Originally posted in TOTT

Hi Guys,

Need some help

First off
Target http:\\www.rebis.com
Under Support/Security Rebis Security Manager.

Things i know so far.
Uses Crypkey and each package in the software has different master/user keys.
Version cryp95e.dll present and used.
Reblock.exe is exe used for calls. Able to trap with w32dasm and examine.

What i would like help with
I would like to use the SiteKey Generator that is supplied with the SDK for Crypkey to Create licenses for this product. If i enter the site key for the product into the SiteKey Generator it tells me it for another company.

Have worked out that each client has a companynumber and passnumber. (I Have found these - part of Ckchallenge)

What i want to do is rekey the sitekey generator for my companynum/passkey so that it will generate the codes correctly so that i can register each component as i like.

I would rather a keygen than a hack since continous upgrade/patchs will make me hack again and again. Plus multiple hacked over 18 applications each with their own codes/keys

Any help is appreciated.
rcecd_request@yahoo.com

Bump

Come On i need some help here

No one done a Crypkey generator software????????

The software is available and ready for download from the web site.

Anyone else working on crypkey.

Unpacking a CrypKeyed prog is a 5-minute task, while keygenning it may cost several days or more.

So why don't we choose the easier way?

Crypkey is not just a packer. About a thrid of the apps that I've seen use it have it included as regular library/dll calls. Unless you're good and experienced at keygens (especially crypto), stick with patching.

Regards,
Kythen

yes Kythen you are right. I forgot the other Crypkey formats.

Guys

I can't patch because of checks and other little things that have been coded into software. Simplest way to bypass security is to generate the right code.

Also alot of licenses to crack for (18 Applications)

Plus everytime i upgrade i need to do this all over again.

What i need to do is use a keygen for this that has options for each module.

I have the SDK for crypkey which has a keygen for their examples which is hardcoded to their example codes. I want to modify this so i can use it for any company/product codes.

Kythen : your right i'm not a keygen crypto person THATS why i asked for help.

TIA

Checks and other little things? Sounds like more fun, not a reason to stop!

Regardless, what I would suggest trying is patching the crypkey dll's themselves, not your target app. Make an emulator of sorts, much like you would for a dongle protected app. I believe CrackZ used such a method in one of his tutorials, so you may want to check that out for examples. You shouldn't have to modify the emulator much, if at all, between upgrades of your target. Only when a different version of crypkey is used will a major change be needed.

I'm sorry if this isn't the answer you're hoping for, but I really believe that one should try and take things a step at a time when learning cracking. Just jumping in over one's head more often than not leads to little understanding and mostly discouragement, and my goal is to help ppl... not lead them into some false sense of understanding.

Cheers!
Kythen

Hello Peterg,

I am Rebis user. I have generated keygen for it. But it was old style (homemade) protection. The new one is Crypkey.
I am still not moved to new Rebis products. But Crypkey solving will be interesting in the future. Some scenarios:

Scenario 1. Historical retrospective
1. Is Crypkey keygenned sometime? Yes by mr.Duelist (Core) - "Crypkey Instant 5.x include keymaker". Good.
Crypkey Instant is protected with Crypkey of course. This keymaker is suitable to ALL Crypkey protected software (with the same release). Good.
2. As it always happens - Rebis uses newer Crypkey version. Bad.
3. What inside the Duelist's keygen? Look into cr-ck50.exe. Compiled with Intel compiler 4.5. Wow, SSleay library (v.0.9.x) ! Heavy crypto? Bad.
You can find SSleay source, build it, generate Flirt signatures, apply signatures to IDA disassembled code. Seems only basic big number routines inside (mod, exp,...). Not so bad.
4. So how the Duelist's keygen worked and what is changed in Crypkey new version?...

Scenario 2. Guess-work attack
Crypkey allowes key moving. Idea is key info substitute (in process memory) when key is decrypted from old place, but still not encrypted to new one...

Scenario 3. SDK investigations
You have SDK for Crypkey.Nice! There are variants...

Best regards,
CDotic

Nice to see someone else who has or will have same problems as i do now

A few notes.
Duelist Keygen doesn't work at all for products that require options. Rebis makes you select different options therefore never have been able to use duelist keygen.

Crypkey found out about the keygen and modified their system to ensure the keygen didn't work.

I think the SDK is the way too go.

I have found company number/product id and site code but need to modify the site keygen to use it correctly.

If you need the SDk can point you in the correct direction

Hello Peterg
CYM
Regards