Wares
~ware1: An article of commerce.
~ware2: An immaterial asset or benefit, such as a service or personal accomplishment, regarded as an article of commerce.
The above mentioned were the real-world dictionary definition of the term 'Ware'.
According to the Computer Desktop Encyclopedia, the term ware; ~s; ~z mean:
(soft "wares") Pirated software distributed over the Internet. A warez site may also provide hackers with viruses and Trojans as well as tips, techniques and scripts for gaining illegal entry into networks and systems. It may also offer ways to cheat at online games. In other words, a fun site.
If not a crystal clear picture, you might have at least got a hang of the term "warez" now. There is no better way of explaining this in a lay-man approach as it can be compared to a Hollywood / Bollywood pirated movie.
A producer spends a huge amount of his money to produce a movie. Similarly, a Software company invests in their pet project to create an awesome application. The producer grants distribution rights to major companies to advertise their movies and the Distributors take care of the dirty work. The Software company gets in touch with their commercial agencies to advertise their new product and allocates Point of sale agencies. Before giving it to distributors, the producer organizes a Cine screening. There might be a 'pirate' sitting in the audience who slowly and politely records the movie and puts his DVD recorder to use and the movie may reach the gray market even before it releases. By the time the editors work on the trailers and mass advertising, the movie might be available in torrents and mass-down loaders will be working on it.
This is where the similarity between Bollywood and the Brotherhood ends. Before releasing their master app on the web site or creating a shareware, the software guys may introduce nag screens and other security constraints to ward off the software poachers. They may pay handsome figures to security companies to add high-level 256-bit encryption blah blah blah... to stop the crackers from breaking in to it. Finally, the product -either in a complete, shareware or a trial-ware form - will be released.
Rather than releasing a Key-gen, patch or a Crack separately, the crackers may reverse engineer the entire product, rewrite the code, re-compile and re-build it.
Yes! You heard it right. The entire application can be modified to work as and ho a cracker wants it to run. That means, not only will the the nag screens be removed, but also there might be a code written to do things that you may never have thought about.
So, while you are reading this blog, one or more pirated software that you might be using - or may be your pirated copy of Windows XP be involved in crashing a bank web site or your friend's system while you are chatting with her. Who knows!
Friday, November 09, 2007
Monday, October 15, 2007
Cracks
A Crack, as the name suggests, cracks in to the Security system of a Software. Unlike a patch that patches the code to remove the nags, a crack actually replaces the entire engine. Patches and Cracks were similar earlier as the whole application was in a single executable file. A crack used to do the same thing that a Patch used to do.
However, as newer technologies arrived, the nag screens, restrictions and other such steps were placed in a separate module called a DLL file. DLL files, when opened looks like a text file with lots of junk letters in it. However, once the program is up and running, those modules are called. During the run-time, the code will start running and will start it's restrictions etc.
This feature of course, was not a long standing one. Let's take the example of the popular Desktop photo browsing software - ACDSEE. I have been following the it's security measure right from the time it was released. It had used all the possible ways to curb piracy. Unfortunately, the cracking world shoed no mercy on it. It started off with using the Serial key. Then turned to highly encrypted usage of serial key. It was beat by the Key Gen creators. The Cracks were released in parallel, however that was not much in vogue.
It then started a procedure of multiple activation. A user, when downloading the trial version had to visit the web site and register first to get a trial use serial key! After the seven day usage period, it will expire unless purchased. I expected the crackers to release a Type II Key-gen (one that can release a trial serial key and then a purchase key or a patch). I was baffled at the ease with which it was cracked. They simply released a crack that will replace the '.dll' file that carried the restriction. If you are smart enough, you can just pass on the DLL file and replace it manually to -own- it!
However, as newer technologies arrived, the nag screens, restrictions and other such steps were placed in a separate module called a DLL file. DLL files, when opened looks like a text file with lots of junk letters in it. However, once the program is up and running, those modules are called. During the run-time, the code will start running and will start it's restrictions etc.
