Hi!

I've been trying to understand how a particular target application checks for a valid serial number during installation. I was able to isolate the DLL which gets called (available here (http://ul.to/gk6foyv1)).

As far as I can tell, the installer calls to DLValidateSerialNumber_Var and passing pointers to the result code (0x00 if ok, 0x7d2 if not) but somehow, the algorithm is quite freaky.

I've already discovered that the total length of the serial needs to be exactly 22 characters and that it should start with FP90 but the rest remains unclear.

Is someone able to bring a little bit of light into this?

The target's full name is PTI FusionPro 9.3

the target using Blowfish encryptor for serial. follow below site for manage cryptographic
http://www.cryptopp.com

Thanks for this information. Very valueable!

May I ask how you've discovered this? None of the signature / pattern search tools I've tried are showing any evidence of a (known) crypto algorithm.

Don't forget good developer is a good RE. They protect at maximum possible sometimes insane scheme.... true not that many of this kind of people.

They protect at maximum possible sometimes insane scheme....

So you mean, "security by obscurity"? :eek:

All possible methods are some that even try format your C: if emulator detected.

actually, your file is compression file. can extract using compression utility.
after extract has 3 files inside. you can find blowfish.dll

some hint to accomplish:
get sample license, then do encrypt/decrypt using blowfish.dll

br