Log in

View Full Version : Sheriff acudata


Kilby
May 31st, 2002, 10:38
OK folks heres an interesting perspective on an Sheriff acudata protected target.

Inksaver from hxxp://w0w.strydent.com/

Using the sheriff api I harvested the 4 secret codes as discussed last year, these are listed below.


Product ID: 9758-3050-1918-9292-6466

Secret Code 1: 0763-1985-3207-6621
Secret Code 2: 1854-2076-4198-7532
Secret Code 3: 2482-1593-2604-4927
Secret Code 4: 3739-0628-9517-9618

However it is still not possible to register because the app dosn't present you with an unique user code (as Sheriff call it).

I am assuming that the function SLS_GetMachineSignature in SlSapi.dll is the appropiate item to use to generate the appropiate user code.

As it would be a bit crap to use the whole acudata package to release a keygen, has anybody out there figured created a keygen for acudata protected apps ?

Perhaps this is not a good target to choose with the lack of the user code being made available, and another target should be chosen ?

Anyway this protection is so crap I would like to do a bit of work on destroying it, so any REAL info on it's internal workings would be apprectaied

By destroying I mean an essay with the thing laid bare, would be my preferred choice.

Regards,

Kilby...

+SplAj
May 31st, 2002, 14:18
Hi Kilby,

I remember that laughable protection from the eEye Iris thread a while back, LOL some uber l337 rce god made a nice report
he chooses the swimming pool and sun bathing these days

So, I have a solution to try. DAMN (Ivanopolo ?) made 'real' keygens for eEye targets. So get them, unpack and study them. Then all should be easy ?

Back to the match...Senegal 1 France 0 right now oh um

CYA

Spl/\j

Kilby
June 1st, 2002, 14:40
K will look at those, as I I don't thin it would be too hard to remove the 4 (so called) hidden keys from the .exe

Acudata is actually worse than the bitarts stuff it's just so laughable.

BTW have you tried installing the latest version of crunce from Bi-Tarts, it won't install unless you create the install directory before running the installer Hehehehe.

Anyway I have just downloaded Frotz CE, so I'm off to play some infocom adventures in the park

Atleast Ireland managed a draw.

Kilby...

foxthree
June 1st, 2002, 15:40
Hi Kilby/+SplAj guru:

He he nice one on Sheriff's protection scheme.

BTW, I tried this on I*i* 3.80 (latest) by eI Man is tE! tough. But not tough enough ... BTW, Laurentino has not implemented the CreateMutex stuff here. One less thing to worry abt

Some things that I found are:

There is no need to bpx any APIs for getting the secret codes. Use any decent RAM Viewer (such as WinHex) and you'll see all the four secret codes right next to the Product ID. What shit!!! They don't even decrypt/destroy it on-demand.

I managed to generate a key for I*i* vis SLSAPI.

Kilby, all you'll have to do to avoid shipping the entire SDK is to download the static libraries (thanks Sheriff ) and link it with your VC++ application to generate the keys. Nobody would even know that you're using SLSAPI's internally . Infact, there will not even be a need to "ship" the SLSAPI.dll as the calls are statically linked in your keygen App. lol

Crypkey was far tougher than this

BTW, I wouldn't be doing justice if I didn't say this: Thanks +SplAj guru for your "funny" write up... or should I say "RCE God"

Signed,
-- FoxThree

PS: I borrowed your subject for this post. Hope you don't mind

foxthree
June 2nd, 2002, 14:50
Hello:

On another interesting side note:

The first two xxxx-xxxx of the Secret key codes for the I*i* and the InkSaver product are "identical"

For InkSaver:

Secret Code 1: 0763-1985-3207-6621
Secret Code 2: 1854-2076-4198-7532
Secret Code 3: 2482-1593-2604-4927
Secret Code 4: 3739-0628-9517-9618

For I*i*:

Secret Code 1: 0763-1985-xxxx-xxxx
Secret Code 2: 1854-2076-xxxx-xxxx
Secret Code 3: 2482-1593-xxxx-xxxx
Secret Code 4: 3739-0628-xxxx-xxxx

Does this mean the first two parts of all SLS keys are the same? What gives ?

Signed,
-- FoxThree

Kilby
June 3rd, 2002, 12:00
The keys also start the same for the demo app supplied with the accudata sdk too


Kilby...

evaluator
June 3rd, 2002, 17:15
Hello, foxtree!

You missed in Iris one THING!

If you have DEMO downloaded from ...
so it is DEMO, e.g. you can find & calculate any
correct SLS-key, but Demo not become registered


***********
Don't use search,
Don't read FUQ

foxthree
June 3rd, 2002, 18:49
Hi Eval:

Yes, indeed. I did notice that. No graphs, no stats . Laurentiu I think gives a "demo" only version always with no code. Or am I wrong?

Anyways, my interest was in Sheriff Protection Scheme which alas, not seem a match for us

Signed,
-- FoxThree