This feature of course, was not a long standing one. Let's take the example of the popular Desktop photo browsing software - ACDSEE. I have been following the it's security measure right from the time it was released. It had used all the possible ways to curb piracy. Unfortunately, the cracking world shoed no mercy on it. It started off with using the Serial key. Then turned to highly encrypted usage of serial key. It was beat by the Key Gen creators. The Cracks were released in parallel, however that was not much in vogue.
It then started a procedure of multiple activation. A user, when downloading the trial version had to visit the web site and register first to get a trial use serial key! After the seven day usage period, it will expire unless purchased. I expected the crackers to release a Type II Key-gen (one that can release a trial serial key and then a purchase key or a patch). I was baffled at the ease with which it was cracked. They simply released a crack that will replace the '.dll' file that carried the restriction. If you are smart enough, you can just pass on the DLL file and replace it manually to -own- it!
Wednesday, March 14, 2007
Patches
You purchase a brand new pair of Levis Jeans. The next day, while boarding a crowded bus, you fall down and realize that the jeans is torn. What will you do? Will you throw that away? Not at all! You'll instead stitch a piece of fancy label covering the torn part. This piece of cloth is known as a 'Patch'.
That was a lay man's view of a patch. In the Software Industry, a patch is applied when a production software shows up a little bug. After determining a fix for the bug, a newer version of the software is not released until the pre-determined date. Instead, a small piece of code is released. This piece of code fixes only that particular bug on a pre-installed software of the Client's system. On a later date, all the patches and newer features are added to the original code and will be re-compiled and released as a newer version.
When it comes to the world of cracking, a 'Patch' takes a whole new meaning. Instead of fixing a bug, it produces a bug in the original software! Confused?
To understand it better, let's view it from the eyes of a Software cracker. For a cracker, the end result is a Software that works fully without any kind of interruption to the user. The obstruction that comes for him is when the manufacturer adds a 'Nag'. Let's look at an example.
When I first purchased my PC, I was interested in Wallpapers, screen savers etc. I used to visit a few web sites to download them. There were many kinds of screen savers available. One such screen saver that caught the attention of my eyes was a Bikini Girls screen saver! I immediately downloaded and installed it. After a few hot screens, it dampened the atmosphere by showing a screen... "This is a shareware. To continue using this, you need to purchase by paying $xx.xx...."
In the above example, the Software manufacturer's interest would be to sell the screen saver without spending much Advertising or Sales revenue. But from a Consumer point of view, it was an agony (please stop giggling).
Getting back to work, the Screen saver guys added a lock. The code starts up by uncompressing the cabbed file. Next it starts showing the the picture after picture. At a specific point, it starts showing the nag screen. Either to select the option to pay or select the option to enter the Serial number to unlock. When the option to pay is selected, the code opens up a web page and exits the program. However, when the option to enter the key is selected, a function call is generated that presents the screen to enter the code. If the key is invalid, the user will be intimated. Else, the code calls another function that congratulates the user for the payment and releases the nag screens. The flow then jumps back to where it was interrupted previously.
You might have got a clear picture of how it works. Now lets see how a patch makes ones life easy. The Crackers will use a Hex Editor to disassemble the Software and start following the flow of the program. This process is called Reverse Engineering where in the actual software is disassembled in a step by step fashion. When the program flow reaches the stage where in the Nag function is called, the patch will simply delete or comment the remaining function call till the regular code that continues to show the pictures arrive. Although it may seem very simple, that's not as easy!
That was a lay man's view of a patch. In the Software Industry, a patch is applied when a production software shows up a little bug. After determining a fix for the bug, a newer version of the software is not released until the pre-determined date. Instead, a small piece of code is released. This piece of code fixes only that particular bug on a pre-installed software of the Client's system. On a later date, all the patches and newer features are added to the original code and will be re-compiled and released as a newer version.
