Page 1 of 1

Crypkey - Beating my head against the wall

Posted: Wed May 21, 2014 10:19 pm
Hi Guys, So I'm trying to learn the ins and the outs of Crypkey protection in an application. I've read most of the previous posts on the subject.

I've used ckinfo successfully in a previous version of the same application and generated the key options required just by pure chance, as they Key level was 1 and the options were just 1 through 5.
Now in the newer version of the application, using ckinfo 1.14 to generate the keys just gives me an error -2 when I enter the site keys I create using the same key levels and options.

A little background on me.
I'm operating ollydbg 1.0 with plugins at a beginners level. Have patched a few apps. I have also managed to dump and emulate a couple superpro dongles with other applications as well as modify a variable on the key dump to allow more options in the application.

So, I know in order to find my key levels and key options, I should be attaching olly to my target.exe and/or the crp32002.ngn file when its running. But olly doesn't seem to be attaching correctly to the target.exe
I can attach it to the NGN file, and using ultrastring reference plugin I find some spots in the NGN code where getlevel and getoptions are referenced. Breakpoints on these items are never called

Note, If I don't push Play in olly right away after attaching to crp32002.ngn, when I bring my licence page up after resuming, the trial license seems to be killed and displays as no license until I restart the application. So there must be some kind of timer involved between the crp32002.ngn and crypserv.exe to detect debuggers.

Now, I haven't any experience in creating sig files in IDA and can't seem to find one online for crypkey 7.0+ to use against my target.exe in ollydbg. Is there a link to the SDK that is not dead?

Any tips or advice on how to continue would be appreciated.
Please see attached.
Link to target DLL can be made available upon request.
I believe its being protected by crypkey

Thanks from a noob to the RE scene.

Posted: Thu May 22, 2014 9:31 am
Also, I can't seem to find where the trial sitekey is stored. Should this be in my NGN dump? If so I should be able to parse it into ckinfo and get the key level information that way?