#1
|
|||
|
|||
ckinfo+ rev.1
I made some modifications & corrections.
* Mistyped constants are corrected. * New section (0x10000 size) for inline code & constant pairs is added to keep compatibility back. * inline codes written to address 045B000. * constants are written to address 045B600. I have just replaced the constant pairs in previous release. It means, I did not keep the original constant pairs which were using for old versions. This time, the program is diverted at 3 places to new codes & constants. Now, it works for all versions (up to 7.8). The new section size is quite enough for future modification & addition. 0040388D CMP DWORD PTR DS:[EBX],20 <- first constant pairs 00403890 JB 004037D6 00403896 MOV EAX,DWORD PTR SS:[ESP+20] 0040389A INC DWORD PTR DS:[EAX] 0040389C CMP DWORD PTR DS:[EAX],20 0040389F JB 004037D0 <- second constant pairs 004038A5 POP EDI <- could not be decrypted 004038A5 JMP 0045B0CA <- divert it to our new code @control_1: ; 45b0ca cmp byte ptr [@counter], 2 <- for future version purpose jne @f pop edi pop esi pop ebp xor eax, eax pop ebx retn @@: push eax xor eax,eax mov al, byte ptr [@counter] <- counter add eax, 1 mov byte ptr [@counter], al <- increase it pop eax mov dword ptr [eax], 0 <- we will try with new constants. therefore, set it to zero jmp 004037D0 <- try again When ckinfo cannot decrypt, we diverted it here and counter is set to 1. Now, it is time to use new constants -> 00402DC3 CMP EAX,60000003 <- divert it -> JMP 0045B0FA 00402DC8 JNE SHORT 00402DD3 00402DCA MOV EDI,DWORD PTR DS:[ECX*4+43F008] <- one of constant pairs 00402DD1 JMP SHORT 00402E01 ... @part_2: ; 45b0fa cmp eax, 60000003 ; original code jne @table_6 @table_5: cmp byte ptr [@counter], 0 ; is counter set ? jne @f ; yes, use new constant MOV EDI,DWORD PTR DS:[ECX*4+43F008] ; no, use old JMP 00402E01 @@: mov edi, 045e756 ; new constant pairs imul ecx, ecx, 2C ; distance between constants jmp @goback_2 ; @goback_2: sub edi, ecx ; find the new constant JMP 00402E01 ; go to original code There are totally 8 constant tables. Just, look to new codes for details. I would like to thank to "thewd" again for awesome tool "ckinfo". It is designed perfectly, therefore it deserves to be inlined / saved for new versions of Crypkey as much as I can :-) Regards, raduga_fb March 25, 2015 |
The Following 15 Users Gave Reputation+1 to raduga_fb For This Useful Post: | ||
alekine322 (04-20-2015), b30wulf (03-25-2015), besoeso (03-25-2015), canopus (03-30-2015), conan981 (03-25-2015), jump (03-27-2015), kjms (03-25-2015), MarcElBichon (03-25-2015), mr.exodia (03-27-2015), niculaita (03-29-2015), nikkapedd (03-26-2015), orfei (03-27-2015), sendersu (03-26-2015), uranus64 (03-25-2015), winndy (03-29-2015) |
#2
|
|||
|
|||
Could someone upload to another server? uploaded.to or mediafire.
thanks in advance |
#3
|
|||
|
|||
Yes, May someone please upload to another server. This tool is fantastic! I just wish I could download it from here rather than another server.
|
#4
|
||||
|
||||
there must be probably a good reason why this tool is not uploaded on public server.
Deserve to download it |
The Following User Says Thank You to b30wulf For This Useful Post: | ||
giv (09-24-2015) |
#5
|
|||
|
|||
Can download this tool from lavteam.org, free to register.
What a shame this community has become this way... |
#6
|
|||
|
|||
b30wulf, I appreciate your contributions, I have the original tool and ckinfo+ just not the new revision that is posted here.