When it comes to the world of cracking, a 'Patch' takes a whole new meaning. Instead of fixing a bug, it produces a bug in the original software! Confused?
To understand it better, let's view it from the eyes of a Software cracker. For a cracker, the end result is a Software that works fully without any kind of interruption to the user. The obstruction that comes for him is when the manufacturer adds a 'Nag'. Let's look at an example.
When I first purchased my PC, I was interested in Wallpapers, screen savers etc. I used to visit a few web sites to download them. There were many kinds of screen savers available. One such screen saver that caught the attention of my eyes was a Bikini Girls screen saver! I immediately downloaded and installed it. After a few hot screens, it dampened the atmosphere by showing a screen... "This is a shareware. To continue using this, you need to purchase by paying $xx.xx...."
In the above example, the Software manufacturer's interest would be to sell the screen saver without spending much Advertising or Sales revenue. But from a Consumer point of view, it was an agony (please stop giggling).
Getting back to work, the Screen saver guys added a lock. The code starts up by uncompressing the cabbed file. Next it starts showing the the picture after picture. At a specific point, it starts showing the nag screen. Either to select the option to pay or select the option to enter the Serial number to unlock. When the option to pay is selected, the code opens up a web page and exits the program. However, when the option to enter the key is selected, a function call is generated that presents the screen to enter the code. If the key is invalid, the user will be intimated. Else, the code calls another function that congratulates the user for the payment and releases the nag screens. The flow then jumps back to where it was interrupted previously.
You might have got a clear picture of how it works. Now lets see how a patch makes ones life easy. The Crackers will use a Hex Editor to disassemble the Software and start following the flow of the program. This process is called Reverse Engineering where in the actual software is disassembled in a step by step fashion. When the program flow reaches the stage where in the Nag function is called, the patch will simply delete or comment the remaining function call till the regular code that continues to show the pictures arrive. Although it may seem very simple, that's not as easy!
Saturday, February 17, 2007
KeyGens - Part II
Earlier, in an establishment, say a corporate bank, the security was limited to a guard standing out in the post. The robbers used to hit the guard and get off with the loot. Then, a security company was appointed who beefed up the security by engaging a dozen or so people around the bank. Robbers found a way out by performing some aerobics and landing on the roof. Drilling the roof as seen in some of the blockbuster movies or unlocking the doors after by-passing the security cordon.
With such instances, the banking corporations came to a conclusion that manual security was not adequate. Instead, the usage of a high-end security system was the need of the hour. Not only do you have to pass through the basic security cordon you also need to have the key to the lock. It doesn't end there. The Bio-metric security device now wants to verify that you are the person who is supposed to handle the keys. Only after your authentication and authorization is verified, will you be able to enter the vault!
Our great software companies started using similar methods. For the purpose of a case study, let's use Industry leading Image organizing / editing software ACDSee from ACD Systems. First, you need to visit their web site to download a trial copy of ACDSee (I am referring to ACDSee version 7). Once you download and install it, don't be surprised if it asks you for a trial serial code. Yes, this is a new trick they started using it. Even I was surprised the first time I installed it.
To obtain the trial serial code, you need to visit their web-site and register your name and other details. Next, you need to enter that serial code in the initial dialog box. This will unlock the software to be used for a period of 7 days. Once you are satisfied with Software (in 7 days), you need to visit their web site again and provide them with the previous details and make a payment and finally, you'll get the instructions to convert the trial copy to a full featured software.
Getting back to our banking example, with the latest security system used, the bankers may have a ball until they watch "Mission Impossible: 2" or read Dan Brown's "Angels and Demons" where Leonardo Vetra' eye is plucked to get authenticated!
Don't worry, the crackers are not animals to pluck someone's eye to crack a software. In case of ACDSee, they use more of a patch than a KeyGen. We'll get back to "Patch" in near future. Now that you have understood the security constraints set in a Software, let's have a look at what KeyGens have to offer.
