CENTURY LAN ANALYZER VER 1.22b
(Another Timelock fiasco)
by The Undertaker
(22 August 1997, slightly edited by Reverser)
Courtesy of Reverser's page
of reverse engineering
Well, another Timelock fiasco... why
should anyone still use such a stupid protection scheme beats me
CENTURY LAN ANALYZER VER 1.22b [ WIN95 VERSION ]
by the THE UNDERTACKER -=BANDA=-
Once, while studying in the R&D lab, I found a very good network
analyzer called CENTURY LAN ANALYZER. This is a very good protocol
analyzer, the best I have ever seen.
But unfortunatly it comes with a 30 day trial version, which I believe
can be an interesting target for our studies.
In fact this software has been protected using the infamous TLOCK32.DLL
(Time Lock) with its "unique key" generating facility.
You can get this interesting software at www.shomiti.com.
The protection scheme is very weak: it uses the KERNAL32!LSTRCMP
function to compare user input & correct string.
Each time you install the softwarea new "unique" registration number will
be generated. To complete the crack we need to defeat the registration key
OK, so now Lets RoLL WiTh IT !!!
Load Your Beloved :- Soft-Ice for Windows 95 ver 3.01.
In the purchase window, right down REGISTRATION NUMBER --
REG - 269535306778
Once you are in The Registration Window, enter Softice & put follwing
(In addtion to the breakpoint below you may also put GETWINDOWTEXT)
Fill something in the Unlock Code window & Click OK.
you will land on the LSTRCMP Funtion
XXXX:1000133A CALL [KERNAL32!LSTRCMP] --> Trace into this Process until..
XXXX:BFF77150 CALL BFF71247 --> Trace into this Process until..
XXXX:BFF71265 CALL BFF78592 --> Trace into this Process until..
XXXX:BFF7866F MOV EAX,[EBP+18] Process Once..
D EAX ------------> YOU GOT THE UNLOCK CODE.
In SoftICe memory window you can see the real the UNLOCK CODE.
Now write down the unlock code.
Yet we are not done!
This unlock code is only valid with the
current registration number. For every new installtion a new registration
code will occur. Due to this you unlock code is valid only with
current installation. Clearly an "unclean" crack.
To avoid the problem here is the solution.
In \WINDOWS directory there is a file called COAGL.TDK. This file
conteins the registration code (12 digit) you may feel free to change
the registration code directly inside the COAGL.TDK file.
Once the time for a new installtion comes, change the registraion number
in the COAGL.TDK file & put the correct Unlock Code.
(I am too lazy to write a key genarator for this stupid protection
scheme beacuse this method works perfectly :-)
Happy packet snippering !!!!!
My thanks to reverser!
****** REVERSE ENGINEERING LIVES FOREVER ******
THE UNDERTACKER -=BANDA=- /Sri Lanka/
(c) The Undertaker 1997. All rights reserved
You are deep inside reverser's page of reverse engineering,
choose your way out:
Is reverse engineering illegal?