Hello,
While I'm trying to make a keyGenerator (a slip file generator) for JBuilder 7, I found that borland has introduced a digital signature to protect their prog.

Is it possible to reverse the verification process ?

(My question may sound strange, but as I am a newbie..!).


#included the Java class responsible for the verification (Verifier.java).

Thank You.

Hi,

it looks like a normal(not seeing any Elliptic Curve Params) DSA-Verification. Without the private key, no chance at all
Maybe you have to patch the public key in a[]; (Create your own one with the DSA-Params from a[])
If you dont understand what i mean, please read some good Crypto-Book about DSA! (try this: h**p://www.cacr.math.uwaterloo.ca/hac/)

happy reversing,
AdamA

Hi, gordon freeman, and all fellows.

I like to play with Java and, as I never need to build big applications, I am glad with JBuilder (free) Personal Edition. You probably know that JBuilder 6 Enterprise Edition has been cracked and a crack is avaliable. JBuilder 7 has been cracked too, but the crack has disappeared. So your work should be appreciated and I was expecting more replies in this thread.

As they didn't come, could you explain to me what is the function of this verify.class in JBuilder 7 protection process, and what is the relation with the serial number.

What happens if one replaces the verify class with :
flag = true
and recompiles it ?

Artifex

Of course, that only applies to keygens. You can always patch code...

Hi,
I don't know if this is the best thread to post this reply as is not 100% Cryptographics related. If not, please can anyone move it to another thread.

Borland use a file called "slip" to identify its products. The Slip file is made of 2 distincts parts : the enveloppe and the product info. The enveloppe main purpose is to identify the owner of the product and verify the integrity of the slip file. The productInfo hold all information about the product (version of Jbuilder, serial, ...). Here is the structure of such file :
********** Enveloppe Features ************
slip.isSilentImport : 1
slip.isImportable : 1
slip.isNodeLocked : 0
slip.isSessionLocked : 0
slip.PackageTitle : JBuilder 7 Package
slip.Protocol : 6
slip.Signature : 00000000000000000.......
slip.getOwnerLastName : Gordon
slip.getOwnerFirstName : Freeman
slip.getLicensedCompany : None
licensed.serialno : 0
********** Enveloppe Features *************

Number of ProductInfo : 1

****** ProductInfo Features **********

Platform : Cross Platform
SKU : Enterprise
Non-Commercial use only : No
Term : Unlimited
Product Label : JBuilder 7
Product ID : 1007
Serial Number
Key : 0 Platform Name : Cross Platform
Platform ID : 0
Product SKU Label : Enterprise
Product SKU : 2
Non Commercial Label : No
Non Commercial ID : 0
Term Label : Unlimited
Term ID : 0
Term : 0
Internal : 1
Upgrade : 0
Beta : 0
Host Bits : 585
****** ProductInfo Features **********

The following parameters depend on the serial Number : Key, Platform ID (and Name), Commercial propertie, Term ID (Trial or retail), Internal, Upgrade and Host Bits.
So as you can see, the same Serial Number can be used in the All JBuilder versions (Personal, Professional, Sybase or Enterprise Edition).
The class Verifier is used when verifying the integrity of the Slip File. This is a new propertie in JBuilder 7 that didn't exist with JBuilder 6 (making a keygenerator for JBuilder 6 was an easy work). Before verifying the Signature, the properties "e.Signature" is reset to 0, then the content of the file (class SignedSlip) is given to the method "verify" and the real Signature is compared with the expected signature :

public static boolean verify(SignedSlip signedslip, String s, int i)
where :
SignedSlip : Class Holder of the slip file.
s : This is e.Signature.
i : This is e.Protocol // Must be 0 for JBuilder 7.

My purpose was to make a keygenerator for JBuilder 7 not a crack. It's easy to make a crack by rewriting the class Verifier as follows :

package com.borland.sanctuary.lm.mgr;

public class Verifier {
public static boolean verify(SignedSlip signedslip, String s, int i) {
return true;
}
public Verifier() { }
}

and use the slip that i included. But it seems impossible to make such KeyMaker.

Thank you for your help.

Hi, gordon freeman, and many thanks for the informations.