For Advanced KeyGens, we need to use a related case study. There are many a software that uses the "Activation" principle to set the security constraint similar to the banking example which we had discussed earlier. Famous companies include Microsoft (Windows XP, Vistas), Symantec (Norton Antivirus, Norton System Works), Adobe ( Photoshop, GoLive!) etc.
Let's take a look at Symantec's Norton System Works 2006 - A System software suite that takes care of your System right from Anti-Virus, Anti-Worm protection to providing simple System Information. Here is how it's security system works. Once you receive the Install CD (or download from Internet) and start installation, it asks for the serial key that you find on the back of the CD Jewel case. You need to enter the 25-digit serial key. The rest of the installation runs normally. It then asks you to reboot your System. Once it is back from reboot, the Norton wizard will start running. It then gives you the option to Activate and register. Activation requires you to contact Symantec either thru the software itself or if it fails connecting the server a few times, it will offer you the alternate ways of contacting like using the web-browser or by calling. Once you call their toll-free number, you need to provide them with the unique System Generated ID and finally they'll give you the Activation code that you need to enter in the Activation dialog box to activate it. Puff.
With an advanced keygen, you don't have to go through all these. Although there are many Keygens available, I am describing one from SSG. It has a very simple interface. Three text boxes and three buttons (Generate, Make and Copy). When "Generate" is pressed, a serial key is generated that you can "Copy" and paste prior to the installation. Post installation and reboot, make sure that the Internet is disconnected and let the Symantec Registration and Activation wizard run. Choose the option to Activate only. The Software makes 5 - 6 in vain attempts to contact the Symantec server. After a series of failure, it provides you with the alternate options. Select th option to register by phone. The activation dialog will then present you with the unique System code. Copy the code in to the Keygen's second field and then click "Make". Viola! the activation code is presented in front of you!
With such instances, the banking corporations came to a conclusion that manual security was not adequate. Instead, the usage of a high-end security system was the need of the hour. Not only do you have to pass through the basic security cordon you also need to have the key to the lock. It doesn't end there. The Bio-metric security device now wants to verify that you are the person who is supposed to handle the keys. Only after your authentication and authorization is verified, will you be able to enter the vault!
Our great software companies started using similar methods. For the purpose of a case study, let's use Industry leading Image organizing / editing software ACDSee from ACD Systems. First, you need to visit their web site to download a trial copy of ACDSee (I am referring to ACDSee version 7). Once you download and install it, don't be surprised if it asks you for a trial serial code. Yes, this is a new trick they started using it. Even I was surprised the first time I installed it.
To obtain the trial serial code, you need to visit their web-site and register your name and other details. Next, you need to enter that serial code in the initial dialog box. This will unlock the software to be used for a period of 7 days. Once you are satisfied with Software (in 7 days), you need to visit their web site again and provide them with the previous details and make a payment and finally, you'll get the instructions to convert the trial copy to a full featured software.
Getting back to our banking example, with the latest security system used, the bankers may have a ball until they watch "Mission Impossible: 2" or read Dan Brown's "Angels and Demons" where Leonardo Vetra' eye is plucked to get authenticated!
Don't worry, the crackers are not animals to pluck someone's eye to crack a software. In case of ACDSee, they use more of a patch than a KeyGen. We'll get back to "Patch" in near future. Now that you have understood the security constraints set in a Software, let's have a look at what KeyGens have to offer.
For Advanced KeyGens, we need to use a related case study. There are many a software that uses the "Activation" principle to set the security constraint similar to the banking example which we had discussed earlier. Famous companies include Microsoft (Windows XP, Vistas), Symantec (Norton Antivirus, Norton System Works), Adobe ( Photoshop, GoLive!) etc.
