Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #241  
Old 05-18-2011, 08:04 AM
Dulan Dulan is offline
Member
 
Join Date: May 2011
Posts: 5
Default

[Please DO NOT quote whole messages, it is unnecessary]

(referring to the 2nd method)

can you explain this method in more detail please ?

I think the second method would allow to bypass other program key obfuscation methods

PS: To mod that edited my message, I quoted only half of the message and not the whole thing

Last edited by Dulan : 05-18-2011 at 08:11 AM.
Reply With Quote
  #242  
Old 05-18-2011, 10:56 AM
Dr Pete Dr Pete is offline
Member
 
Join Date: Sep 2008
Posts: 25
Default

Guessing 2nd method you might not want to use? He should have put this is contacting vendor with codes. Might not want to do this?
You don't learn as much, first method is teaching yourself.
Working on deobfuscate site code.
Make sure you have fun while learning!
I am trying to wrap head around the WRP deobfuscate, most of the rest is easy.
Reply With Quote
  #243  
Old 05-18-2011, 11:32 AM
Dulan Dulan is offline
Member
 
Join Date: May 2011
Posts: 5
Default

@Dr Pete

the second method is more universal when you have all 3 codes and the only thing that stands between you and the registration is the added product obfuscation, also you don't need to contact the vendor just direct send data to crypkey service on your PC duh !

And for the first method you just decompile the app with reflector then gather all the needed code and build a new app with needed stuff for deobfuscating the serial
Reply With Quote
  #244  
Old 05-18-2011, 11:56 AM
Sergeys_BY Sergeys_BY is offline
Member
 
Join Date: May 2011
Posts: 12
Default

Who can deobfuscate this site code ?

2C74 A967 C1D6 9B00 0EB3 3C4A 0D

I think that uses blowfish algorithm...
Reply With Quote
  #245  
Old 05-18-2011, 12:26 PM
sparpacillon sparpacillon is offline
Senior Member
 
Join Date: Aug 2007
Posts: 210
Default

@sergey
OBFUSCATED:
2C74 A967 C1D6 9B00 0EB3 3C4A 0D

DEOBFUSCATED:
DE21 0D90 F7E3 82B5 16
Reply With Quote
  #246  
Old 05-18-2011, 12:46 PM
Sergeys_BY Sergeys_BY is offline
Member
 
Join Date: May 2011
Posts: 12
Default

Great thank you! But it don't work...
I have uploaded my app 50% already. I think, that maybe easily for you to find a codes
Reply With Quote
  #247  
Old 05-18-2011, 04:10 PM
Dr Pete Dr Pete is offline
Member
 
Join Date: Sep 2008
Posts: 25
Default

sparpacillon, please share how to DEOBFUSCATE.
I assume all crypkey solutions will not be the same.
I use master key with user key to generate site code to put into sdk. This gives good key only if you put into file yourself, if you put into program always gives error with wrong key. Have to go both ways, DEOBFUSCATE then OBFUSCATE for keys to work?
Thanks
Reply With Quote
  #248  
Old 05-18-2011, 04:45 PM
Sergeys_BY Sergeys_BY is offline
Member
 
Join Date: May 2011
Posts: 12
Default

I upload all app. It is SCADA genesis32 v 7.1 from Iconics. You can download from here

If download press "Бесплатно" and after 1 minute waiting downloading will start
Part1
Part2
Part3
Part4
Part5
Part6

How to install
1) First of all, you must extract the archive and write this on CD (Maybe you can install without CD,but i can't. I think this is protect from copy)
2) Secondly, after that, when you open Autorun (RunMe.bat) you can see menu with several items. We need first (GENESIS32).
P.s. during instalation always press next.
3) When installation finish, you must install license utility. This can be done in main menu or pressing next after installation.
4) Since I living in Belarus (Our language is Russian and all labors understand only Russian) I install 71_Localization_Pack & Russian documentation.
That all with install.

Now, I tell that I found.

When I open the file (genlic32.exe) with Ollydbg I found next codes
C6EE118A389A96C81EEA150ACD
5E2B55459462DC1C943F8FE37BDE2A9E46D0B5E8C4EF
DF82CE092CAD8F2B21956F36E4

and code, which I give from manual activation (you can see it on screenshot)

All codes are obfescated. But, Due your help I received the following codes:

Userkey
C6EE118A389A96C81EEA150ACD obfuscated
C60ACDEE118A389A96C81EEA15 deobfuscated

MASTERKEY
5E2B55459462DC1C943F8FE37BDE2A9E46D0B5E8C4EF obfuscated
5E2B55C4EF459462DC1C943F8FE37BDE2A9E46D0B5E8 deobfuscated

Special thank to narciszu.

And site code

OBFUSCATED:
2C74 A967 C1D6 9B00 0EB3 3C4A 0D

DEOBFUSCATED:
DE21 0D90 F7E3 82B5 16

Special thank to sparpacillon

Site key will next - F538 46F6 C12F DB59 7919 CC7C FB

I did all, that was said in first post, but it don't work.
( In Enlish: error utility licensing. Make a mistake while entering key)


Help me please, I haven't slept for 2 days trying to get site key.

Thank you for reading and advance.

Last edited by Sergeys_BY : 05-19-2011 at 01:14 AM.
Reply With Quote
  #249  
Old 05-19-2011, 10:43 AM
Dulan Dulan is offline
Member
 
Join Date: May 2011
Posts: 5
Default

@Sergeys_BY I don't think anyone would want to download from depositfile host as it is super slow and it will take days to download from it
Reply With Quote
  #250  
Old 05-19-2011, 10:50 AM
Sergeys_BY Sergeys_BY is offline
Member
 
Join Date: May 2011
Posts: 12
Default

ok. I'll try to upload on rapidshare.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.