 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
|
|
|
|
||||||||||
|
||||||||||||||
|
||||||||||||||
|
#212
04-27-2011, 04:36 AM
|
|||
|
|||
Quote:
1. start my app 2. go to activation screen 3. start petools 4. look for crp32002.ngn 5. make a full dump with petools 6. open the dump in olly 7. i found the master and userkey with ultra string reference plugin in olly Thanks men. Now i've seen this lines, i mean this was the clear code. Not obfuscated and the decryption ? , maybe anybody can explain it. 0165 D5F1 F70C 85A3 40 %02d-%02d-%02d %02d:%02d:%02d %02d-%02d-%02d %02d:%02d:%02d The next prob are the key options, how can i find this one? Thanks Last edited by mr.smart : 04-27-2011 at 08:31 AM. 
|
|
#215
05-10-2011, 08:27 AM
|
|||
|
|||
|
Quote:
Heres what I've located and used -> Site Code: 015F 1B7B 1B9F F446 00 User Key: CA BB98 AA64 D711 2CE1 2C61 Master key: aad328231cab87079bfd8e64763318b062a18cb0137b846b56 be3a064ad04fa0d086c57e66a1878f41d807613bceb890f7ef 0348018a65632de5446b69e441fb49566e16a4bbf4ea8fa192 9b3f3f25f773c4176940dbc2a451b8b1d43f1f8a84c7c22208 6fea4e1137960ad90a17542f802d03a2918da41740a922564a 30c52f Then with ckinfo -> Key Information... + Site Code : 015F 1B7B 1B9F F446 00 + Plaintext Password : WWGNW7>WGZ + Easy Licence? : Yes + Key Level : 65535 + Key Options : 1-16 Key Validation - OK Creating Key - 0000 015E E9FF FFFF FF00 00F7 35 Encrypting Key - 3BE0 D0AE 518F 7CD3 1D84 8F07 10 Should I be doing something different here, any guidance would be appreciated.
|
|
#216
05-13-2011, 01:34 PM
|
|||
|
|||
|
after registering the app, where whould be inserted the UNLOCK MODULES code?
someone can kindly make a screenshot? 
|
|
#217
05-13-2011, 09:20 PM
|
|||
|
|||
|
Greets. I'd like to try my hand at fishing for the plain Site Code for a CrypKey 7.1 target program.
The obfuscated Site Code was XXING1 NWVX59 WPNXVV Y61X1P XXXDRX VXXK5I. It changed to XXIG4X 2NKSY9 GNM2S4 Y61X1P XXXDRX VXXK5R when the clock was set forward to trial expiry and it stays expired for now. At both instances before and after expiry, Ollydbg Ultra String Reference found nothing from crp32002.ngn or <prog>.exe dumping at prog activation page run. Kinda stealth. And PE Explorer found FE02 6835 D3E7 A293 BF at the very end of crp32002.ngn dump file but ckInfo v1.13 gave no joy.  How else can I defeat CrypKey jigsaw puzzle (short of reverse engineering) to produce a Site Key? I hope to get a few further hints or pointers from you wise guys. Thanks. Target program download (87 MB) Last edited by wakid : 05-13-2011 at 09:53 PM.
|
|
#218
05-14-2011, 02:56 AM
|
|||
|
|||
|
Work the problem backwards, ignore the site code.
You have master key & user key with hash values. Make your own script for ckinfo & generate a good site key. You by chance grabbed the original site key that gives you the trial? Don't put it in the box where it asks, after you generate put where on your system site key resides. Replace unreadable site key with 26 byte key you generate. Usually documents & settings under xp, program data under 7. Make sure you can view the o/s files under folder view. Have fun
|
|
#219
05-14-2011, 05:32 AM
|
|||
|
|||
|
or use sdk to write your own little tool to call get_sitecode2() for your app.
@wakid you should search better.. your sitecode is where you already searched.. just look after get_sitecode1() into the dump and you wil see it now you should find options / levels and of course if you want you can understand how obfuscation works. i suggest you to dig into EISIcrypto.dll Last edited by sparpacillon : 05-14-2011 at 07:39 AM.
|
|
#220
05-14-2011, 07:27 AM
|
|||
|
|||
|
The most important thing for MaxSea
BlowFish Key-> UCHAR Key[] = { 0xAA, 0x6F, 0xA7, 0x8D, 0xF9, 0x5E, 0x64, 0xCF }; 1) Decode Site Code with BlowFish algo and receive "deobfuscated" Site Code 2) Encode Site Key with BlowFish algo and receive "obfuscated" Site Key Last edited by WRP : 05-17-2011 at 12:49 AM.
|
Linear Mode