Let's take a look at Symantec's Norton System Works 2006 - A System software suite that takes care of your System right from Anti-Virus, Anti-Worm protection to providing simple System Information. Here is how it's security system works. Once you receive the Install CD (or download from Internet) and start installation, it asks for the serial key that you find on the back of the CD Jewel case. You need to enter the 25-digit serial key. The rest of the installation runs normally. It then asks you to reboot your System. Once it is back from reboot, the Norton wizard will start running. It then gives you the option to Activate and register. Activation requires you to contact Symantec either thru the software itself or if it fails connecting the server a few times, it will offer you the alternate ways of contacting like using the web-browser or by calling. Once you call their toll-free number, you need to provide them with the unique System Generated ID and finally they'll give you the Activation code that you need to enter in the Activation dialog box to activate it. Puff.
With an advanced keygen, you don't have to go through all these. Although there are many Keygens available, I am describing one from SSG. It has a very simple interface. Three text boxes and three buttons (Generate, Make and Copy). When "Generate" is pressed, a serial key is generated that you can "Copy" and paste prior to the installation. Post installation and reboot, make sure that the Internet is disconnected and let the Symantec Registration and Activation wizard run. Choose the option to Activate only. The Software makes 5 - 6 in vain attempts to contact the Symantec server. After a series of failure, it provides you with the alternate options. Select th option to register by phone. The activation dialog will then present you with the unique System code. Copy the code in to the Keygen's second field and then click "Make". Viola! the activation code is presented in front of you!
Friday, February 09, 2007
KeyGens - Part I
In the previous post, we saw how borrowing allows you to by-pass even a User-name based serial key. For example, If I register my valid copy of a Software say, WinZip with a User name: "Rathish" and Password: "6d6608d4", people reading this blog can copy and paste the above information and register their copy of WinZip.
But Rathish is my name. Any Tom, Dick and Harry can register a copy of the software. However, it will still be registered under my name. There is a classy group of Software users (including me) who want every Software in the computer to be registered under their name. In this case there are two options. Spend a fortune and buy all the available Software in the market. Or, crack it.
The role of KeyGens plays an important part here. KeyGen stands for Key Generator. As the name suggests, it will generate a Serial key based on the User name you provide. A Keygen typically consists of a small piece of software but usually with lots of research and intelligence required to write it.
Every piece of Software on earth can be cracked. The basic funda used is, however strong the door may be, a small key is required to open it. And for a key to be inserted, a key-hole is required. The key can be a physical key, number codes or even a bio-mechanical device. Unless it can be opened, there is no point in using the door.
When a key is entered, it goes through the key-hole and pushes the right levers to open the lock. The lock can stop an unauthorized person from opening the door. Unfortunately, it cannot stop a thief from opening it if the thief has a key!
Similarly, every software, whatever security settings they may use, has to have an access key for the truly registered people to open it. To validate a registered user, a Software has an algorithm. It takes the user name entered by the user as an input. It then runs a set of codes to create a hash key string. The user is also required input a serial key. This serial key is compared with the hash key string. If they are same, a flag is set to indicate the user as a registered user.
A cracker reads the algorithm used by the software to validate a registered user and uses the algorithm to create a hash key in a different piece of software. This software called a KeyGen has provisions for the users to enter their own name. As you can guess, the input is processed to create a hash key. The user has to enter their name and copy this key in the original software to see "This software is registered to: You!" banner.
In the next section of KeyGens, we'll have a look at how the latest software that uses the Activation technique to validate users are cracked.
But Rathish is my name. Any Tom, Dick and Harry can register a copy of the software. However, it will still be registered under my name. There is a classy group of Software users (including me) who want every Software in the computer to be registered under their name. In this case there are two options. Spend a fortune and buy all the available Software in the market. Or, crack it.
The role of KeyGens plays an important part here. KeyGen stands for Key Generator. As the name suggests, it will generate a Serial key based on the User name you provide. A Keygen typically consists of a small piece of software but usually with lots of research and intelligence required to write it.
