|
redbull,
Quote:
Hope you would explain more detail about this 'cause i'm really a newbie :) Thanks Best regards |
RE: Serial generation
Hi,
For a start, I think you should eliminate stack usage from the "key generation" procedure and stick to register-based stuff. Most HLL's embedded asm feature also enables you to readily point to the offset of static data objects, eliminating the need for *you* to calculate stack offsets, etc. If that is unavoidable, it requires careful knowledge of the interaction between the function prelude, the stack frame, &c. Therefore I suggest that you avoid this, and/or code the keygen in asm - the only *real* language :) -archaios |
Actually this is a very good question and I've always wondered if the good crackers out there really took time to understand what the developer is actually doing. I'm fairly new to cracking and I guess a little naive and I've always tried to understand the underlying serial generation code. Although I understand how the serial is being generated, the calls etc, I don't think there's ever been a time when I could say what kind of implemtation it was - twofish, crc etc. I guess that would be really difficult to know what algorithm it might be solely by looking at low level dissassembly. But I have seen on Fravia's forum where some of the gurus really know - maybe one day I'll be like them.
|
winrar isn't keygenable cause it uses 1000bit RSA
|
Quote:
|
there are keygen useless because online checks, sometimes cracked/cracks are better than keygen and maybe done easier than cracking.. newbies cracks in the way change 74 for 75, experience crackers injects code /IAT and maybe rebuild all exe file or dll in some way, makes code redirection and kills crc checks, so i don't believe that could be boring to play with some code and do it in your own way , at the end a 'good' crack will do the same as keygen and maybe better if cracks says enter any code to register and any name :D
|
Quote:
|
Quote:
The point is that the hacker should not be able to create the keygen. |
Why you need keygen if you have one valid key and it's not blaclisted yet?
You can enter look what winrar do it, make dump of unpacked code, rebuild and go on....so 1000bitRSA or 2000bitRSA it doesn't matter until it hasn't good release... |
one other thing that came to my mind - what is if you "simply" patch it but you do not find the call home?
if i would make an protection i would try to make an serial number independant (hidden) connection to my company - and you would be happy that you patched the jump... |
Well supprisingly your always know if it calls home, thnx to SP2 for XP or Zone Alarm or Port Explorer, my Fav at the moment... I actually brought this one too, though I could not crack it... Sigh..
But with the above it will tell you every time it wants to talk then just sniff the packets to find out what it wants... :D Pozzy! |
The obvious conclusion imho, is that keygens are the best solution. The great thing with a keygen (unlike *most* patches), is that there's a pretty good chance it will work with subsequent releases of the same app.
Once you have mastered the art of patching, it is definitely worthwhile attempting to try creating a keygen. It helps you learn an awful lot more about reverse-engineering. Of course, there are times when a patch and a keygen is the best solution. I can remember downloading keygens for SubmitWolf 5.x and the keys they generated all got accepted, no problem. But when it did it secondary online check to see if you were licenced to download the updates/addons it failed. This is why I created a keygen and patch combined, and it worked a treat. But let's be honest, both methods are worthy ways of allowing free software to proliferate. Do whatever you're comfortable with. :D |
| All times are GMT +8. The time now is 00:59. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX