Biometric SDKs Reversing for Personal Study
 

I do not yet have access to the "request" section of the forum. So I am posting here.
I came across these SDKs recently and they look really good. But I could not find a single cracked version for these anywhere online from 2009! :(

I have seen several requests on other forums too but not a single working crack for the recent versions.

I am specifically interested in the Face Verification 10.0 SDK, VeriFinger 10.0 SDK and MegaMatcher 10.0 SDKs.
If anyone could provide me a working solution for any of the SDKs I would be very grateful.

Of course, I am only going to use them for my personal projects.


Download Link:

need constant internet connection... maybe not include algo in app, but in server where you login with user / pass??? best protection, not give anything is best policy.
need investigate protection if really a crack can be made or all is online and app just an interface between you and server.

Logic resides client side. Solution possible
 

It is definitely possible.

In board4all warez forum, one of the admins (VietCode) PM me to ask if I can crack it. The version 10 requires a lot of patches in many modules to be made.

I actually released a partial patch but the admins kept deleting the thread.
When I objected they got offended and banned me just like that. Later i found that they usually keep it for themselves and sell it.

Anyway, I am saying that the program logic resides client side and the internet connection is only for a check. Can be bypassed very easily.

I hope someone can make a complete solution. Will be useful for all.

Hi

As conversation with company, connection required just for activation so it's not server side !

For cracking this sdk you need to patch all listed modules, it's annoying but possible !!!


BR,
h4sh3m

then only persons that accepts such job is missing....

There is a reason why this sofwtare was never able to be cracked for over 10 years. Many have made claims but no one managed to crack it. No proper working version is available anywhere on the internet. ;)

You are wrong on both the counts. For the links posted by the OP, internet connection is necessary all throughout the time that you run any software that you create based on the SDK. I do not know how the company can tell you that connection is required only for activation?
Of course, if you purchase a license then you do not need internet.
But for the versions posted by the OP, we do need internet all throughout the time that we use it.
The client has all the logic but some portions are encrypted.

User1 correctly noted that internet connection is needed all throughout the time that the software is used. I have just corrected his statement that algo does reside in client side itself.


No need. Only a few need to be patched. I think @TechLord posted a working version somewhere.

Why don't you try and then post a working example? Not as easy as it looks. Maybe you can just patch one module and post it as proof, to show that your theory is right? :P

A Working PoC Video of the License Crack:

Yes, I'd also been requested by the admin VietCode at that warez forum by PM right after I'd joined. They wanted to sell the crack and that was why I did not release it publicly there..

"A picture is worth a thousand words and a video is worth a thousand pictures"

I am posting a very, very quick video proof showing the comparision of how the SDK behaves when a sample app is run with and without the [license] crack.
In BOTH the cases, the app itself is not cracked or changed. Only the underlying SDK used for the sample program has been patched.
At this time I have only patched the part of the SDK dealing with fingerprint identification and analysis. I have not yet patched the other parts of the SDK that deal with face ID, IRIS Identification and other Biometrics.

Note that only ONE module needed to be patched... :D

Video with License Crack:

Video without License Crack:
This is my original crack (and needs to be modified a little though, to make it run reliably on all systems). But most definitely this is a working PoC that shows that it can be cracked without issues.
Internet has been disconnected for both the videos...

For software made with DEMO (TRIAL) SDK to run, internet connection has to be continuously present. Using our crack, that requirement is removed.

Hi

There is some reasons why working cracks doesn't present on the net :))
As I remember version 4.x cracks sold for over $1000 without reporting any issues.

You think that I'm asked from company about cracked version ? Really ?!
I didn't have access to used mail server to show you replied answers, Sorry about this ;)


Proving is for professionals like you, I'm a noob ;)
Have a nice day

you have 2 options:
you learn crack by self
or you pay a RE business do it for you.
no one takes such a hard job waste time and resources and send you free,.
I think you understand me. i m not interested in any deals with any of you, I just told how in general situation is !

Thank you @TechLord for your time.
Finally I see someone posting some real proof.

@h4sh3m:
True. Versions upto 5.xx were very easy to crack. I was able to crack them myself without too much effort and I still have them with me.

The version that I requested is 10.x
No one had been able to crack the versions after version 6, even when I was willing to pay for them. I would have bought it if it wasn't so expensive. I just want to use it for my hobby project.

@TechLord: Would you be sharing your solution? :D

I do not think that it is a good idea to post it as an open share for everybody. So, I will be sharing it with only members here who have made significant contributions to the forum. I will of course share it with you.
Anything posted openly just aids the developers to use as a free tester's feedback to further strengthen their protection methods.

Right now we are very busy with the (Codemeter) dongle project which we started off on the 15th of October. I will be posting some updates about our findings very soon. :D
After that I will release the Biometrics SDK. If anyone wants a copy of the SDK just make a small post in this thread saying so.

Sadly since long times on many forums.
When i were younger,forums were there to learn for educational purposes only,no need to name them and now too many infiltrated,none anymore fun spirit but it's the world now :)
greets.

Yeah, I though I saw your post with the videos there a week ago but after a few hours it was gone. :confused: I thought you had removed it.

