Cracking VideoSoft #1 - Using RegMonVideoSoft has been around for a while and they make relatively good controls. But they are also a good example of weak licensing. They have taken a weak model created by Microsoft and then implemented it incorrectly making it even weaker. If you look at the HKEY_CLASSES_ROOT\Licenses key you will see a bunch of keys that look like CLSID's. These keys should contain encrypted values that represent the ActiveX control's license string. The basic idea sounds good--a meaningless value buried in the registry--and they even used the word "encryption". That means it must be strong, right? Yes, except that the encrypted value itself is the license string (as opposed that value after being unencrypted is the key). That string is exposed in several places (as I will explain in the future). But to make matters worse, VideoSoft doesn't even use a value in this registry key but rather use the key itself as the license string. But first I need to explain how registry licensing works. What a registered control does is create a new key for itself in the registry and puts a value there for later reference. Then when an ActiveX container (such as Visual Basic) requests an instance of the control, the control looks at the registry to see if you are a licensed developer and if so it gives you a registered instance of the control to work with (also giving that license string so that it can be compiled into the app). If it doesn't find the key, then it either gives you an error or pops up a nag screen reminding you that you are using a demo. And thats where RegMon comes in. If you don't have RegMon, get it as it is crucial to ActiveX cracking. You can download it from www.sysinternals.com. Here's how it's done:
You will see a line something like this: OpenKey HKCR\Licenses\6d38c680-802f-11d0-8822-00001b4d5dfb NOTFOUND Since it was a demo control, it shouldn't have found the key. This is a giveaway to how the control is licensed. It is not looking to see what that key contains, it is just looking to see if that key exists. But wait, it couldn't be that easy could it? Yes, using Regedit.exe just make the key that it was looking for and try putting the control on a form. Sure enough, no more nags. Now you can properly evaluate the control without all the pressure of the nag screens. You know, it is kind of like going to a car dealer and there aren't any salesmen, right? Anyway, this crack is so easy I am almost embarrassed for VideoSoft. The same method works on everything they make. And to make things worse, there is even an easier way than this to crack their controls. But I'll save that for the next tip: CRACKING VIDEOSOFT - METHOD 2 (The easier way). Until then, play around with controls and see what you get. And later I'll explain how to do more advanced registry cracking using SoftIce.
|
|
Copyright ©1998 .sozni, all rights reserved. This information must not be duplicated or reproduced without express written permission by the operator of this web site. Disclaimer: This information must only be used for academic purposes to study different licensing techniques and must not be used to infring the copyrights of these companies. It must not be used to pirate software or encourage software piracy or to engage in any illegal activity. All instructions are provided as-is and are not supported by either the software producers or the owners or operators of this web site or anyone else for that matter. Before using any of these licensing techniques you must first get approval from the softare producer and/or have already purchased this software. Please refer to the Terms of Use for more information. All trademarked names are registered trademarks of their respective companies.
|