ccntv2
December 14th, 2002, 21:31
Some body have try defeat the protection of the ISS Realsecure 6.5?
Thanks
Thanks
View Full Version : ISS Realsecure 6.5 iss.key protection
Woodmann
December 14th, 2002, 23:33
Hi,
Now why would someone want to play with a software
that is used to protect servers ?
I can only think of two reasons and one of them is someone
is really bored and has mastered all the other protections.
After further review, it takes an incredible amount of time
to try to get an evaluation version. Someone who is bored would not go through all the bullshit to get the software.
Now, you dont need to justify why you have the software.
Try to include something more to your post like:
IT IS PROTECTED BY.........
YOU HAVE ANY CODE TO POST.............
IS IT EVEN USED ON WINDOWS SERVERS............
¥OBC
Now why would someone want to play with a software
that is used to protect servers ?
I can only think of two reasons and one of them is someone
is really bored and has mastered all the other protections.
After further review, it takes an incredible amount of time
to try to get an evaluation version. Someone who is bored would not go through all the bullshit to get the software.
Now, you dont need to justify why you have the software.
Try to include something more to your post like:
IT IS PROTECTED BY.........
YOU HAVE ANY CODE TO POST.............
IS IT EVEN USED ON WINDOWS SERVERS............
¥OBC
r4g3
December 14th, 2002, 23:45
shit ! what a kewl avatar !
¥OBC
can i get one to use with my nick ? please please .... what must i do for it ?
¥OBC
can i get one to use with my nick ? please please .... what must i do for it ?
ccntv2
December 15th, 2002, 00:48
First:
Well, I not want that no body loss the time trying to crack the program :-). Only want to know is somebody have try crack it.
I am trying to search what protection it have becouse a want crack it.
I now that other program of the same company (ISS Internet Scanner 6.21) have the following protection and use one similar iss.key file:
---------------------------------------------------------------------------------
Keyfile is in base64. After it's converted to base256, it (except last 10 bytes) gets decrypted with Blowfish using XOR of last 10 bytes with MD5 value of some hardcoded copyright string. Last 10 bytes of the key must be equal to MD5 value of decryption result. The
decryption result contains another Blowfish key, along with one more
MD5 digest and DSA signature and public key. Also it contains one
more encrypted buffer. This buffer gets decrypted with BF key 2, then
the hash is taken and compared to the above MD5 value. If they're
equal, then DSA signature for this hash is verifyed. If it's valid,
routine continues. Last decrypted buffer contains key chunks, each
(quite) of them contains small header with chunk type, customer
number etc. along with chunk data and (again) DSA signature and public key. If signatures are ok in all chunks (this time they're
verified using SHA-1), the key is nearly acctepted, but the following
checks has little to do with cryptography.
DSA is used with 512bit large prime. Only P, G and Q are hardcoded in
the executables. Public key is in the keyfile.
-----------------------------------------------------------------------------------
I am trying to find if this protection is similar to the ISS Realsecure 6.5.
Second:
Is not dificult download the software of the www.iss.net and It can run in workstation too not only in server. of couse i know the blackice
but i want ISS Realsecure becouse a want protect several machines.
Well, I not want that no body loss the time trying to crack the program :-). Only want to know is somebody have try crack it.
I am trying to search what protection it have becouse a want crack it.
I now that other program of the same company (ISS Internet Scanner 6.21) have the following protection and use one similar iss.key file:
---------------------------------------------------------------------------------
Keyfile is in base64. After it's converted to base256, it (except last 10 bytes) gets decrypted with Blowfish using XOR of last 10 bytes with MD5 value of some hardcoded copyright string. Last 10 bytes of the key must be equal to MD5 value of decryption result. The
decryption result contains another Blowfish key, along with one more
MD5 digest and DSA signature and public key. Also it contains one
more encrypted buffer. This buffer gets decrypted with BF key 2, then
the hash is taken and compared to the above MD5 value. If they're
equal, then DSA signature for this hash is verifyed. If it's valid,
routine continues. Last decrypted buffer contains key chunks, each
(quite) of them contains small header with chunk type, customer
number etc. along with chunk data and (again) DSA signature and public key. If signatures are ok in all chunks (this time they're
verified using SHA-1), the key is nearly acctepted, but the following
checks has little to do with cryptography.
DSA is used with 512bit large prime. Only P, G and Q are hardcoded in
the executables. Public key is in the keyfile.
-----------------------------------------------------------------------------------
I am trying to find if this protection is similar to the ISS Realsecure 6.5.
Second:
Is not dificult download the software of the www.iss.net and It can run in workstation too not only in server. of couse i know the blackice
but i want ISS Realsecure becouse a want protect several machines.
Woodmann
December 15th, 2002, 01:51
Quote:
| but i want ISS Realsecure becouse a want protect several machines. |
oooooooooooooooooooo........... bad answer.
That is stealing that is bad bad bad.
Besides I have never seen anything about that soft on this
site.
¥
(Anyone can use the avatar but, you must be L3e70
LAter, Woodmann
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.