005, 03:40 AM
sna sna is offline
Administrator
 
Join Date: Jun 2003
Posts: 76
Default

Hello.

No need to identify the software you're working on.

Quote:
Originally posted by HoR@May 4 2005, 04:56 AM
It uses a series of 6 uppercase letters, but when I tried matching Alpha characters together (which I hoped this company just rearranged the alphabet) it didn't work.* Looking further into the program with PE Explorer and disassembling it there looked to be a relation to the computer name (if you change the computername it changes the software key letters)* and some long key with letters randomly taken from it... Its just frustrating because I feel that I'm over looking something that is probably really easy and the answer is right in front of me.
Were you looking for a Caesar's cipher? Try breaking in where it fetches the computer name instead (GetComputerName and GetComputerNameEx). When it breaks, single step the code for a while as the string will probably be copied around and trimmed and case forced and whatnot. Use hardware breakpoints (break on read) to track all copies of the string; then if you don't find anything while tracing just let it run and the breakpoints should turn up something.

Regards, sna
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.