PDA

View Full Version : CD Protection for an application


LaBBa
June 16th, 2008, 01:35
Hi all

I'm trying to crack the CD protection of an application that comes with 2 CDs
1 CD is the install of the application that have no protection the 2nd CD is the DB of the application.
in the protected CD there are 3 files with a XXX extension in root:
file00.xxx - 563,438 KB
file08.xxx - 850 KB
file09.xxx - 3KB

there is 2 more folders

MA folder files:
file08.MA - 1,054 KB
file09.MA - 36 KB

YZ folder files:
file08.yz - 361KB
file09.yz - 11KB

i saw that in CD freaks forums it was also an issue with somthing that seems to be the same protection :
hxxp://club.cdfreaks.com/f18/defekte-sektoren-ab-316687-a-72880/

i have try to image the CD with all application and when i try to run the images the application of the recognize that it's not the original CD (used latest Daemon tools and Alchol)

I have just found out that some one in my contry has cracked the CD protection of a newer version of the application i'm trying to crack
the cracker added a file that he called : appName.emu
and it's a binary file with this header :
CD001 GEAR CD/DVD PREMASTERING GEAR SOFTWARE 2007032013494800200703201349480019830320130322002007032013032200


I have added attach of the emu file that was added to crack this newer app

i don't have the original exe file of this new version so i can't compare it.

the Cracker also patch the application so it will read from file .emu data when trying to boot from CD

does any one knows about this kind of CD protection that need to be cracked like so ? and how did the dump of this sections was made ? and how the application exe file has changed so it will read this emu file when trying to read the CD?

evlncrn8
June 16th, 2008, 02:09
CD001 GEAR CD/DVD PREMASTERING GEAR SOFTWARE 2007032013494800200703201349480019830320130322002007032013032200

is meaningless, its just a sector 16 header....

emu is probably 'emulation'.... the emu file probably is a record/playback file, presumably you'd apply some api hooks (probably on deviceiocontrol) and playback the data...

scan the disk and installation folder with protectionid - perhaps it'll shed some light on what the protection is....

LaBBa
June 16th, 2008, 03:37
I have used protectionid and it didn't recognized the protection type

i have try with every app (alcohol , cloneCD , blindWrite) with all copy profiles exist and still all the time i get from the application that this is not the original CD

i will try using the application that made this image/emu file it's call Gear Pro Mastering edition ... maybe it will be useful ...

evlncrn8
June 16th, 2008, 09:16
erm, gear doesn't have protection features, its generally used to make images, which are then glass mastered, during the glass mastering defects can be introduced (bad sectors, weak sectors and so on)... using gear won't help you at all...

what you need to do is analyse the disk, match up the sector information from the emu file against the burned disk (or its image/whatever)...
only then will you find what you're looking for..

like i said, the emu file looks like its designed for playback from code that hooks deviceiocontrol and 'supplies' the right information...

LaBBa
June 16th, 2008, 15:58
i got it now ...

when i load the original CD after it uses the DeviceIoControl API it read the section of the data it need for password of the DB files the section of that data was created with Gear Software and there is data there that from some reason can't be copy by any of the applications that i used.

so i run the original CD and when i saw that it read the data from the section i hace make a dump and saw the section data like the emu file had... now all i needed to do is make a dump with olly as a binary copy and now i have my own emu file like in the new version that was cracked ... all i need to do is to make a load to the binary file in run time and thats it.. i belive that the CD will be hacked soon..

tnx for the help..