Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

Asprotected app, I have the key constants and a working key.

This forum focuses on analyzing malware and any aspects of dealing with packer protections.
Junior Member
Posts: 1
Joined: Sat Jan 18, 2014 11:18 am
Location: Tampa, FL

Asprotected app, I have the key constants and a working key.

Post by komplex »

I have a app that was protected using asprotect. The program uses web based registration which I managed to get a copy of the php script that calls the linux keygen. It uses 3 constants, the first one is 25 characters long, and the other 2 are 173 characters long. Both keys Have A-Z, a-z, 0-9, +, / so I am guessing they are base64, the first (short string) ends with == and the other two end with =.

From what I can tell, they pass the data to the keygen cgi app in the form of a url string like A=<const1>&E=<const2>&N=<const3>&ID=<hardwareID>&Data=<login>\r\n<registration name>\r\n<licensetype>\r\n<ibuttonid>\r\n<family>

I have a working key that was generated and its 174 characters long. Also since I have the program running, isn't there some way to just dump it from memory?