I also have one of the first programs that used crypkey protection. A program called Flowcheck, written by Kenonic Controls. Which was purchased by Emerson. The protection was poorly implemented in Flowcheck, and can be completely removed with a single byte patch. I understand where you are coming from with your post saying "Deserve to download it" I try to contribute where I can, and I do contribute on other message boards with help for others to patch programs for learning. plcforumn.uz.ua is one of these boards. Unfortunately, there are much more skilled contributors to this forum then myself and I am still learning. Cheers |
#7
|
|||
|
|||
the people here deserves "sharing"
Code:
http://www.mirrorcreator.com/files/0ZZM4MAK/ |
The Following User Says Thank You to FnZnL! For This Useful Post: | ||
ontryit (03-04-2016) |
#8
|
||||
|
||||
My point is not to be selfish, when I say deserve to download, I want to force you learn and contribute. I love this community very very much and seeing how its growing with script kiddies that wait for ready made solutions im sick of thet.
Attachments have download access level for a good reason.... |
#9
|
|||
|
|||
b30wulf, I agree with you in that respect. My skill level is not nearly where the main contributors of this forumn are at. But I do try, and I do, occasionally succeed. I have learned much from this forumn.
I learned a lot about FlexLM, CrypKey, and Wibu Dongle. I've discovered tools like multikey, and ckinfo. I learned about .Net reflector from this site and others, and have succeeded in reversing licensing on a hardware device by forcing the software to Decrypt a license file locked to an SD card and display the decrypted XML for editing before encrypting it again. All using Reflector and Reflexil. I was able to upgrade to bigger SD cards in my device in this way, as well as turn on options. Unfortunately the projects I have worked on are for hobby only and specific to applications I use, so they are not very popular or worth sharing. I do respect the reversing community and the contributions they make. Any way, this has gone off topic. Raduga_FB, Thank you for your contribution! It is appreciated. |
The Following User Gave Reputation+1 to psgama For This Useful Post: | ||
TechLord (09-25-2015) |
#10
|
|||
|
|||
How to get option and level £¿
|
#11
|
|||
|
|||
It depends on the program you are reversing. It could be easy, or the option and levels could be dynamic, You must follow out the code and see what levels or options are being looked for.
|
#12
|
||||
|
||||
Options and Levels
It's quite easy to get these values. When you run the program for the first time it creates the 3 License files, and an ngn file which contains the User and Master Keys. The SiteKey, in particular, gives you the Options and Levels, so you have nothing to worry about. It seems to be invisible these days so you need a program like 'everything' to actually find and read it. You now have all the info you need to create a ckinfo script to feed into ckinfo and create any SiteKey that you want. But first you need a SiteCode which is particular to your PC and generated by the program afresh (it is time dated) each time you want to create a new license. It is now usually obfuscated, so the only problem you have is deobfuscating the SiteCode! There's the rub!
__________________
0z0n3 |
The Following 2 Users Say Thank You to daqstar For This Useful Post: | ||
backdoor_b (08-17-2017), ontryit (03-04-2016) |
#13
|
|||
|
|||
@rooky2000
There used to be an IDA signature file for crypkey function, that would surely help you in placing bps on the right addresses to get the levels and options. I'm not sure if it has been recently updated though. |
#14
|
|||
|
|||
Ckinfo source will released at https://github.com/thewd-hub/source/
|
The Following User Gave Reputation+1 to FoxB For This Useful Post: | ||
user1 (06-06-2017) |
The Following 6 Users Say Thank You to FoxB For This Useful Post: | ||
backdoor_b (08-17-2017), niculaita (06-06-2017), uranus64 (06-05-2017), user1 (06-06-2017), user_hidden (06-07-2017), zeuscane (06-06-2017) |
#15
|
|||
|
|||
AccessData CodeMeter Dongle Emulator/v1.04 inside.
|
Tags |
ckinfo, crypkey |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Where can I find the newest version ckinfo? | ycloud | General Discussion | 1 | 03-04-2016 12:22 |