#1
|
|||
|
|||
[ARMADILLO] 1 serial & 1 key - need input
I have successfully unpacked TheaterTek 2.06 which was packed with Armadillo.
The activation process is as follows: A Window pops open asking for the 1st serial#. In this box the cancel button is active.... however the OK button is ghosted out. If you enter in a valid serial# the OK button will become active. There is a check for a valid serial# within this routine as it is running waiting for input. I am trying to reverse this to help generate a valid serial# and then generate a valid key to make a keygen. (might change my mind if I can make a simple crack). I can bypass this window and make the program think it has a valid serial #. It tests EAX,EAX. If EAX=1 it's good. This routine is called about 6 times within the program (search all commands w/Olly). I modified the routine to output EAX=1 everytime. The program will now bypass the serial window and continue on. You can then see that it generates a unique number based on your system (Armadillo crap). The 2nd step of the activation is that you get a 9 (I believe... xxxx-xxxx) code which is used to create/check against a new key you enter in. The key is in the format: xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx. The OK box is RED meaning you have to enter in a valid code. Once you enter in a valid code, it will turn GREEN. There are other checks inside the program. Because the program is dumped the armaccess.dll functions are not there. There are at least 3 routines I can see.... VerifyKey, InstallKey, and UpdateEnvironment. Every time these routines are called they will exit with AL=0 which the program looks for AL=1. I can modify the routine but it's still not enough. I can get the program to run and play a DVD. However there is another problem. There is no audio for DVD playback. If a valid key is installed it will play the audio. The serial is not important for this function. There is another check somewhere or it isn't a check just a side affect of dumping the program. This is why I am looking into a keygen. I have a valid one for reference don't want to add it in the code so that it is blacklisted. If anyone has any input as to how I can get inside the routines (inside the windows checking in realtime if they are valid or not). I'm stuck on PeekMessage. I found the loop.... I was hoping to set a bp so that when a key was entered it would break. But can't find it "yet". Please help. -Malt |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Flushing input stream | Kerlingen | General Discussion | 12 | 03-29-2012 20:34 |