Artifex

Hello again,
It seems that I forgot to put the enclosed Slip.

So here is the file.

Hi,gordon freeman !

That is too kind of you !
Delete it before I download it, otherwise you will be hit on the finger tips, even if it is your first slip

Artifex

Hi gordon freeman,
You uploaded file is a crack.This is a second time you upload this file.

C´mon esther, give the guy a break...
I liked his doenload anyway.
And what´s a crack and what´s not, anyway?
(What you doing next weekend?)

Hi fjrp2,
>So as you can see, the same Serial Number can be used in the >All JBuilder versions (Personal, Professional, Sybase or >Enterprise Edition).
>slip.getOwnerLastName : Gordon
>slip.getOwnerFirstName : Freeman
>slip.getLicensedCompany : None
>licensed.serialno :blah

The license serial no is this is not allowed posting in here.The zip file is quite similar to keygens...
I hope newcomers should read the posting guidelines before posting or uploading anything in here.

You wroteWhat you doing next weekend?)
worked

Okay, your right.
But don´t work that hard... it´s summer, enjoy life a little, and that

Thanks for swatting that crack, esther.

fjrp2: The reason the rule is so strict is because we've had legal troubles before: ISP got threatened by lawyers and dumped the site. We don't want any trouble, so we keep the board clear of cracks.

Also, this is a board for learning *how* to crack, and using someone else's crack works against the purpose of the board.

No problem Mike.Hope ya don't mind

regards

Okay Mike,


but imho, I think, probably lawyers would be more prone to be "examined" by justice than us, imho.

It's not the lawyers who seek us out, it's the shareware authors who read the board and then sick their lawyers on us.

That's true.

But think of this: aren´t lawyers intelligent enough to know when a client is rick and when he's "sick" (to use your same tarms)?

Imho lawyers are more to blame, because shareware programers are just coders, mathematics-related dudes, or so.
But they, the lawyers, thy know (or shoulkd) justice, so they are more to blame, imhp.

Don´t know if i've made my point clear.
[Maybe a good conclusion: some shareware programmers think like lawyers, but I've never seen a lawyer as clever as a coder Of course, imho.

Well, talk to +splaj and woodmann for details; I'm sure they'd be happy to show you their scars.

I wish I had that familiarity with them to treat that.

This is how I see it:
don´t let those guys scare you; most of the time the balance is on your side. I mean: justice is not such a thing that you can play with (or play with word with it, if tou know what I mean) like they do.

As fravia said once, I wish I could met a reverser-like lawyer, to know how to deal with them using their same tools (or 'words' if you prefer)

With the way the media blows up us people to be evil terrorists I dont think we have much chance. Listen to mike he knows, otherwise he wouldnt be the mod

Howdy,

The only people who complain are the trialw*re people.
In the past when some has complained we have complied and everyone was happy. And, some of the bigger software companies have complained and I have respected their wishes.

There just cant be any uploads of any patches, keygens or anything that can circumvent a protection by just doing cut and paste or "run the .exe in you folder named iamatheif". (you know what I mean)

Peace, Woodmann

And it is not the lawyers, companies have people who spend there full time job searching for this stuff.

Nice job:
all day with a computer!

I remember cracking JBuilder v3.0, v3.5, v4.0 and v5.0 when they came out. v6.0 looked like it was going to be a headache because Borland used some sort of cut-and-paste e-mail message method for their registration. You got an e-mail and just cut/pasted it into a window to register. I thought all hope was lost because the format of the message was unknown, but you could register the program in a different way, using the "old style" serial numbers, like xxx-x?#2-xxae (not a real serial of course). Borland changed the format of the code to something like xxxx-xxx-x?@xx and thus previous keygen code had to be rewritten.. but it was still possible to see how the serials were validated.

Since then, I haven't looked at JBuilder v7.0 because I can't stand the thing anymore; but look for other ways to get around the DSA scheme instead. Try looking for a way to enter in one of these "old style" serials (it won't be in the main program, but in a separate program, like a license manager). All of the old JBuilder key verification routines were found in the 'PrimeTime' directory when you unzipped the main JAR file. Run JAD on that directory and just have a look at the sources there. You might find another way in.