Hard cracking program

[Elsedai]

thanks. One day i remember reading a post and someone said his key witch was xxxxxxxxxxxxxx style. i will try the WPE and try to make any sense.

Well i found the pacet that askes for authentication and the answaer from server through the WPE.

[ande]

thanks. One day i remember reading a post and someone said his key witch was xxxxxxxxxxxxxx style. i will try the WPE and try to make any sense.

Well i found the pacet that askes for authentication and the answaer from server through the WPE.

If the answer is obvious, you can probably just replace the packets coming back

[Elsedai]

Thats the ASCII from send. Phrase "the key" is what i write as key. in this case i wrote "thekey"
GET /Authentification.php?HWID=0FB493DF&Seed=17825&Key=thekey HTTP/1.1..Accept-Encoding: gzip, deflate..User-Agent: tiehttp..Host: Auth.surrosoft.com..Cache-Control: no-cache..Cookie: __cfduid=d612058732aba7ab77d7b3f383747b2661323430410....

And thats the received
HTTP/1.1 200 OK..Date: Sun, 25 Dec 2011 11:57:24 GMT..Server: Apache..X-Powered-By: PHP/5.3.8..Content-Length: 0..Connection: close..Content-Type: text/html....

[ande]

Thats the ASCII from send. Phrase "the key" is what i write as key. in this case i wrote "thekey"
GET /Authentification.php?HWID=0FB493DF&Seed=17825&Key=thekey HTTP/1.1..Accept-Encoding: gzip, deflate..User-Agent: tiehttp..Host: Auth.surrosoft.com..Cache-Control: no-cache..Cookie: __cfduid=d612058732aba7ab77d7b3f383747b2661323430410....

And thats the received
HTTP/1.1 200 OK..Date: Sun, 25 Dec 2011 11:57:24 GMT..Server: Apache..X-Powered-By: PHP/5.3.8..Content-Length: 0..Connection: close..Content-Type: text/html....

I see. You could try guessing. But rather not Tried IDA? Its a very good disassembler, debugger, somewhat of a decompiler and code flow visualizer.

[Elsedai]

I use Olly but i will try IDA now to see things. If we make it i will feel like god :p

[Live Wire]

If using Windows screw their firewall. It's shit.
For sniffing traffic of a particular application get WPE PRO. Normally Wireshark does the trick, but you have to have a solid understanding how it works to see what you need.
I would recommend WPE PRO most of the time for that kind of task.

Don't know why I didn't think of that. Shit on me.

[Elsedai]

Any other ideas? i also know that the registration key will be recognized by my hardware id if i buy it. Is there any way to change the hardware id? I try to find with olly a way for not checking hwid so i will have the free trial all the time. Also i tried to find if there is somewhere the storage  for the seconds of trial lasts. Most changes made the program not to run. 

I found a way to do it. Its not a crack or a keygen. I just did some social phishing in a user of the program and i modified the packet i send putting there his hwid and key and the server thinks that its his pc. Even if i did that i would be gratefull if someone could make a keygen. Thanks for your help

[Swoosh]

Lol 

Nice to see someone attempting it, good luck. You are steering into wrong direction though - I do not use shitty harddrive serial number which can be changed with a hex editor. The way you are doing it currently will soon be fixed with new version.

Hint to you : Try hooking VirtualallocEX , Some protection code is injected into client at runtime and monitors Readprocessmemory/WriteProcessmemory and CreateRemoteThread Handles on Bot's Address space. It also checks number of threads, so, if you wish to inline it, you must first stop the injected code

Have fun - btw I use a private version of Safengine with changed Obfusication and other S-Boxes, so you will fail with generalized tutourials

Cheers

[Xploits]

-Pokes head in-
Heya Swoosh Hah I like this sites verification test, haha, would for sure keep away silly people, confused me for abit never seen any site do that haha, very nice :3

-Surrosoft

[nieratan]

Hi Elsedai, I am trying ot use the same program, and got to this forum and saw you were able to inject a response to your html request, can I can get what it would like so I can try to inject the same here?

[I_Learning_I]

Well I can tell you 2 things first:

1. Have you tied that bot yet? Or are you just believing the marketing?
2. Are you sure you want to do this? I've seen a hack for perfect world where you can fly and kill everyone in 1 hit...
3. Never seen a Delphi hack before lol

Also as much as I like everyone's thinking here I think you have some other easier ways to get this for free.

You can:
Crack it (locally)
Hack it(Server and had a key manually for yourself)
Share it(With someone that will pay for sure)

Even if it is a good bot I doubt the coder(presuming it's Swoosh) made a Assassin's Creed like protection system, which would need a permanent Internet Connection and always making contact.
Therefore it will be just a normal check once, and since you don't want to hack his server, you will want to simply edit the program so that it always returns 1. (Yes I'm presuming the Bot, the .exe itself has the code to Autobot and that info will not be transferred from server, which would be really stupid too.)

I will continue my post when I can...

[Swoosh]

Well, injecting into http will be useless, but you may certainly try it of course. Each login has coherency count embedded, you will see.

Anyways, nice to see some creativity.

As for I_Learning_I :

One kill? Uhm. There was never (even in first server released 2005) an exploit that enabled you to one hit kill somebody.

Let's leave out weather or not it's worth to buy my bot - you guys already decided that by posting here. You do not need a constant internet connection to protect your program against anything. I can tell you so far, the auth only takes place once. Internally, the licence is validated several times, even while botting, using an X.509 PKI to validate the core code and the licence checking code.

Keep going, I enjoy this thread very much

[nieratan]

Well I actually went to another side..  using autoit for what I needed. but Yes I used the trial version of the bot and it worths it.

[I_Learning_I]

Well, injecting into http will be useless, but you may certainly try it of course. Each login has coherency count embedded, you will see.

Anyways, nice to see some creativity.

As for I_Learning_I :

One kill? Uhm. There was never (even in first server released 2005) an exploit that enabled you to one hit kill somebody.

Let's leave out weather or not it's worth to buy my bot - you guys already decided that by posting here. You do not need a constant internet connection to protect your program against anything. I can tell you so far, the auth only takes place once. Internally, the licence is validated several times, even while botting, using an X.509 PKI to validate the core code and the licence checking code.

Keep going, I enjoy this thread very much

Swoosh it's not my objective to crack your tool, it's your option to make a paid hack and if someone asks how to crack a tool I give out the basic knowledge about it. As much as I like to help, in this case helping one will harm the other, therefore I will not crack your tool (you can see that I haven't gone in detail about it).
Anyhow if you're doing a local check your program is crackable, it might take 10000 bypasses, but at the end of the day it's possible.
I don't know about X.509 validation, had a quick look at wiki, but I don't know (in detail) how it works.

About that hack... It was real, it was also very private, search away you'll never find it, it has never been posted in any forums/website.

Good luck to the cracker and to the coder.