If you are a known reverser, you will get a bunch of crack requests in your PM box within a day of joining that forum. All for very expensive software. I cracked so many for the staff there for a year. Declined to crack just one software and they banned me (my account shows "restricted"). Poof, all my 18,000+ "likes" (needed to download anything there) all gone in an instant. They only keep you if they find you are useful to them. One of the most ruthless warez forums I ever came across. :(

Am sure glad that the staff at Exetools are ever so kind.

Anyway, could anyone post info regarding the mechanisms used for the protection of this SDK? Just like @h4sh3m , I also cannot figure out a way to crack it without patching all the modules. @TechLord says that patch was made in a single module. How ???

It will be good for learning if some guidance could be provided by anyone.

Yes poof, how very ruthless - there they do not hesitate to get rid of known rule violators. Their last 3 rules has seen a lot of miserable so-called reversers bite the restricted dust.

Of course fortunately this is not a behind the scenes crack selling forum so such odd pressures do not apply. Not sure that any meaningful comparisons can be drawn.


As for that video, which version of the SDK was cracked, I also am only interested in version 10.

Hi

As told before proving is not for newbies like me so guys forgive me about this one !
Latest trial sdk usage(downloaded 2 days ago):
https://www.aparat.com/v/aRVxf


BR,
h4sh3m

Sorry to hear about your experience @Megin :(
@TechLord I am with Megin on this one. Could you post some clues so that we could crack it on our own? If we patch all the modules, I find that the included samples run, but the SDK itself does not work as fully licensed if used to create own apps. So I agree that patching all the modules is not the solution. I hope you can give more details so that I can proceed on the right path. I am not looking for a ready made solution.

what exactly doesnt work?

1.please somebody download all kits/exe and manuals and pload as a single archive.

2.nothing .net inside them?

@deepzero: The various functions in the SDK for the newer versions are licensed on a per component basis. If the modules and/or the sample programs are patched, then only the components used by that module or program will work. The full set of components in the SDK will not be licensed in that case.

@niculaita: The full set comes to over 4 GB. It is updated every month. The SDK has java, .Net, C++ etc also in it. Due to freq updates, makes sense to upload only the set that we have a working crack for, I think.

@h4sh3m: If you do not share your methods or the techniques you've used, it is of no use to us. @TechLord had already agreed to share not only the crack but also the techniques with us. We are here to share. If you are able to patch the full SDK, then please share the technique with us.

@niculaita: You are absolutely right, at least a current version of the full SDK should be provided. Plus there are some sort of major versions associated so its stable enough to do this. Otherwise there is nothing to discuss as techniques are supposed to be found that generalize across all of them. Their website only gives an even more limited demo.

That would be a lot more useful than ridiculous video PoCs and a bunch of shoulder patting buddies blowing smoke into the room. After all we are not selling cracks here or having a bragging contest.

You're the guy who posted all those conspiracy theories about ChessGod101 and Exetools in the other forums last month? All of us had a good laugh reading that nonsense. :D

Did it ever occur to you that you are the one "blowing smoke" into the room? I decided to overlook that other post you'd made here but you seem rather persistent.
The other members are trying to help me and they have posted valuable suggestions. I would be very grateful if you could stop trying to stir up a fight please!

Without a PoC I was not sure whether a solution would be possible at all in the first place. Their videos prove that a solution is indeed possible. I want to patch this myself and am waiting for suggestions from the veterans. I do not want them to be put off seeing your sarcastic comments! Thanks.

So now you attack me. I have no idea what you are talking about regarding other forums. But given that this is your first post on the forum from 4 days ago, it appears you are just in that same gang.

Honestly it looks like the dirty trio are practicing forum management techniques gaining always the random suspicious new member to try to form a quartet. Get a buddy to make a post on a topic they want to discuss as a question where they can immediately start providing their phony expertise and drama. But they are not the admins and they are not even popular so they really have no right to play these games here especially since they are basically breaking and abusing the forum rules to do this. I have cautioned time and again against letting people buy their way into a forum whose purpose is primarily academic. Of course they will ignore my advice, this forum is unfortunately under corrupt financial influences just like most of any other well established ones. Life in any dirty empire is as such.

I hate to say it Mr. Hoffman but this last post really gives nothing but contempt towards you and the 3 so-called "veterans" you are trying to promote and pump up.

Call a spade a spade. Criticize me all you like but you reveal your cards already. Another tool here to play forum politics, irresistibly launching an attack as a newcomer.

I am only waiting for substance and not hype. Others are too albeit more patiently.

@Hoffman
why waste your time here???
get in touch all RE dongle business with reputation and solve your problem
u find them while google it.

Solved!
 

TechLord had already sent me the crack yesterday but I missed seeing it. Many thanks for the solution.

I also want to thank everyone who contributed and tried to help. I can confirm that his crack is working correctly for all the modules for the present v10 of the SDK. The demo SDK that is presently available on the vendor site has all the required modules. TechLord only made the crack for the Windows version of the SDK, as requested. Only a single file needed to be patched.

If anyone wants the crack please contact TechLord directly and get it from him.

I do not mind people sharing the crack or even toturial in public to assist developers improving their protection in the future. It would be a fun game and make both sides learn and grow.

Well, if it is a crack only and no tutorial or hints for cracking, then it is useless to all other members. Basically, we do not want eXeTools to become a pirate software market.