|
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
|
Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source |
GSM Programming & Reverse Engineering Here you can post all Kind of GSM Programming and Reverse Engineering tools and Secrets. |
| LinkBack | Thread Tools | Display Modes |
01-29-2015, 19:05 | #1 (permalink) |
Junior Member Join Date: Feb 2007
Posts: 14
Member: 448308 Status: Offline Thanks Meter: 1 | [Warning Boxes] Freebies reverse, cracks around us. IDA is too far away and is unaffordable. Understand Olly, and that's it. Free. #2 No need to be expert on Olly as well, since there are tons of kiddo one click plugins spread on the net. There are so many LAZY gsm boxes coder that event don't know how to protect their application. Just count on compressor / packer + silly enveloper provided from token factory they think it's safe... no it is NOT. This is a serious issue who invest their money to buy box.. because i see some where, people sale "CRACK MEGA PACK in ONE dongle" Yes, like this click here http://usbtuyul.b l o g s p o t.com/2014/10/dongle-pse.html url given is just an example, don't mean else Suggestion to box producers: Pay good attention on DEBUGGING and RAM injection. This is the ONE-TWO-THREE method om RAM injection 1. Change app attrib on the fly Code: if CreateProcess(PChar('your-exe-target'), nil,nil,nil,FALSE,0,nil,nil,sz,proc) = true then Code: ReadProcessMemory(proc.hprocess,Pointer($POINTARGET),@ oldbyte,length(oldbyte),readbyte); Code: WriteProcessMemory(proc.hProcess, Pointer($POINTARGET), oldbyte,length(oldbyte),readbyte); |
01-29-2015, 20:10 | #2 (permalink) | |
No Life Poster Join Date: Jun 2004 Location: USA Age: 39
Posts: 1,142
Member: 67927 Status: Offline Thanks Meter: 108 | Quote:
The packers that are used cannot be cracked by any public script, unless an older version is used. Packers have a some anti-debug enabled, that can be bypassed but not by anyone. You also have to understand the packer before you can even being the debugging. Also, the cards in the boxes have a lot of algos for software function. So the software is useless without the box as it is missing certain functions. I am speaking from experience and I haven't researched anything about boxes for over 2 years, so I may be wrong. | |
01-29-2015, 21:21 | #3 (permalink) |
Junior Member Join Date: Feb 2007
Posts: 14
Member: 448308 Status: Offline Thanks Meter: 1 | Hi, Yes, we are aware about any complex routines on smartcard. But if we are talking about ram injection, then say goodbye to the complexity. Those people, who make the crack is for business purpose. They bought original stuffs, doing sniff, and then build the injector. They DOES NOT TOUCH the original exe. What they make is RAM redirection for targeted exe. They sold the cracks. This is insane. Again, it's depend on how the coder implement the protection. Because today we see so many cracked professional stuffs. Please try build your own test program. 1 form, 1 button, 1 radio button - all disabled. Pack it with your favorite packer, obfuscate it. Run the old bad boy 'enforcer.exe'. You will be shocked. - Just example. Event today, i saw many gsm program can not avoid this style. |
The Following User Says Thank You to VickFirtzh For This Useful Post: |
01-30-2015, 02:09 | #4 (permalink) | |
Freak Poster Join Date: Jun 2009 Location: !!!! AWAY FROM BOARD, STUDY !!
Posts: 363
Member: 1055354 Status: Offline Thanks Meter: 252 | Quote:
| |
01-31-2015, 14:10 | #5 (permalink) |
Moderator Join Date: May 1999 Location: Blagoevgrad, Bulgaria Age: 52
Posts: 1,056
Member: 73 Status: Offline Thanks Meter: 537 | Thema is interesting ... Yes lot of peoples compiling src for boxes not know how to protect stuff. ...but 2-3 small questions to VickFirtzh: 1. How will see RVA "without touching" exe? 2. Do you ever try this on packed exe simple with VMPROTECT? Regards: Victor p.s. VickFirtzh ... don't use PCHAR ... world go to Unicode PANSICHAR.
__________________ You'll die as you lived in a flash of the blade, in a corner forgotten by no one You lived for the touch for the feel of the steel One man, and his honor. |
01-31-2015, 22:38 | #6 (permalink) | ||
Junior Member Join Date: Feb 2007
Posts: 14
Member: 448308 Status: Offline Thanks Meter: 1 | Quote:
Quote:
1, no touch yes, in plain language. The original exe is left untouched. RVAs , yes, It is modified , we are talking about SEH chain... 2, It is harder if such app uses multi layer packer. Anything single is easier than the multi layer. Regards, | ||
Bookmarks |
| |
|