Quote:
Originally Posted by Nacho_dj
TmC, it won't be keygennable* if it compares the hash of any key with a table of purchased hashes. Is there any kind of table containing those purchased hashes anywhere?
Best regards
Nacho_dj
* There exist tricks for that also...  |
Uhm...do you mean online or on disk? Because if on disk, for every definition update there should be included a database with all signatures and we have (supposing 1 milion users) 8 Mb with crc32 and 64 Mb with sha256...a bit too much.
What i know is that
Avast 5 reads the License File (license.avastlic) and checks if the Certificate section of the ini license file corresponds to the AWSign appended at the end of the file with the function DSA_FileVerifyWithSigCompare in the aswCmnBS.dll, loaded only when needed and located in the defs folder.
So the only two ways i see are to 1. patch the public key (general purpose patch since files are updated often) 2. binary patch to make sure DSA_FileVerifyWithSigCompare returns always that the license is good.