Hello Everyone


Need a little help with some math, I suc$ at math.

Workin on a VFP program got it decompiled found the password check looks easy but I dont understand the math and was hopin someone here would be good enough to explain it to a stupid person ( me ) . Dont know if its the math or VFP killin me . Here is the code

FUNCTION checkpassword
LOCAL nrAndom1, nrAndom2, npAss, nrEsult
nrAndom1 = INT((MOD(RAND(INT(SECONDS()*100)), 1000000))*1000000)
nrAndom2 = INT((MOD(RAND(INT(SECONDS()*200)), 1000000))*1000000)
thIs.doForm('\Shared\PassWord.SCX',nrAndom1,nrAndom2)
npAss = VAL(maInapp.foRmreturnvalues(1))
ntEmp1 = (INT((MOD(nrAndom1, (100)))/10)*(100000))+((MOD(nrAndom1, 10))* ;
(10000))+(INT((MOD(nrAndom1, (1000000)))/(100000))*(1000))+ ;
(INT((MOD(nrAndom1, (10000)))/(1000))*(100))+(INT((MOD(nrAndom1, ;
(100000)))/(10000))*10)+INT((MOD(nrAndom1, (1000)))/(100))
ntEmp2 = (INT((MOD(nrAndom2, (100)))/10)*(100000))+((MOD(nrAndom2, 10))* ;
(10000))+(INT((MOD(nrAndom2, (1000000)))/(100000))*(1000))+ ;
(INT((MOD(nrAndom2, (10000)))/(1000))*(100))+(INT((MOD(nrAndom2, ;
(100000)))/(10000))*10)+INT((MOD(nrAndom2, (1000)))/(100))
nrEsult = nrAndom1+nrAndom2+ntEmp1+ntEmp2
RETURN nrEsult-npAss
ENDFUNC


Any help would be great Thank you all so much!

looks like a timestamp mechanism there, or if it uses random val (such return val from main app), then u should be aware if it is a fake. anyway i think the key can be seen after function.

Thank you for the reply and takin the time to read this

What this program does I think is when you open the password screen it generates 2 random values then you put password in
Example

random1 xxxxxx
random2 xxxxxx
password ---------

I thought what it is doin is takin the sec and doin the math to get the 2 random values?? Then using the random1 to make the temp1 and random2 to make temp2 then adding them all up to get the result???

I tryed softice and disassemblin the exe with no results. In softice it will only break in the dll so I went this route with refox. Also I think the exe is encoded cause when you look at the files in refox most you cant make out but when you decompile and save it all makes sence. I hope this did Any help would be great !!

Thank you all so much

Notepad is your friend
After formating and converting "C"

and nrEsult is your password
--------------------------------------------------------------


for example if
random1 543210
random2 109876
then password is
543210 + 105342 +
109876 + 761908 = 1520336


Strejda

Strejda:

Thank you for your reply you are the greatest figured it out but not by the math I'm still a little lost. If you would be so kind as to see where I'm going wrong. I like to learn. I guess what I dont understand is the "%" I'll take the first line for and example

(((nrAndom1 % 100 ) / 10 ) * 100000 ) +

random1=543210

so

(((543210 % 100 ) / 10 ) * 100000 )

now is that 100 percent of 543210, divided by 10, times 100000

100% of 543210 is 543210/10=54321*100000=5432100000 ??

I know this is wrong the numbers end up too big sorry for being so stupid. I figured out from your example how temp1 is gotin but i did it by moving the numbers in random1 and it worked but i would really like to know the math how you got it. I know your probley very busy and I really thank you for takin the time in the first place to post, if I could have just a few more minutes of your time I would really appreciate it. There is no rush. just want to learn.
I have been working on this program on and off for 6 months, this is the 2nd happiest day of my life finally beat this sucker :P with your help ofcourse
btw the happiest day was finding this place and all the great people here

Again thank you

% is mod operation = remainder by integer division

103 % 100 = 3 etc

Thank you puzzled

I was so excited I completly missed that, boy I feel really stupit right about now! Anyways Thank you dion, puzzled and a big

THANK YOU Strejda

Have a great day !!!!!!!!!!!!!

Well it seems the password was the easy part, found another problem!

This program is able to be updated with CD's, it updates pricing, now the problem is it looks at the age of the CD if it is to old the program will not run. There is a ID file on the CD, what I tryed to do is copy the whole CD to the hd change the date on the ID file burn it all to CD, that didnt solve the problem. There are a lot of files on the CD with dates close to the CD date.

Any advise on this kind of protection ????

It is a VFP program seems to be encoded, I cant even find the message with the error in the program. I set break points in SI but always end up in the dll. Also if i back date the pc it runs fine the problem is, when it prints and invoice it would be the wrong date.

My next step is to change the dates of all the files on the CD but there is alot of them. Any ideas on how to do this easy???

Any help on this would be great thank you all