EvilZone
Hacking and Security => Hacking and Security => : xor May 27, 2015, 06:21:38 PM
-
YNAB is a very good piece of budgeting software. Below, I will outline a method of generating keys to use with Version 4.
YNAB comes with a 34 day full-featured demo, this trial period is easy to reset and extend, but you may want to trial the software a little longer by activating it fully before you decide to purchase.
Please remember, I am not responsible for what you do with the following information. If you like the software, and can see its value, please consider purchasing an actual license from the developers to support continued growth and development of the software.
The bulk of the application code is ActionScript within the main SWF. This code is much like Java, and also unobfuscated, making it easy to divulge secrets.
The bulk of the show goes down in com.ynab.managers.LicenseManager.
Here we can see the encryptionKey, the IV, and the encryption methods used.
The key string is a Base32 encoded, blowfish-CBC encrypted string.
Below is code that demonstrates how I generated the license files. I'm not entirely sure why the last four bytes need to be set to 0x4, but I assume it's because the implementation of Blowfish I'm using, isn't padding / unpadding the string using PKCS#5.
Anyway, a couple of working codes for you:
RA7AKFWQ7L8VLJBZGBCWUKKMH2
D993PU9ZLTC63A2PEHKJRQT3FW
GZQC424M8VLN59N4MQAN4QN83X
L5FMT9SWPAQHQDWFBTPM7SASRW
GQTMRZM3PR79AYDGAU6TFWGNE3
aaand the code
public static string encKey = "CHANGEDFORYNAB4WEKNOWTHISISN'TSECUREBUTIFTHEYAREUSINGAKEYGENTHEYWOULDNTBUYITANYWAY";
public static byte[] IV = { 0x91, 0x17, 0xCB, 0x3E, 0xD9, 0x7F, 0x57, 0x76};
...
var engine = new BlowfishEngine();
var cipher = new CbcBlockCipher(engine);
var bbc = new BufferedBlockCipher(cipher);
bbc.Init(true, new ParametersWithIV(new KeyParameter(Encoding.ASCII.GetBytes(LicensingManager.encKey)), IV));
var s = "145621;YNAB4;;;;";
var sb = Encoding.ASCII.GetBytes(s);
sb[sb.Length - 4] = (byte)0x4;
sb[sb.Length - 3] = (byte)0x4;
sb[sb.Length - 2] = (byte)0x4;
sb[sb.Length - 1] = (byte)0x4;
byte[] cipherText = new byte[bbc.GetOutputSize(sb.Length)];
int outputLen = bbc.ProcessBytes(sb, 0, sb.Length, cipherText, 0);
var o = bbc.DoFinal(sb, outputLen);
var encryptedLic = Base32.encodeByteArray(cipherText);
Console.WriteLine(encryptedLic);
Happy budgeting!
-- xor
-
you may want to trial the software a little longer by activating it fully before you decide to purchase.
That was cute, take sum cookie
I don't really see the point in using a budgeting software that can be fucked up this easy (or any other budget software, lol), but the whole thing provides some start into license cracking, so thx for sharing anyway
(Of course I'd never consider spreading malware with keygens. No, no, honest people just don't do that.)
-
It was the excuse some people gave on the torrent for the precracked version.
I have created a GitHub repository with the KeyGen source if anyone would like a copy.
https://github.com/XorLogic/CrackMesAndKeygens
-- xor
-
That's ballsy, hosting a key gen on github lol. Nice work though. I should package it as a torrent lol
-
Hello everyone, I was intrigue about this source code. I try it and I am getting an error that at " sb = sb + ValidChars[index]; "
An unhandled exception of type 'System.IndexOutOfRangeException' occurred in YNABKeyGen.exe
Additional information: Index was outside the bounds of the array.
can any one please explain in details what I did wrong? I will really appreciate the help, Thank you!
=========================================================
using System;
namespace YNABKeyGen
{
public static class Base32
{
private const string ValidChars = "QAZ2WSX3EDC4RFV5TGB6YHN7UJM8K9LP";
public static String EncodeByteArray(byte[] bytes)
{
var sb = "";
var hi = 5;
var currentByte = 0;
while (currentByte < bytes.Length)
{
int index;
if (hi > 8)
{
index = bytes[currentByte++] >> hi - 5;
if (currentByte != bytes.Length)
{
index = bytes[currentByte] << 16 - hi >> 3 | index;
}
hi = hi - 3;
}
else if (hi == 8)
{
index = bytes[currentByte++] >> 3;
hi = hi - 3;
}
else
{
index = bytes[currentByte] << 8 - hi >> 3;
hi = hi + 5;
}
sb = sb + ValidChars[index];
}
return sb;
}
}
}
-
Can you please post the input data that you were trying to use?
-
Sorry xor I am new into programming and self learning from books and articles on the net on my spare time... can you please explain what do you mean by "input data"
I am using M$ Visual studio to packaged the file using your source code and getting that message while in the process...
Thank you for your info and time
-
Sorry xor I am new into programming and self learning from books and articles on the net on my spare time... can you please explain what do you mean by "input data"
I am using M$ Visual studio to packaged the file using your source code and getting that message while in the process...
Thank you for your info and time
Input data is basically the words, numbers, or whatever you put in
-
Sorry xor I am new into programming and self learning from books and articles on the net on my spare time... can you please explain what do you mean by "input data"
I am using M$ Visual studio to packaged the file using your source code and getting that message while in the process...
Thank you for your info and time
Input data is what you give the input to the program.
Man you seriously need to know stuff before getting into this, an advice.
-
Hi, I just registered because I found this code through some google search and I wanted to see if this code works.
I had the same issue with the IndexOutOfBounds Exception.
I changed this line
sb = sb + ValidChars[index]
to
sb = sb + ValidChars[index % 32]
and got rid of the exception and I tested a generated key and it worked.
I have no clue what this program does but I thought might aswell share it ;)