Inline patch or loader for Asprotec 1,24-1.3????

[Kyrios]

Quote:

PS: My next dUP version will support this MemCheck Method. so you can create
loaders for many asprotect apps.

Will it kill the days limitation and/or executions limitations? If not, it will be useless.


kyrios

[diablo2oo2]

Quote:

Will it kill the days limitation and/or executions limitations? If not, it will be useless.

well you have to patch yourself.for me this feature is usefull,so that i can make loaders for apps with process crc checks. many asprotected apps dont use days limit or execution limit from asprotect.a lot of authors code their own registration scheme.

this "limitation and/or executions limitations" which you mean are stored in registry. you can clean them:
http://diablo2oo2.di.funpic.de/downloads/DelAsprKeys.rar

anyway asprotect is not the only one protector which has process crc checks.

[Kyrios]

i saw inline patching on ASPRed 1.31 which is pretty amaze me how they did it. I'm sure they use blacklisted key because the program run fully registered.
Advanced MP3 Catalog Pro 3.16 for instance by sthepenteh (from Ressurect team).
Another one is Astonshell 1.9 by someguy (from underPL?)
Any tool or tut will be definitely usefull for everyone else. Ofcourse tut is much more precious.


kyrios

Will it kill the days limitation and/or executions limitations? If not, it will be useless.

don't pretend a loader maker or patch maker will do everything for you.. you most find the bytes to crack the app. at the end that's all you want.. you can kill, by finding the needed bytes, time execution or time limit for any asprotect app. without any special option... have use of debugger and some dead code analisys.

i saw inline patching on ASPRed 1.31 which is pretty amaze me how they did it. I'm sure they use blacklisted key because the program run fully registered.
Advanced MP3 Catalog Pro 3.16 for instance by sthepenteh (from Ressurect team).
Another one is Astonshell 1.9 by someguy (from underPL?)
Any tool or tut will be definitely usefull for everyone else. Ofcourse tut is much more precious.

there's some new method or tool they use for asprotect 1.x-2.x
and it looks they don't even need OEP for the inline patch.... just the bytes to crack the app..... still haven't seem any info. about this maybe it's private and maybe noone who knows it will make it public to make hard time To Alexey

[BetaMaster]

there seems to be a weekness in crc checking of aspr'd programs in the protectd/encrypted data not the code.

some crackers enject code in that area, which makes a call to certain address in which they place the required instructions.you can trace the decompression/decryption routine to see what to enject to get the required call to that address.

examples of aspr'd targets that were attacked by that method are iso commander 1.5.052,1.50.060, reget deluxe 4.1.241 (twice by tsrh and digiratti).

[bedrock]

I spoke with stephenteh of team RES via PM to ask him about aspr method, which he also used on Gene6 FTP server, he told me he learnt method from cracks that revenge crew used hxxp://revenge.crackdb.com/ but ther is no info on there web site.

I looked at Gene6 patch, it only seems to change 4 bytes, plus change section length to include registration data, it looks to me like the encryption has broken somehow, caus the 4 bytes decrypt to different code after aspr decryption.

i am still looking for more info on this method

--
bedrock

[BetaMaster]

Quote:

4 bytes decrypt to different code after aspr decryption

of course that's the main idea.all you have to do is to hack the loop where the data is decompressed/decrypted, make some changes at the end of the loop, which makes the process continue for certain bytes until they reach the desired values.