eXeLab
eXeL@B ВИДЕОКУРС !

ВИДЕОКУРС ВЗЛОМ
выпущен 8 октября!


УЗНАТЬ БОЛЬШЕ >>
Домой | Статьи | RAR-cтатьи | FAQ | Форум | Скачать | Видеокурс
Новичку | Ссылки | Программирование | Интервью | Архив | Связь

Русский / Russian English / Английский

Сейчас на форуме: (+2 невидимых)
 · Начало · Статистика · Регистрация · Поиск · ПРАВИЛА ФОРУМА · Язык · RSS · SVN ·

 eXeL@B —› WorldWide —› Bypassing Turboactivate protection
Посл.ответ Сообщение

Ранг: 1.2 (гость)
Статус: Участник

Создано: 14 февраля 2016 02:57 New!
Цитата · Личное сообщение · #1

Hi, sorry if my question is basic but I'm a beginner and would appreciate the help. The program I'm trying to crack (https://mega.nz/#F!QQtAFaba!4ReQPlzKKJoezkIIFV_jWA) uses turbo activate as protection. Theres a lot of different different modules which makes it quite difficult for me. I've tried using tutorials to guide me but the complexity makes it hard to block all the checks. I was hoping for some guidance as to how to crack this, thank you.


Ранг: 523.8 (!)
Статус: Участник
_Вечный_Студент_

Создано: 14 февраля 2016 04:14 · Поправил: 14 февраля 2016 06:25 plutos New!
Цитата · Личное сообщение · #2

Since you are not asking a specific question and not showing anything you have accomplished on your own as far as cracking this protection, I suggest that you go here:
https://exelab.ru/f/index.php?action=vthread&forum=2&topic=23172&page=30
and place a request.

Ранг: 14.3 (новичок)
Статус: Участник

Создано: 15 февраля 2016 19:33 · Поправил: 15 февраля 2016 19:44 artkar New!
Цитата · Личное сообщение · #3

The only way - is to replace all calls to TurboAktivate for yours. Reverse TurboAktivate this is very long. I managed this. In brief, you have to isolate the TurboActivate from the main application.

Ранг: 1.2 (гость)
Статус: Участник

Создано: 18 февраля 2016 06:27 New!
Цитата · Личное сообщение · #4

Sorry for not being specific before, i thought it would be useless. What I've been trying to do is alter the integers on the stack but I'm having difficulty following the opcodes. To replace calls to turbo activate, is there a specific opcode i could use?


Ранг: 523.8 (!)
Статус: Участник
_Вечный_Студент_

Создано: 18 февраля 2016 07:11 · Поправил: 18 февраля 2016 07:12 plutos New!
Цитата · Личное сообщение · #5

Ryan writes:
To replace calls to turbo activate, is there a specific opcode i could use?


If you do not want a call to happen, just replace it with NOPs (No Operation). On Intel x86 CPU family it is 0x90 hex.
It can be different on other CPUs, so look it up.

I really hope I understand your problem correctly and give you the right advice.
But in general, I would suggest getting better understanding of assembly language and processors.

Not sure I understand the part about "integers on the stack". What are you trying to do there?

Ранг: 14.3 (новичок)
Статус: Участник

Создано: 18 февраля 2016 11:40 · Поправил: 18 февраля 2016 11:46 artkar New!
Цитата · Личное сообщение · #6

Ryan writes:
Sorry for not being specific before, i thought it would be useless. What I've been trying to do is alter the integers on the stack but I'm having difficulty following the opcodes. To replace calls to turbo activate, is there a specific opcode i could use?

You must intercept the returns from TurboAktivate. Either through the interception or to write your TurboAktivate. I have done the interception. In my case, I changed the values of the following procedures TurboAktivate:
IsActivate,
IsGenuin,
GetFutureValue. Maybe something more. The protected application works with the returned data, here you need to sweat for it

I also changed Turboaktivate.dat to correct. Because it is necessary give the code for checking of the license

Data of the successful activation are stored in:
C:\ProgramData\icsxml
C:\ProgramData\DIBsection\
C:\ProgramData\ms-drivers


Good luck.

Ранг: 1.2 (гость)
Статус: Участник

Создано: 18 февраля 2016 15:56 New!
Цитата · Личное сообщение · #7

artkar writes:
In my case, I changed the values of the following procedures TurboAktivate:
IsActivate,
IsGenuin,
GetFutureValue.


When u say change values, do you mean changing the values when it compares values? Also what do you mean by change turboaktivate.dat to correct?

Added later 0 minutes
plutos writes:
Not sure I understand the part about "integers on the stack". What are you trying to do there?


Sorry, i mean where the program uses things like ldc.i4.0 and compares strings i was trying to change these values so a wrong serial would work and right serial wouldn't? But i think i have the wrong idea.

Ранг: 14.3 (новичок)
Статус: Участник

Создано: 18 февраля 2016 21:47 New!
Цитата · Личное сообщение · #8

Ryan writes:
When u say change values, do you mean changing the values when it compares values?

No, you need to determine what values should be returned. And substitute theirs.
The most difficult is the function GetFutureValue

Ryan writes:
Also what do you mean by change turboaktivate.dat to correct?


You can download the trial version and activate it. But i was mistaken (It was a year ago, I had already forgotten), i did not succeed like this. When activated, the program data stored in the TurboAktivate.dat

Ранг: 509.2 (!)
Статус: Модератор

Создано: 19 февраля 2016 00:30 New!
Цитата · Личное сообщение · #9

artkar writes:
When activated, the program data stored in the TurboAktivate.dat


besides that, TA is an online based protection, so it'll ask for online check from time to time...
 eXeL@B —› WorldWide —› Bypassing Turboactivate protection

Оригинальный DVD-ROM: eXeL@B DVD !

Вы находитесь на форуме сайта EXELAB.RU
Проект ReactOS