Scally6
October 25th, 2001, 12:53
Could use some help with this, please. It's a save/print disabled demo which uses a dll (cerber32) for a check on its keyfile. Although there is a register dialog which asks for two codes, I couldn't figure it & so am trying to rebuild the keyfile (The codes requested are a 'pin' which is numeric & less than 16 digits and a 'key', also less than 16 characters but can be numeric/character. Theres a check for len <10h)
The key file 'sig' (no extension) in the app's directory is zero length on installation & filemon looks for a file of 1k, so I created a file 4096 bytes long.
Using createfilea, I broke into the dll AT 100051AD. It moves the contents of the sig file into memory at 794240 with the code at 100021b8.
As far as I could see the sig file is only read into memory on prog load and not re-read when you try to use the unlock screen.
I've spent the last couple of days trying to work out how it decides that the keyfile is no good but haven't got anywhere except for depleting the rainforrests with all the paper I used.
The check seems to begin at 1000158d and moves chunks of the sig file around - There's a check for the first byte in the sig file being ff but I think it's looking for a number here. Judging by what flys around the registers, I think its actually looking for 24 (18h) numbers.
I've singled stepped through this dll & into the exe as far as the point where the handle (105h)for the demo splash is loaded (69h for the clean one) many times but I just can't see where I'm going wrong.
I seem to be getting nowhere so can someone give me some pointers please?
(The app itself isn't much use to me - it only seems to do what a lot of other progs of its sort do - but I'd really like to understand how it does what it does in the dll) It can be d'l at h**p://progenysoftware.com/downloads/genelinestrial.exe (2mb)
Tia
Scally
The key file 'sig' (no extension) in the app's directory is zero length on installation & filemon looks for a file of 1k, so I created a file 4096 bytes long.
Using createfilea, I broke into the dll AT 100051AD. It moves the contents of the sig file into memory at 794240 with the code at 100021b8.
As far as I could see the sig file is only read into memory on prog load and not re-read when you try to use the unlock screen.
I've spent the last couple of days trying to work out how it decides that the keyfile is no good but haven't got anywhere except for depleting the rainforrests with all the paper I used.
The check seems to begin at 1000158d and moves chunks of the sig file around - There's a check for the first byte in the sig file being ff but I think it's looking for a number here. Judging by what flys around the registers, I think its actually looking for 24 (18h) numbers.
I've singled stepped through this dll & into the exe as far as the point where the handle (105h)for the demo splash is loaded (69h for the clean one) many times but I just can't see where I'm going wrong.
I seem to be getting nowhere so can someone give me some pointers please?
(The app itself isn't much use to me - it only seems to do what a lot of other progs of its sort do - but I'd really like to understand how it does what it does in the dll) It can be d'l at h**p://progenysoftware.com/downloads/genelinestrial.exe (2mb)
Tia
Scally