About this tutorial:
Tutorial:Keygenning ImgViewer/32 2.43(Another approach) Target:ImgViewer/32 2.43(http://www.arcatapet.com) Tools:SoftICE 3.24(this is a good software, worth buying) Date:12th February 2000(Last updated on 21 November 2000) Descriptions&Comments:What I am showing is not a straight forward keygen for ImgViewer/32, instead, I will show you how to use the artificial intelligence(hehe) of a cracker to do a keygen using another approach(or call it way or method as you like). This is a nice graphic program, do register it, you will get all future updates for free once registered. Protections:Name/Serial, Nag, Keygen, Key File(not really!) Disclaimer:This file is used for educational purposes only. Any misuse of the information presented here is not my responsibility. Copyright information:This tutorial is copyright © ManKind Starting words:
|
The process:
Introduction:
First of all, let me tell you a little about the protections of this
program. The main protection is name/serial. Once registered, a file with
the name of Iv32_reg.key will be created and the registration name in crypted form is stored in that file. So, basically, this program doesn't use key file as its protection as written in the .nfo files of many cracking groups who released the cracks for this program. However, this protection really do look similar to a simple key file protection. You will see why later...
Part one:Easy way of locating correct registration code
This is another very easy crack. Run ImgViewer/32, open the About/Register(Shift+F1)
screen, press the Enter Reg Code and enter the following information in
the registration screen:
Name:ManKind
Serial number:23199981
Go into SoftICE, set a breakpoint on hmemcpy like below:
bpx hmemcpy
Leave SoftICE, press the Ok button, SoftICE will pop up, press F5 once
to let SoftICE read the text in the second text field(we have two), press
F11 once to return to the caller, press F12 11 times to go out of the current
calls and finally you will reach the following code: :00472AB8 MOV EAX,[EBP-18] ;; you land here
:00472ABB LEA EDX,[EBP-14]
:00472ABE CALL 004081F4
:00472AC3 MOV EAX,[EBP-14] ;; move fake serial number into eax
:00472AC6 MOV EDX,[EBP-10] ;; move real serial number into edx
:00472AC9 CALL 00403E40 ;; compare routine, do 'd edx' here to view
the real serial number in the data window
:00472ACE JNZ 00472B2C ;; jump if not equal to 00472B2C
You see why I say its simple? Do the following command at address 00472AC9 to view the real serial number for your name in the data window:
d edx
The real serial number for the name "ManKind" without quotes is 55345460746(please do not distribute this serial). Try to register with the serial number. It works...
Part two:Examining the so called 'key file':
If you are in the ImgViewer/32's root folder and are fast enough to
switch from the ImgViewer/32 program to the folder once you register, you
will notice that a file with the name "iv32_reg.key" without quotes is
created. Let us examine the so called 'key file'. Open it with Notepad
or any other text editor. Below is the file's content(originally with quotes):
"astu~~nzljReqMjnc"
Can you tell me what does the above means? My very first guess is that our registration information is encrypted in some form and is stored in the file. I can tell you one thing for sure. My guess proofs to be true. However, my brain is not intelligent enough to see how's our registration information is encrypted, so, I choose to use the old-but-effective method, trial-and-error method. By editing the characters of the above string one by one, I found the following:
1. The "(the first character in the string) and the "(the last character
in the string) can be deleted but cannot be replaced by other characters.
2. The a to j(astu~~nzlj) characters must exist and cannot be replaced
by other characters, as these are used to differentiate between a valid
and invalid 'key file'.
3. The characters starting from R to c(ReqMjnc) is our registration
name in crypted form. They are in order, for example, R(crypted) represents
M(uncrypted). Name can be blank.
You can edit the 'key file', save it, run the ImgViewer/32 program and open the about screen to see whether what I wrote above is correct or not. We only have to concentrate on our crypted name now. Below are what I found out about our crypted name:
1. the length of the crypted name is same as our uncrypted name.
2.
Uppercase alphabets: | A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
Uncrypted name: | M a n K i n d |
Crypted name: | R e q M j n c |
Lowercase alphabets: | a b c d e f g h i j k l m n o p q r s t u v w x y z |
I think it is clear now that I don't need to continue any further. In the following part, I will present you with a Turbo Pascal keygen source and explain it in detail.
Part three:Keygenning(explained)
Well, you are here again, presented with a keygen's source. This time, I code the keygen myself(congratulate me, hehe). I included full(almost) comment on the source, unlike my previous sources, so hopefully everyone can understand it. I compile it on my Turbo Pascal 7.01 but the source might compile on other Pascal compilers.
Program keygen ; {Program name} uses crt ; {crt is a unit, this is similar to the include directive in c/c++, for example - #include var {variable declarations} counte, name1, i, namelen : integer ; username, name2, name3 : string ; keyfile : text ; begin
for i:=1 to length(username) do {this is a loop, it loops till i = length of name to encrypt the entered name}
name3 := '"astu~~nzlj' + name2 ; {this and below are required for a valid "keyfile"}
assign(keyfile,'iv32_reg.key') ; {assign the name of the file we want to generate to variable keyfile}
writeln('Your registration keyfile has been generated!') ; {inform the user about the creation of the registration keyfile} readln ; end. |
I hope you like this essay. That's all for now. Hope to see you soon on my next tutorial. As usual, contact me if I make any mistake, give me your feedback, comments, suggestions and opinions about this tutorial and my way of presenting it.
Extra notes:
There's really nothing special in this essay. The main ideas I want to tell you through this essay are:
1. don't always follow old ways.
2. be creative and inovative.
3. try to think different from what other's think.
4. try out new things and adopt them if they really good.
5. stick with old things and abondon them if they sucks.
Really signing off here...
Ending:
Thanks and greetz to:
+ORC, +HCU, Sandman, HarvestR, tKC, ytc_, Punisher, Kwai_Lo, TORN@DO,
CrackZ, cLUSTER, LaZaRuS, mISTER fANATIC, yes123, WhizKiD, Volatility,
ACiD BuRN, Eternal Bliss, R!SC, Kwazy Webbit, +Mammon, MisterE, Shadow, ^tCM^, WaJ, Borna Janes, Kathras, douby, Carpathia, Steinowitz, Lord Soth, Latigo, Lucifer48, NeuRaL_NoiSE, Fravia+, Latigo, Duelist, Alpine, flag eRRatum, Nitrus, +Frog's Print, Muad`Dib, Iczelion, Razzia, Warezpup, Bomber Monkey, llama and other crackers, individuals and organisations who have helped me, either directly or indirectly.
Service for Mankind
ManKind
mankind001@bigfoot.com