Is this true that no cracker in the world has yet cracked Code-Lock?
What famous programs use this protection, so I can check if itīs true?

Why not type it into google or similar search engine and find out? If it's so good, they are going to be using it on there own products...

Hi!

Hehe... Has Ryan gotten himself a new nick?! :P

No, it probably hasn't been beaten. But that is mostly due to its obscurity, I think... Go look at the forums at the main site... Kinda dead... and, have you ever heard of a target, using it? No... ?

Actually it was quite some time since the author asked a couple of newbies here to take a look at it. They did so out of the kindness of their hearts... And they beat it, down to one last feature... There was a lot of bullshit around that feature... Author saying they could test it and crackers saying it wasn't implemented... author saying, do it yourself if you are good crackers... Hrm... ??
And I guess they thought it was pretty ok... ...or they just got bored. But I don't remember so good...

That thread can still be found on fraviaMB.

The thing that puzzles me though, is, why haven't we seen ANYTHING since then? Hmm... Maybe vb-appers don't care, don't wanna spend their money or it's not ALL that?

I guess it might be hard to establish new protectors on the market? Especially if they are made in VB... However good it may be, it will still be looked down upon... ?

/Manko

Yes, that was my problem. I couldnīt find any programs using it, but it says that itīs been uncrackable over three years so of course was I curious.

Iīm a total newbie ( and will always be ) in cracking but these never cracked- things are very interesting.
When The SentinelSuperPro dongle was attached to 3D Studio Max 2.0, it took only seven days that some mysterious cracker, calling himself ForceKill, cracked it in seven days after five leading crackers gave up. I donīt know if it was hard to crack that time, but they say that never have they been so close of an effective copy protection.

Well, I've downloaded it. Notice that it's an OCX, seems to be for vb progs only, and that the main data creating prog seems to be protected by telock. At that point, I got bored.

dito vb and telock...

First, I have not used another nick.

Second, I am surprised my software is being mentioned again.

Now, why is it still not cracked?
To crack it, you must be able to crack a demo program. A demo program is a demo program. It simply does not have the functions in them. Have not heard of inserting functions/routines into VB apps yet, have you?

Secondly, it is not easy to break into an established market. I am slowly getting more customers but most prefer to stick to aspack/asprotect/armadillo.

Thirdly, the method of protection, demo-based, is not popular among software authors. Most prefer trial-based. This discourages users.

Also, it is more trouble to implement Code-Lock into a app compared to the 3 "protections" above. This discourages users.

Lastly, because I think like a cracker , I build my protection according to that. Just look at the comments above.
...main data creating prog seems to be protected by telock. At that point, I got bored.
A part of my protection. Not the packer per se as the protection but the reason why I use it.

dito vb and telock
My advantage that not a lot of crackers like cracking VB. I was one of the few previously.

To crack Code-Lock, you have to find a program, buy it, get the full version which is also protected and crack that. Most crackers stop at the first step.

For those interested, another program of mine called Slice-n-Save was converted to a demoware just for crackers to crack. Try it if you will. Of course, you will most probably think that it is not worth cracking a vb app.

Best regards to all the newbies
Ryan

>>>...main data creating prog seems to be protected by telock. >>> At that point, I got bored

>> A part of my protection. Not the packer per se as the
>> protection but the reason why I use it.

i'd personally say it shows a lack of faith in your own protection scheme, and using someone elses protection hardly makes it 'yours' now does it.. infact you could well have some legal issues from that.

>> dito vb and telock
>> My advantage that not a lot of crackers like cracking VB. I was >> one of the few previously.

thats hardly something i would be proud of

>> For those interested, another program of mine called Slice-n-
>> Save was converted to a demoware just for crackers to crack.
>> Try it if you will. Of course, you will most probably think that it
>> is not worth cracking a vb app.

who the hell is going to bother downloading a demo (presumably crippled) program, its a pointless exercise.. if you want people to crack (or try as you prefer to say) then give them something useful to crack as a reward, if the protection is so hard as you claim then you have nothing to lose have you?

as for breaking into the protection market, i would suggest that you use a language that is more accommodating to other programming languages, and possibly other operating systems.

Ah (/me gives a *deep sigh*).

I remember this 'ryan' thread from a long time ago ;-).

A thought from my good self to the community (don't flame me
for this one ;-) ).

Can we PLEASE stop all of the <VB is junk/crap/overbloated> ad nauseam kind of remarks, no-one is compelled to program in it / use it / sell your relatives for a copy, its irrelevant in the copy protection game anyway ..... besides which I'd wager a small amount of $ that most of the "VB is crap" rhetoric is from people who've never used it in their lives ;-), (forgive me if this is not the case since I'm not singling anyone out here) :P.

However, to repeat what I said before, to ryan :

1. I'm quite unclear what is so revolutionary about your protection system, if its only functionality is to remove functionality I frankly don't see the point of using it. Or I don't see what it offers people above the competition. Or I don't see how it helps you when the credit card fraudsters get themselves a
copy .....

2. I think the 'challenge' of asking people to crack unknown functionality in your own custom application is unlikely to float here and is unrealistic, in any reasonable application the time to completely reverse engineer and discover the intrinsics would equate to something less than 3rd world per hour labour.

3. Putting things like 'uncrackable' or 'uncracked after 3 years' kind of won't help you much imho ;-), I view copy protection as something like 'fence building', you erect them, but ultimately someone tunnels under, jumps over, or cuts through the middle, but perhaps that is your intention in order to battle harden your product.

Anyway, please give some of this your consideration.

Regards

CrackZ.

evlncrn8: You will never get it, so I won't bother explaining anymore.

CrackZ: Why are you always around when it comes to talking about this Code-Lock?




I agree.




It does more than removing functionality. I do not have to post a roadmap for all crackers right? When a fraudster gets a copy of the protected software, they will not be able to distribute it since it will not run on other computers.




Putting "uncracked for 3 years" etc is an exercise for my php skills, a marketing scheme, and a challenge to interested crackers.

As I mentioned previously, I will be extremely happy if someone can crack Code-Lock.

Best regards
Ryan

Append:
I think this thread should be closed/locked since no matter what is posted, no one will ever try cracking Code-Lock. In case anyone thinks this is another method of mine trying to get people to crack it, it is not.

It does more than removing functionality. I do not have to post a roadmap for all crackers right? When a fraudster gets a copy of the protected software, they will not be able to distribute it since it will not run on other computers.

....

so what if i registered the program, then wanted to uninstall it and install it on another pc?

as for not getting it. i do get it.. i just dont think much of it

i decided not to start a the 'vb is crap' thing .. (however i myself started icoding in vb 0vbdos at that time), then moved to vb windows, and i do consider vb as crap after seeing its limitations)

Anybody heard a story about John-difficult-to-catch?
(Because nobody wants to catch him )

>so what if i registerd the program, then wanted to uninstall it and install it on another pc?

If you think if its crap,don't buy or cracked it coz you are wasting your time and you are coding vb LOL

You guys made things clear.

So this comes up again ?


Here is the thing: I support Ryan with this protection, who cares if it's written in VB - that's the reason, because most crackers are too "righteous" to attack it. I'm sure when the first piece of high priced software comes out protected with it, you will change your tune. When that will happen of course, is another question.

As ryan mentioned, the main drawback to this protection is that it's demo only. To unlock the full version (which is actually in the same folder, but encrypted), you have to have the correct decryption key. So unless you are some crypto god that knows how to factor large primes instantaneously, you are screwed, no full version for you. I had no problem unpacking Code-Lock itself, and stepping thru the WTK debugger with it (it's written in p-code). Even was able to defeat anti-smartcheck, etc. But in the end it doesn't matter because the program that is protected is still only a demo. AND this is how it should be, most shareware authors need to learn a time trial is just not going to cut it, it's too easily defeated. A demo can never be defeated, unless you are so bored and cheap (more time than money) you use CodeSnippetCreator to add the functionality yourself (which really wouldn't be all that hard IMHO for some functions). So kudos to Ryan about this feature from me.

The real weakness however, of this protection, is that it's a DLL. (OCX), so once you get one good registered full version, you simply make a fake OCX that feeds the exe with the info it wants, and you are free to distribute. This defeats any checks, including computer ID, etc.

-nt20

A quick follow up from me, based on nikolatesla's post, comments cc to ryan.

If all CodeLock does is keep a locked copy of the program with some effectively irreversible encryption, then it boils down to a very simple conclusion in my eyes.

Either you are distributing a locked version of an application which CodeLock has a facility to 'unlock'/

Or you are distributing a demo which might as well not have CodeLock period since it truly is a demo.

If the former is the case (which by all my logical reckoning it ought
to be), then CodeLock offers nothing new.

In reply also :

"I do not have to post a roadmap for all crackers right? When a fraudster gets a copy of the protected software, they will not be able to distribute it since it will not run on other computers."

Sure you don't, but if you expect or wan't people to give of their
time to attack it you've got to have some goal indicating success or failure, if the challenge is 'go reverse md5' then you've proved nothing. I'll be quite terse on the 2nd point, there just isn't a way your code can run and not be defeated, however you think you've locked it to a specific computer.

Regards

CrackZ

Howdy,

So its Vb, big woop. Why does everyone keep bringing up this point ?

The really real deal with this code-lock is it has potential but,
me thinks someone is just trying to improve his image at the expense of all of you who respond to this.

Until it is provided with a "full" version, dont waste your time.
All you are doing is reversing demoware which is redundant.

We have been through this before, and we found no answer,
ever wonder why ?

CrackZ already told you.

OBC

I initially do not want to post any replies after my first post. However, after reading the reply from Crackz and Woodmann, I changed my mind.

I now offer Slice-n-Save free-of-charge to a few individuals who are interested in cracking Code-Lock.

As Slice-n-Save is protected by the full version of Code-Lock, just download it (for those who do not want vb apps on your computer, don't bother), install it (for those who do not want vb apps on your computer, don't bother), tell me the UserData based on your computer (it is shown when you click on upgrade).

I will give you the registration code free-of-charge. We can do this using the PM functions here, so you do not have to worry about me tracing back to you. Once you get the full version of Slice-n-Save, try cracking it.

There are many ways of doing so:
1) Code a Keygen for it (I have helped you by giving you a serial)
2) Make the full version run on all computers (I have helped you by getting you the full version)

If this still does not show you my sincerest wish to have you crack Code-Lock successfully, there is nothing I can do.

And to evlncrn8: Yes, I am very proud that I can crack VB very well, so well that at one point of time, some crackers think of me when they want to crack vb.

Sounds a bit like the the PACE system of challenge-response where you call them and give them something which pops up on your screen and they put that into their SDK or whatever one wants to call it (license generator perhaph is as good as any), it runs through the hash and out pops the rabbit, err, I mean the license.

I don't know much about vb, yet. Been spending way too much time with mySQL and php at the moment, as well as trying to make a living, but would give it a shot if your program can withstand the abuse of a noob. So unless you are holding this out for the l33TO, of which there are many here, count me in. Worst I can do is break my computer.

REgards.

Just go to my website and download Slice-n-Save. Do what I wrote above and PM me with your UserData. This is for everyone who is interested.

ATTENTION! ATTENTION!

DO YOU WISH TO INITIATE THERMONUCLEAR DESTRUCTION??

CONFIRM?? or DELETE??

Well gollyee, I'm game fur a try. Will download and PM, but don't know exactly when I'll get "cracking" so to speak.

Thanks. Learning new stuff is always good.

Damn your page loads alot of crap. I know you have to pay for your webpage, but geeeeeeezzzzzz.

Regards.

.........
tell me the UserData based on your computer (it is shown when you click on upgrade
..............

hmm somehow i dont want to do that, as im not sure what information you would be able to derive from said data.. call me paranoid but i aint sticking my head in a lions mouth without knowing what size its teeth are.

That's what you, as a cracker, should do. Find out what the UserData is. If you need the software author to tell you what is in the UserData, you might as well not crack it.

Just because he's paranoid, doesn't mean they're not out to get him.

Regards.

no perhaps i didnt make myself clear.. what i am asking is... are you able to obtain information about myself form said user data, like my name, information about my pc, my windows serial number, my hdd serial number and / or other personal information stored on my pc, because if so you are on VERY dodgy legal ground..

i will not enter into this little 'crack' my program due to the fact that you want me to run a program (yours) on my pc and then obtain a code from you so i can continue cracking it simply because i think your reasons are somewhat suspect..

Forget it then. Like I said after I read your first post. You will never get it.

nope like i said, i do get it i just cant see the point, problem being is why cant you make a 'crack test' version where it uses a geneic id/code/whatever for this test.

Reason is simple. I shall put it simply so that you can hopefully understand.

Code-Lock's protection is like that. A user who wants to register a Code-Lock protection app has to tell the author the UserData shown based on his computer. From there, the author can generate a serial that will only work on the user's computer.

If you want to crack Code-Lock (I am giving you the chance by giving you the serial that actually cost USD 10, and no cracker would actually pay for it), you should try out the REAL situation.

That is, you, give me the UserData, and I, will give you the registration code that will work on YOUR computer. Without the UserData, I will not be able to give YOU the serial since I have nothing to start with.

Understand?

Drop it Ryan, he has some troubles to understand ;=)
A shit load of protections does this, its usually called hardware
locking feature, but oh well.

If he is stupid enough to put his real name and shits on his puter, that's his problem..

As for your contest, im going to give it a try.
Will message you later.

Regards,

HopCode

Remember to write a tutorial then.
It sounds very hard, you will be honoured.

Can you answer a simple question of whether or not Codelock contains any malicious code whatsoever ?

It does not format/fdisk your harddisk.

Edit: It does not send data to anywhere else.

He meant like some programs sending personal data to certain server

Interesting observation...

After all the whinging about not getting a full version to test/crack, I have offered my software (full version) free-of-charge for crackers to try.

Yet, there are no takers now.

Relax Francis,

There have been some of us who have downloaded.

I have a question..........

What will you do when your protection has
been broken ?
We know that if it is difficult enough no one will
bother with it but, what if it really can be keygenned?

Have you thought about the ramifications of this ?

OBC

My name is Ryan.

Anyway, the purpose of me approaching this forum as an author a long time ago is because I do not wish to sell snakeoil like bi-tarts, asprotect etc. My aim was to see if it can be cracked at all with the current technology and tools. (Don't tell me everything can be cracked, I know that too.)

So, if my protection can really be cracked, I will:
1) stop sales until it is improved
2) improved it, think of better ways etc.
3) Improve my own cracking skills.

It is always a race between the author and the cracker to see who is laughing at the moment.

what about the price? lower maybe ppl would consider especially code-lock

Hi,
the price is set at $200. However, it is virtually selling at $99 most of the time. Occasionally, it gets to $50 like this month. Reason is because I found that with a sharp drop in price, you will get people buying. If the price is always the same, no one is interested. If I were to keep it at $50, I would not get the same number of sales as I would have if I drop it to $50 occasionally. Some sort of marketing scheme.

Ryan

Reminds me of the constant race between Lunar_Dust and the makers of Armadillo , regarding DilloDumper...


-nt20

No snake oil you say? So when are you posting all the documents on design an implementation details?
Maybe you should learn what snakeoil means before telling crap like this. Ofcourse it's snakeoil, nothing more.

The only feature that goes against it is the use of some cryptographic keys large enough to stop forging/bruteforce attacks which I assume you use that will be used for decryption when making demo's into full.
If you really mean that your product is not snakeoil then you are not worried that people know how it works down to smallest detail because it won't affect security. Do you also claim your product security is the same whether or not people know everything about how it works?

Comming with such statement are just as brainless as the ones from the Armadillo guys who says one of the most important things about protection is debugger protection (which unfortunatly lasts no more then 5 min for any fairly experienced crackers).
This is just foolish and you are making a fool out of yourself by saying such.

What makes your product non-snakeoil?

// CyberHeg

Cyberheg:

You didn't even look at it and assume you know its snake oil
snakeoil or not thats the final judgement.

>So when are you posting all the documents on design an
implementation details

Its a cracker's job to find out


Ps:Ryan didn't claim that its uncrackable

No, you're right I didn't bother look at it. It was enough for me to read his website, download his program and read the docs and see what other people say about it.
I've done enough research on this topic to know what the real deal is. But I don't say more then this since I don't want to tip people in what direction to go. In my research I went in directions currently not seen in software protection and it surprises me time by time that protection developers follows each others footsteps and choose the same path to fall over the cliff.

Somehow this reminds me of Joe cartoon:
http://www.joecartoon.com/pages/livenletdive/


// CyberHeg

sigh,you only read the book cover and juge it.just like when you claim I delete some ppls accounts LOL

Design and implementation details are on my website and in the help file if you have bothered to read with your eyes open. Maybe when I say RTFM, you will understand?

I am not designing a cryptographic algorithm such that it must be open to the public for scrutiny.

Snakeoil to me is if I claim that it is uncrackable. It is not. However, it has not been cracked yet.




Read above. I am not designing a cryptographic algorithm. I am not worried about people knowing how it works. In fact, I invite you to try cracking it and find out for yourself, a job that a cracker should do. If I were worried, the product would not be in the market at all. The safest network system is the one that is never up.



I did not say such. If you are interested in personal attacks go to other places. Or go to armadillo forum, not here. I have been stressing that the most important thing about protection, in the case of Code-Lock, is that the demo version of the protected software does not have all the functions.




Simple. I claim that it has not been cracked. Note: I did not say it cannot be cracked. Now, as long as you can't crack it, it is not snake oil and you are talking crap.

Hmmm so its just like any other app then...theres a place where i can add a serial to unlock it ?..

paul333

Ryan,

To confirm, you will consider Codelock cracked if:

1. A keygen (or serial generator algorithm) is understood and made

2. It is possible to install Slice-n-Save on multiple computers

3. If a serial is found to unlock the full version, WITHOUT subscribing to your PM?

Let me know of the same.

Have Phun

hmmm... thought this thread is forgotten. Damn...


To confirm, you will consider Codelock cracked if:

1. A keygen (or serial generator algorithm) is understood and made

Yes and no. You still have to find out the individual program's program code to generate a serial.


2. It is possible to install Slice-n-Save on multiple computers

Yes, if you are talking about the full version of Slice-n-Save.


3. If a serial is found to unlock the full version, WITHOUT subscribing to your PM?

If you "find" the serial using a fake cc, it doesn't count.

hi nikolatesla20


"you simply make a fake OCX that feeds the exe with the info it
wants, and you are free to distribute. This defeats any checks,
including computer ID, etc."

at the first time that u have try/Unpacked that app i saied :

"Actually sandworm, this is the approach I was taking. I was
creating a Code-Lock.ocx emulator. I wrote my own ocx which
responds with the appropriate answers"

Well Lets say that i have found a Serial (i didn't so dont ask how

can u share that OCX source ?

About the protection it self :

i asked around a lil about this protection (tnx Vag).
well ..its nice now that there is a good protection that can protect from Serial KeyGen, since it Encrypt the file in a Zlib !! it's like Cracking WinRAR Protected file with a paasword!!!
it's impossible but brout force it ..

But still there is no UnCrackable Packer i.e : ASPR , Armadill , SD2
etc....

so if there is someone that is Crazy about File Encryptions this is a target for u ..

Regards , LaBBa.

(P.S - just sharing what i know .. nothing more nothing less