Log in

View Full Version : No matter what there is always another way


gabri3l
April 21st, 2004, 16:21
I have been working on a program that is used to view an infobase. The infobase is protected by a corresponding license file. The license allows/restricts you from viewing past a certain date, seeing certain sections of the text, printing, copying, exporting (to a pdf for example). I first started by trying to enable all the grayed out menu items. Then i figured that would be too much work there had to be an easier way. Well there is: included with the program is another one that lets you update/upgrade your license file. You update by calling the company, giving them your generated challange number and then putting in the one they give back to you. You can now view the file for another 3 days. Well, i wanted to do more than just see it for another few days. So it seems that if you log in as a administrator with the right password then you can edit the license. You choose admin from the drop down box of allowed logins and then type the pass. All in all, it turns out that with all the protection, put into this program there still existed one little flaw. Using a resorce editor I changed the drop down box to a text box. Type in a name that doesnt exist and no password. As the program does a check my name which doesn't exist has a password that doesn't exist aka: null. my null field in the password box is the correct pass! funny enough it logged me in with complete administrator control. it now allows me to edit the license file. Just thought that this was a unique way of cracking this security feature. Has this sort of thing happened to anyone else?

disavowed
April 21st, 2004, 17:59
nice solution. maybe it'll help inspire some of us veterans to think outside the box more

heman
August 22nd, 2009, 09:38
I am dealing with the same issue you did, and I can't figure out how to change the drop down menu to a text entry box. (my infobase version is 4.6)
Using PE Explorer, the nearest I seem to get is in the syntax editor after looking at the export viewer, and finding RM_LCFLoginA called from RmSrv4.dll
Double clicking on the call results in the attached screenshot.

Any advice?

D-Jester
August 23rd, 2009, 11:40
Thank you for resurrecting a 5 year old thread, wouldn't a Private Message to the OP have be more ideal?

SiGiNT
August 24th, 2009, 22:15
The box in the background says export viewer, so you can't change anything, what the original thread author used was a resource editor - you can probably find a dozen free ones - my experience gives you a 50/50 chance of the proggie running after a major resource change.

SiGiNT