what is the best way to crack s/w that acccess the web to check s/n?
 

hello all

i have been trying a few ways to crack some s/w that uses the web to check s/n if i try to bypass this then i can't get any updates..it will let you get 4 free updates before it asks to pay...it checks the s/n (which is diff on each p.c you install it on) via the web? can this be cracked or no?

there is a section to enter a s/n that they send to you...it seems like the download updated button is disable

[EDIT JMI: Chad there is an Edit Button on the Posts. There is NO NEED to start a new post to ADD to your last one.]

thanks

Have you tried to use a network protocol analyzer - ethereal for example - to capture the data that it tries to send to the remote site?
Maybe you can get some clues or try to see what it expects back from the server.
Do you have an URL of that program?

yes the url is

h**p://www.numaxcreator.com/Uploads/NumaxCreator%20v7.x%20Setup.exe

thanks

p.s sorry about that JMI

[EDIT JMI: No big deal. Just trying to save some room in the database.]

"...it checks the s/n (which is diff on each p.c you install it on) via the web? can this be cracked or no?

I guess this is a kind of protection that we'll start to see more and more and it's obvious that nobody feels safe studying an app connected to the net. I am not sure but i remember that DAMN made some kind of "proxy"(?) to emulate some protection based on this...not sure.

yea i have tried a few diff ways to crack this so far no go but i'am still learning this stuff...i hope someone out there thinks of a way to get around this....

thanks

well, Load the EXE or DLL into IDA...

check out the imports.. usually imports are used to connect to the internet and check a sn :>
if not, then check out the exports, some other functions that the exe has..

id just disable the Net connect, and assemble the proper code for it to be registered.. :>

I have been watching this thread and wonder how you guys managed to understand the first post. I didn't. I downloaded this soft to watch "s/n (which is diff on each p.c you install it on) via the web".

It turned out to be a very simple protection which can be cracked with tens different solutions. It's really too simple to explain it here so let's go with the effect.

Copy this file to [WINDOWS]/SYSTEM32 directory.

Run the software. Does it show "VIP user"? Yes, so why aren't you "VIP" at ExeTools? Go and post something :) (just a little humour). Now you have unlocked software (by the way: GSM tools, like this, are often protected by some weird techiques).

If someone wants to work with this protection then try to reveal its FTP communication (it's not hard).

Regards.

wow well i'am not at home to test it...(i will test it later)
i know you said its to simple to explain here...however i would like you to explain it please..cuase i must of made something easy into something hard :(

thanks for checking it out


p.s sorry about the first post..i didn't explain it well :( i never thought of it using ftp server

There are generally (at least) two issues which may be important when considering software that connects to the author's website to confirm its validation.

First, if it is just a "confirmation" of a S/N, followed by a goodboy/bad cracker switch, you can often just "redirect" the URL it calls home to and activate the goodboy selection.

However, if it calls home and confirms your registration info before it sends you something (i.e., decrypt code) you need to make some vital part of the program actually work, you have a much more difficult problem. :eek:

Regards,

Chad1111: sorry, I didn't mean you cannot explain the problem. It was just a funny post (maybe a little chaotic) for me ;) so I wanted to take a look on the software because I knew it would take few posts to let me understand what did you mean by online serial number verification. When someone says "it is hard/impossible" it tells me what to do.

About explaination: JMI explained the theory very well - his post would take me approx. 10 times more forum space to say the same :). If it comes to strict tech stuff then I am too old (hey, I'm still below 30!) and that is the reason of my "advice style" rather than tutorial style. I know you guys would like to receive full tutorial each time but there are two reasons I won't do it in this case. First: it's really too easy (I mean it) and you have a lot of cracking possibilities if you want to learn. I gave you a key file, you can still crack the software on your own and even sniff the transmission to build independent FTP connection - isn't it a good example to practice such a nice techniques which may be probably used more often with the time? Second: I would like rather to make 10 "advice" like posts than one tutorial.

Human mind is to think. Personally I don't like the style of "press F8, make a dump using PETools, fix the offset at...". I prefer the way of logic explaination (not tutorial) and ideas suggestion. Most of you don't like such a way but I believe (I may be wrong but let me dream) it is the most effective method if it comes to knowledge "boost". Consider this: what is the problem to break "usual" protections? Time - that's all the problem. And what is the problem to break the best protection(s)? Idea. You see, most of us have similar level of tech-knowledge. So why one can crack abc and other cannot? Because one can cross some abstract border in his mind and sometimes posses better invention abilities while the second one tries to "bruteforce" the protection with "F8" key, without taking a serious break to think about other possible solutions and give the mind a chance to build an innovative idea. To be clear: I am not talking about anyone, nor myself. It's just a piece of my theory. Also it is only my private opinion - don't kill me and don't scream here. PM me with "fu*k you" charset as the message content - that will be much better ;).

Regards.

I agree with dyn!o on this point. The goal here should be to help others learn how to think about the problem, not give them a solution. While something may be learned by studying another's soultion, it doesn't really teach how to extend the mind into seeking creative solutions to problem solving.

It's a variation on the old expression: "Give a man a fish and he will eat for a day. Teach him how to fish, and he will eat for a life time."

You need to learn "how to reverse engineer software" not be given a crack. Hinting at areas to investigate may advance that goal. Telling you to follow step 1, then step 2, then step 3, really "teaches" you nothing, when the next program comes along and has re-ordered the problem into step 1, step 3, and then step 2. You need to begin to understand what the software is doing so you can recognize it the next time to see it, or a variation of the same general concept.

In this instance, it is the difference between YOU looking at the software, attempting to analyze what YOU see, and YOUR drawing conclusions. THEN ask for possible confirmation that YOUR conclusions are correct, rather than asking that someone explain THEIR solution to YOU.

Here you ask the questions: How does it connect to the software website to confirm I'm not a bad cracker?; when it connects, what information is it attempting to confirm?: what does it do when it confirms whatever information it is looking for?; what does it do if it doesn't confirm whatever information it is looking for?; where in the code and in what manner does it do these things?

Now you can begin organizing a PLAN of analysis. You start with a question about how it might connect to the software company FTP. This leads to investigation of how making an outside connection might work and what programs might help YOU determine that. Learning that would give you a lead into what might be found in the software to alert you to when and where (in the code) that is happening.

For example, if you aren't connected to the net, is there a warning that you "must be connected" for the program to operate correctly? If so that warning must come from inside the program somewhere and must have gotten to that warning message from somewhere in the code. Now you have something specific to look for and then you can try to trace where the program jumped to that message and THERE you probably have something to do with FTP connecting, right?

And looking at that code and where it leads should get you to the area where some check is executed and/or where there is some crypted code. At least now you have a mystery to investigate.

That is what is interesting about reversing. The challenge of FINDING A SOLUTION. YOU don't accomplish ANYTHING by pushing a button someone gives you, which makes the program work. THINK about it.

Regards,

very nice subscription.
just like one mean : use our own smart brain :-)

i understand what you guys are saying...i'am going to study this file and hopefully find out what they are doing...

p.s i tried that ethereal but it crash my p.c .. any other ones i can try?

thanks guys for the help

I think we said enough. Now other folks should join and try to help (think).

My small personal note: it looks you didn't read our posts. You tried Ethereal and stop the work because it crash? I know at least few other very good sniffers and why you even need them to discover the transmission? I see XceedFtp.dll file which is responsible for the transmission and is even easier to analyze because it was builded with VC, not VB (like the main exe).

Why not to set a breakpoint at the moment of key file reading (you own the file)? You will be one step before the FTP communication takes place.

Regards.

yes i did read the other post i was just trying diffenrnt ways. however i see what you mean now...thanks for the point in the right direction :)


thanks

It was my pleasure ;)

i don't know if could be useful, i've seen the new trillian web check protection yesterday and this program use these imports of Wininet.dll

HttpOpenRequestA
InternetCloseHandle
InternetConnectA
HttpSendRequestA
InternetQueryDataAvailable
InternetReadFile
InternetQueryOptionA
InternetSetOptionA
InternetOpenA
HttpQueryInfoA

so look fro strange names into imports.. maybe your program uses stupid functicon like these bye

and these:

WSAAccept
WSAConnect
WSARecv
WSARecvDisconnect
WSASend
WSASendDisconnect
WSASocketA

"Personally I don't like the style of "press F8, make a dump using PETools, fix the offset at...". I prefer the way of logic explaination (not tutorial) and ideas suggestion"

Yeah,,i agree completely with these words and also, if possible, ideas suggestion with a little rhetoric digressions in the old +Orc's oratorian style. Ahh...i'm sure i'm not the only one who misses so much that old texts.....Sorry.