Page 1 of 3 123 LastLast
Results 1 to 15 of 35

Thread: I can only shake my head.

  1. #1

    Talking I can only shake my head.

    Guys, not a question, just an example of someone unsure of the process.

    I'm investigating a target that uses the Mozilla engine at it's core, and builds upon it. Well, it has a license file like FlexLM, but is a homebrew. The licensing dll is 200K, and is an XPCOM object. (Not fun to disassemble BTW). So, I'm digging around, and find the "your license is expired" dialog trigger. It's in a JAVASCRIPT FILE. With a header on the function that tells what it does, and that it should return true if the license is good.

    return true;

    done. Now, while the app is running, the About box shows that your license is expired, or missing, or whatever. So, I start digging for that code. It's in a compiled python script. And, just to be nice, they provide the original python for you, just in case you want to see how the protection works.

    *sigh* This reminds me of a super hero game that I saw a long time ago that came from the UK. Batch file protection:

    @echo off
    if errorlevel blah goto exit

    No, I'm not kidding.

  2. #2
    Haha oh wow... I've seen "IsRegistered" options in registry keys and INI files and the such, but providing the source code is on a whole different level.

  3. #3
    reknihT esreveR SiGiNT's Avatar
    Join Date
    Sep 2004
    Wherever I am
    Ran into a .net application with an IsReg named function - my other favorite was the Arma protected app relying solely on an Arma .dll for protection - unpack the main app and the protection disappears.

    Unemployed old fart Geek - Self Employed Annoyance
    Team: Noobisco Crackers
    If someone can't do it for you, you'll never learn!

  4. #4
    Ran into this one today that shows just how hard Symantec tries...

    I have an old laptop with NAV Corporate Edition that I'm trying to re-use but clean off (some of the apps need to stay due to lack of install disks).

    Attempting to uninstall prompts for a password, presumably designed to prevent users disgusted with system performance from simply uninstalling the root cause of their disgruntlement.

    Fortunately, Symantec put a registry key in:

    HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\Administrator Only\Security\

    aptly named UseVPUninstallPassword

    Changing the hex value from "1" to "0" removes the password requirement.

  5. #5
    Registered User
    Join Date
    Dec 2005
    Blog Entries

    exactly the same stuff with Trend Micro

  6. #6
    I saw a .dll in a project once that had a function named HasProductBeenPurchased, and return a bool.

    In their defense, they did an MD5 sum of the .dll from the main app.

    This was a protection that they used on over 800 applications, and the same search and replace would fix them all.

    It seems that the code that called the .dll was probably in a library, so the bytes were ALWAYS the same.

  7. #7
    Naides is Nobody
    Join Date
    Jan 2002
    Planet Earth
    In (grin) defense of the protectors. . .

    If you have never taken a dive into assembly language ,
    and the mysterious ways a computer works,
    you get to believe that your cluelessness
    Is shared across the world. . .

    If a vendor said
    your software is protected
    you believe it most be true
    Like everyone else,
    believes what they say in Television,
    The radio news,
    in School,
    The Bible or
    in Church

    Like when they say, in advertisement
    You will be happier
    and sexier
    If you drink that can of beer
    or smoke that cigarette brand

    believe me,
    people are deceived
    and conned
    In much more serious matters
    day and night
    (just take a look at the news these days)

    Do you really think you are safe,
    When you lock your door at night?
    Do you think nobody
    Will get inside your car,
    If you close those windows
    made of fragile glass?

    Safety is an illusion
    based on that tacit agreement
    called the social contract
    gullible humans believe
    we made in the far past

    Not to Fuck each other

    too hard.

    (Hey dELTA, what about smoking pot and reality reversing?? )

  8. #8
    Have you considered that THIS might NOT actually be reality?????


  9. #9
    Quote Originally Posted by JMI View Post
    Have you considered that THIS might NOT actually be reality?????
    I pray for that every day.

  10. #10
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Ring -1
    Blog Entries
    Quote Originally Posted by naides View Post
    (Hey dELTA, what about smoking pot and reality reversing?? )
    Haha, I was already about to comment on it even before I saw that last line of the post.
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

  11. #11
    Quote Originally Posted by naides View Post
    Do you really think you are safe,
    When you lock your door at night?
    Just something that might get handy...

    I love the editors
    I want to know God's thoughts ...the rest are details.
    (A. Einstein)
    ..."a shellcode is a command you do at the linux shell"...

  12. #12
    When I was in the military, one of the classes I was given was on "methods of entry." The instructor had a large plexiglass (clear) door in a frame on wheels with 26 locks and a slide chain on it on the inside. While he gave his lecture, he picked all 26 locks and opened the slide chain with a piece of tape, a couple of rubber bands, and a bent paper clip. He then went through the door, looked at some "top secret" papers on a desk, then went back out, re-locking the slide chain and all 26 locks from the outside.

    The point of the exercise was to demonstrate that almost nothing protected by a lock is "secure" given the opportunity and sufficient time and that the main object of "security" was to attempt to make the process as difficult as possible so that one might have an opportunity to catch the "bad guys" or require them to damage the lock, so one would at least know it had been compromised.

    The problem is not that "they" know your plans and secrets. You can always change the plans, although some secrets one would prefer not to share.

    The problem is when "you don't know" "they know" your plans and secrets and you are relying on those plans or secrets for whatever purpose they are supposed to serve. For example, in the military, if they know where, when, and with what equipment you might be planning to attack, they have a much greater probability of defeating your attack, or at the least inflicting much more substantial casualties. Not a good thing if you are the one who is scheduled to lead the attack.


  13. #13
    Naides is Nobody
    Join Date
    Jan 2002
    Planet Earth
    Quote Originally Posted by JMI View Post
    Have you considered that THIS might NOT actually be reality?????

    Hey JMI, with all respect (you know I have for you)
    could you elaborate around this comment?

  14. #14
    YOU might be dreaming THIS whole scenario. On the other hand, I might be dreaming this whole scenario, including your asking ME that question. OR, we BOTH might be the figment of SOMEONE ELSE'S imagination and that person is dreaming US.


  15. #15
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Blog Entries
    Oh cool, can we get into another discussion on metaphysics?

    So anyway...

    René Descartes walks into a bar and orders a drink.
    He finishes the drink and the bartender asks if he wants another one.
    "Oh I think not" says René,
    and poof he disappears from existence..

Similar Threads

  1. Crypkey - Beating my head against the wall
    By PSGAMA in forum The Newbie Forum
    Replies: 1
    Last Post: May 22nd, 2014, 09:31


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts