|
Obfuscated Crapkey SiteCode
Hi all, I am running into some issues with a crypkey protected application. First time that I've had any issues with crypkey.
I'm looking for a way to have the crypkey engine eat my site key without going through the application registration page. I believe the registration page is just looking for an obfuscated site key entry and it displays an obfuscated site code. I followed everything out in OllyDBG and I believe my current site code to be D287 ABD0 DBFC 2FAA 13. Obfuscated on the License Administrator it shows up as 8A057A32623 83600F19F66 9EFF7C2227C 57FF2 The Screen is asking for a 42 Digit Site Key. I've Ran it a couple times, getting a different sitecode as read in ollydbg and hashed sitecode if I don't skip past the get systemtime as file time check. See the multiple valid sitecodes below. Anyone able to point me in the right direction? Also, I think the Userkey I have might not be correct, as the user key hash from the generated Licences are different from it? Code:
Z:\VM Documents\Cracks\ckInfo>ckinfo+ /sitecode D287 ABD0 DBFC 2FAA 13Code:
Code:
Z:\VM Documents\Cracks\ckInfo>ckinfo+ /sitekey A96297FFD8D09DD59C2A2E682A |
@psgama post the dumped xxxx.ngn file.
|
Dumpoed NGN
Link to the dumped NGN below
https://mega.nz/#!msNUVbSI!gQrOZk77bI5nPmZRDb-5zqocXJSkZCvTt6vjvkemY_c |
It seems like the Key Level is changing everytime a new license is generated as wel.... The options always stay similiar, but written in a different way example
Code:
However I can change the days before expiry on the trial and it seems to stick original Code:
Z:\VM Documents\Cracks\ckInfo>ckinfo+ /sitekey 524A966750BA65B865DD2170C1Code:
Master Key Passed Afterwards:I am still unable to figure out how my application changes my sitecode into a 42 character hash. But I believe this sitecode is only generated on the first run of the license application and then stashed away in a file to be checked against later. Either I am missing something completely and the answer is right under my nose or this is a very nice implementation of crypkey SDK. |
@psgama:
If you can upload the full setup of the prog somewhere and PM me the link , I will have a quick look tonight ? Cheers :) |
obfuscated site code
Following method can be used incase obfuscated site code & site key.
1- invoke InitCrypkey, addr filepath, addr masterkey, addr userkey, 0, 0 2- invoke GetSiteCode, addr temp_1 3- invoke SaveSiteKey, addr temp_2 1 -> filepath -> where is the license file, in your case it is VLINK.DAT 2 -> getting the real sitecode to be entered into ckinfo 3 -> saving the site key taken from ckinfo |
Able to make some headway in the last one hour after I got hold of the installer files.
As you can see in the screenshot, we are able to create SiteKeys accurately now.. I am however TOTALLY unfamiliar with the actual program and it is asking for some "login" user ID and PW... Too tired now to read the manual...And very late at night as well. Will try out the various combinations of the "Options" and Levels tomorrow to see if it can indeed be made Unlimited... Meanwhile, @psgama, could you please tell us what info to use to actually "login" into the prog so that the ACTUAL PROGRAM runs (not just the license manager) ? Am also able to confirm that the User Key and Master Key that you have posted above are correct. Greets to bro raduga_fb ... Long time no see :) |
Default username is manager and password is falcon
|
Thanks for your contributions Techlord and Raduga_fb. So, In first run, the program takes the sitecode and saves it somewhere. I believe this is the sitcode that's obfuscated in the license manager, as a dump of the NGN shows this initial sitecode later on in the dump. What I've been doing this far to generate keys is hitting the generate trial button, which then initiates the getsitecode function and then the savesitekey function. Using this site code and of course ckinfo, i can generate a license with a longer expiry, and overwrite the sitekey that the program is passing to savesitekey, forcing it to eat the ones generated. Only issue is that the unlimited ones I try to generate are not accepted. Immedietly after generating this "trial" key. The program requests another site code and asks for a unlike red key to be passed through the savesitekey function. As shown above. So yeah, that's where I've gotten with it so far. Techlord, unfortunately I don't have enough rep yet to view attachments. Lol
|
OOPS ... Sorry psgama :( for my insensitivity...
