Hello everybody,

I'm in the process of reversing/cracking a nasty regcode protection.

After a lot of tinkering with OllyDbg I finally found the "attack point".

The way I got there is interesting in its own self, with lots of SMC and jumps in the middle of instructions, etc, but it's not the subject of this request for help

To make a long story short (but hopefully comprehensible), the target makes a lot of shuffling around with the username and outputs 7 bytes.

Then it takes the regcode, which apparently must consist of 25 characters chosen among an alphabet of 32, which makes for a total of 125 bits (25 chars * 5 bits/char); from the regcode a new output sequence of 115 bits is calculated.

Each output bit is calculated starting from all of the 125 regcode bits and a sequence of 7876 hardcoded bits (the first output bit is always calculated using the same 7876 bits, the second one uses a different sequence of 7876 bits which anyway is fixed and so on... hope this makes sense, in total a fixed sequence of 115*7876=905740 bits that is hardcoded into the program is used).

Every output bit is calculated as follows:

out_bit(x) = ( sum_for_i_0_to_7875 of (sequence_bit(x,i)*regcode_seq_bit(i) ) modulus 2

where i = 0..7875

sequence_bit(x,i) is the 7876 bits sequence used for the xth bit

regcode_seq_bit(i) is a sequence of 7876 bits calculated from the regcode as follows:

regcode_seq_bit(0)=1

regcode_seq_bit(1..125)=regcode_bit(0..124)

regcode_seq_bit(126..7875)=a sequence of bits representing the products between the 7750 possible unique pairs of regcode_bits.

Then, only 42 bits of the shuffled username are compared to the corresponding 42 bits of the out_bit(x) sequence, and the regcode is considered valid if they match.

The question is: I totally understand the matching algorithm, but HOW DO I GENERATE A VALID REGCODE?

I'm not very deep into maths/cryptography and the like, but as I understand it I have 42 binary equations with 125 unknowns (i.e. lots of degrees of freedom); the problem is the equations are nonlinear (because of the regcode_bits products) so a simple matrix solver is not viable.

Is this a standard/known keygen check scheme?

Is there a known way to generate the regcode?

I'm going to try with a brute force type of approach but I'm not very optimistic.

Any idea is greatly appreciated!

-- Bitman

## Bookmarks