Inline patch or loader for Asprotec 1,24-1.3????

[Kyrios]

i saw inline patching on ASPRed 1.31 which is pretty amaze me how they did it. I'm sure they use blacklisted key because the program run fully registered.
Advanced MP3 Catalog Pro 3.16 for instance by sthepenteh (from Ressurect team).
Another one is Astonshell 1.9 by someguy (from underPL?)
Any tool or tut will be definitely usefull for everyone else. Ofcourse tut is much more precious.


kyrios

Will it kill the days limitation and/or executions limitations? If not, it will be useless.

don't pretend a loader maker or patch maker will do everything for you.. you most find the bytes to crack the app. at the end that's all you want.. you can kill, by finding the needed bytes, time execution or time limit for any asprotect app. without any special option... have use of debugger and some dead code analisys.

i saw inline patching on ASPRed 1.31 which is pretty amaze me how they did it. I'm sure they use blacklisted key because the program run fully registered.
Advanced MP3 Catalog Pro 3.16 for instance by sthepenteh (from Ressurect team).
Another one is Astonshell 1.9 by someguy (from underPL?)
Any tool or tut will be definitely usefull for everyone else. Ofcourse tut is much more precious.

there's some new method or tool they use for asprotect 1.x-2.x
and it looks they don't even need OEP for the inline patch.... just the bytes to crack the app..... still haven't seem any info. about this maybe it's private and maybe noone who knows it will make it public to make hard time To Alexey

[BetaMaster]

there seems to be a weekness in crc checking of aspr'd programs in the protectd/encrypted data not the code.

some crackers enject code in that area, which makes a call to certain address in which they place the required instructions.you can trace the decompression/decryption routine to see what to enject to get the required call to that address.

examples of aspr'd targets that were attacked by that method are iso commander 1.5.052,1.50.060, reget deluxe 4.1.241 (twice by tsrh and digiratti).

[bedrock]

I spoke with stephenteh of team RES via PM to ask him about aspr method, which he also used on Gene6 FTP server, he told me he learnt method from cracks that revenge crew used hxxp://revenge.crackdb.com/ but ther is no info on there web site.

I looked at Gene6 patch, it only seems to change 4 bytes, plus change section length to include registration data, it looks to me like the encryption has broken somehow, caus the 4 bytes decrypt to different code after aspr decryption.

i am still looking for more info on this method

--
bedrock

[BetaMaster]

Quote:

4 bytes decrypt to different code after aspr decryption

of course that's the main idea.all you have to do is to hack the loop where the data is decompressed/decrypted, make some changes at the end of the loop, which makes the process continue for certain bytes until they reach the desired values.

[the_beginner]

@JMI

PHP Code:

the_beginner:

Small lesson in proper English spelling, simply because your effor makes a word you do not intend. 

You keep spelling the English word "got" (erhalten) as "god" which is the English word for Gott. Major difference. I know that in German a "d" at then end of a word can sometimes be pronounced as a "t" but that is a rather important word not to use by mistake. Verstehen?  

Regards, 


ok ok My English is very bad,but Nobody is Perfect


@diablo2oo2

Many thanks,I hope this help me


(Ich k�nnte auch Schreiben vielen Dank denn Du kommst ja auch aus dem Deutschland oder wie kommt man zu einer .de Adresse :-) )

cu

[JMI]

the_beginner:

Nobody is criticizing your English or suggesting it is 'bad." I simply pointed out that one small letter made a very important difference in those two words, an error which you might want not to make. And thanks for the offer.

Regards,