Link here : Quote:
|
Ok guys...
As shown in the screenshot in the above post, I have been able to successfully generate the Site Keys. However, for this particular application the option "Limit by Days" function in the Crypkey API only has been activated by the author. The other options that can be used in the API include : "Limit by Runs" and Unlimited. These functions of the API were not availe of by the author of the program. The author had meant the SOFTWARE licensing by Crypkey to be used for TRIAL purposes mostly, and the DONGLE for (mainly) UNLIMITED USE... This program can be activated for UNLIMITED ONLY when the Sentinel dongle is used with it for its licensing. Otherwise, if SOFTWARE-BASED licensing is used, the program can be used only limited by DAYS. Meaning that you can extend the TRIAL to a very huge number lke 9999 days or something like that. But as far as my investigation shows, there is no option in that program to have UNLIMITED, just by entering a Site Key. This is what I understood.. One way to bypass this would be if you modify the program code (Crpykey API etc) as such directly - very complicated. However in this program, I see clearly that the SENTINEL runtime as well as its API are also integrated deeply, along with pretty good Anti-Debugging tricks... I see, psgama, that you have ALREADY achieved the EXTENSION of the TRIAL by many more days by substituting your own Site Key. So I see that nothing much can be done without modifying actual program code a lot. If there is anything that can further be done then please let me know (other than changing the whole crypkey API in the code !) ... |
Maybe someone can to give us link for this application in order to help more.
|
Thank you all for your contributions. I knew I was having difficulties moving forward for a reason. Multiple protection schemes are in place here. And yes, some pretty good anti-debugging tricks in place as well. Extension of the trial to a huge number is definitely acceptable in this case, as it's pretty much fully functional. I have PM'ed the link to the trial download to anyone that has requested it.
Cheers and thank you all for your time and contributions of knowledge. |
The program can be registered as FULLY through Crypkey. There must be a relation between Key Level and Options. Example -> Level=11597, Options=4,5,7,10,11,13,15,16, or, Level=46730, Options=8-12,14,16. If Site Key is created based on one of them, the license can be permanent. It is necessary to debug the program to find out the relation which I am not going to do :)
|
Thanks for the confirmation Raduga_fb. I suspected there was a relationship between the level, options and license type in this application, as I generated several licenses through my research so far and noticed them changing often. A very good implementation of crypkey, I will continue with my research and post the relationship when I find it.
|
Wow! Thanks! You're pretty damn knowledgable with crypkey! This is just a hobby for me, just another puzzle to solve in my spare time, so I most likely will continue to work on it for a while anyway. Figuring out the obfuscation routine to get from sitecode to displayed sitecode and being able to enter an obfuscated site key directly in the license manager is definitely the best solution. You are right in that respect. That is my ultimate goal, for my research with this application, and I will continue working on it. Once again, thanks for your contributions.
|
@psgama: may be some manual help you
CrypKey Manual 7.0 |
Awesome. Thank you! I will DL when I am near my computer. On phone now. PM SDK link anyone? I want to learn as much as I can about this protection.
|
@Psgama :
There is a WHOLE thread on this forum where the SDK INCLUDING the MANUALS have been shared. I did not specifically share the manual or the SDK on this thread since it would be REDUNDANT. I'd assumed that you would have done a search on this forum first ? In any case, for your convenience : Quote:
Please do use the SEARCH button my friend... :) The Original Link shared here LAST YEAR at Quote:
So there is no need for anyone to share it by PM my friend :) Once again, I take this opportunity to thank our bro @raduga_fb for his EXCELLENT share of the SDK last year. THANK YOU BRO ! |
My apologies. I just read through the thread quickly now. It is indeed a very old thread and I should have investigated the link to see if it was still active. I will look more carefully next time before asking. Thank you for pointing that out and providing the link to the thread regardless.
|
| All times are GMT +8. The time now is 06:20. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX