PDA

View Full Version : Activation code actually visible as ASCII in Olly, doesn't work but is it useful?


Kero13
May 1st, 2013, 17:48
Hi all,

I've been messing with this application for a while, as I play around with reversing. Kind of prodding at it as I learn; I didn't expect to be able to get it right away.

Anyway, what I know so far is, it's Delphi, and it uses a commercial activation system that starts with an E and rhymes with "accelerate" (I assume we aren't supposed to use real names here). This system uses 2 .dlls in the install directory. A dialog pops up when first run, asks for a serial, and attempts to phone home. When internet is disabled, it fails and then goes into a manual activation mode that asks for a longer activation code in the familiar format (several form fields, each accepts the proper number of characters, separated by hyphens). It also has an integrity check that throws a generic error if it senses it's been patched.

So I managed to disable the integrity check and save my patched version, but it wasn't a good crack - it got me the good boy message but still won't load now that the trial has expired. So the fun continues.

Anyhow, I've found a few places where ASCII strings of apparent serial numbers and activation codes exist (see paste below). The long string is the exact format of that manual activation code (the portion after the colon anyway):


007C2A50 68 782D7C00 PUSH WeatherS.007C2D78 ASCII "ACT618522859:BDLPJC-5F8F-V2LGGY-R4NZ-CA5NCT-1XEA49-G7RH-W612X0-TCZK-5EQZPB"



Naturally I tried using that as an activation code, and (probably naturally) it failed. I'm guessing this is like a master key that is then hashed with something machine specific to make the real code? Maybe somewhere in the .dll, since I can't find it in the main code (but of course I barely know what I'm doing). I've put breakpoints on all these instances and stepped through these blocks, watching to see if the real code appears as the program executes, but no changes. But still, I can't help but think this is useful information??

Just wondering if anyone can suggest a direction to go with this... I feel like maybe I'm getting close, but this is probably not the app for a newbie... but it's a quest now.

Thanks...

bilbo
May 2nd, 2013, 06:08
Quote:
I've found a few places where ASCII strings of apparent serial numbers and activation codes exist

Maybe a blacklist?

Kero13
May 2nd, 2013, 12:35
Thanks for the reply. Interesting idea but I don't think so... I can see my explanation was misleading, sorry. It's only three unique codes - the activation code and a couple others that look like serials in different formats. These three codes are repeated in a few different places. It would seem they're being used in the calculation of the correct activation code.

This esellera- oops, this accelerate-RHYMING protection seems kind of common, I was hoping someone had run into it before...

hfm
May 3rd, 2013, 02:34
Sounds like they may be "Publisher Keys", check the online documentation for the activation system to find out how they are used.

Kero13
May 6th, 2013, 19:42
Good idea, I should have thought to check their documentation. Unfortunately, it looks like you need to be a paid user of the protection/activation system in order to even access the Users Guide, all I could read online were FAQs. They hinted that the details I need may be in that Users Guide, but I can't get it. Doesn't seem to be floating around in Google either. Oh well, I'll keep picking at this thing...

hfm
May 7th, 2013, 02:18
You can create an account without having to pay anything. This will give you acccess to both the SDK and user guide.

Additionally the SDK documentation is available on the vendors website and is accessible without an account. But as the link to it is in the User Guide i'm not sure if its safe to post a direct link here.

Kero13
May 13th, 2013, 15:40
Sorry for the delay, just been coming back to this project as I have time. Anyway just wanted to say thanks for that information and I will definitely be creating an account ;-)