Every piece of Software on earth can be cracked. The basic funda used is, however strong the door may be, a small key is required to open it. And for a key to be inserted, a key-hole is required. The key can be a physical key, number codes or even a bio-mechanical device. Unless it can be opened, there is no point in using the door.
When a key is entered, it goes through the key-hole and pushes the right levers to open the lock. The lock can stop an unauthorized person from opening the door. Unfortunately, it cannot stop a thief from opening it if the thief has a key!
Similarly, every software, whatever security settings they may use, has to have an access key for the truly registered people to open it. To validate a registered user, a Software has an algorithm. It takes the user name entered by the user as an input. It then runs a set of codes to create a hash key string. The user is also required input a serial key. This serial key is compared with the hash key string. If they are same, a flag is set to indicate the user as a registered user.
A cracker reads the algorithm used by the software to validate a registered user and uses the algorithm to create a hash key in a different piece of software. This software called a KeyGen has provisions for the users to enter their own name. As you can guess, the input is processed to create a hash key. The user has to enter their name and copy this key in the original software to see "This software is registered to: You!" banner.
In the next section of KeyGens, we'll have a look at how the latest software that uses the Activation technique to validate users are cracked.
Thursday, February 01, 2007
Borrowing
In my office, there is a security constraint. Only the drivers who have been appointed by the Administration department are allowed to enter the office premises. This constraint is implemented by issuing an ID card. This allows unauthorized persons to be restricted.
There may be a few situations where in the driver may not be able to attend the duty. This makes the logistics company that is under a contract from my office to provide transport facilities will be under a loss as an alternate driver cannot be sent at the spur of the moment. However, as with many other security systems, there is always a workaround. Cab drivers never wear it on themselves. Instead they hang it to the rear view mirror. A security guard makes a note of the cab number and checks from a distance if there is an ID card. The cab will be then allowed to enter!
This security lapse is not just in my office. It was a part of many of the Software applications. The Software manufactures used to think that all the Customers were honest and will buy the Software (just like the security guards in our office).
Just like one driver used to share his ID card with his fellow driver, general people used to share their Serial code with others. The Software was designed in the good old days when there were very few computers and security was not a big issue.
There was a simple algorithm that was run during the Software registration. It is similar to a Checksum algorigthm. The serial code entered is processed and a string is generated. If the string is similar to the string generated by the security algorithm with the same inputs, the "Thank you for registering" greeting is generated. Although this system is outdated, a few software still uses the same technique.
After the Software companies noted this flaw, they started using the Username based serial key. In this version, the serial code is not a single line key. Instead, based on the username, a registration key is generated. Borrowing of course, by-passes even this.
There may be a few situations where in the driver may not be able to attend the duty. This makes the logistics company that is under a contract from my office to provide transport facilities will be under a loss as an alternate driver cannot be sent at the spur of the moment. However, as with many other security systems, there is always a workaround. Cab drivers never wear it on themselves. Instead they hang it to the rear view mirror. A security guard makes a note of the cab number and checks from a distance if there is an ID card. The cab will be then allowed to enter!
This security lapse is not just in my office. It was a part of many of the Software applications. The Software manufactures used to think that all the Customers were honest and will buy the Software (just like the security guards in our office).
Just like one driver used to share his ID card with his fellow driver, general people used to share their Serial code with others. The Software was designed in the good old days when there were very few computers and security was not a big issue.
There was a simple algorithm that was run during the Software registration. It is similar to a Checksum algorigthm. The serial code entered is processed and a string is generated. If the string is similar to the string generated by the security algorithm with the same inputs, the "Thank you for registering" greeting is generated. Although this system is outdated, a few software still uses the same technique.
After the Software companies noted this flaw, they started using the Username based serial key. In this version, the serial code is not a single line key. Instead, based on the username, a registration key is generated. Borrowing of course, by-passes even this.
Friday, December 09, 2005
Mind Research: Software Cracking
I always wondered why do people(who use software)try to crack it? This thought always bugged me. So one day I decided to spend time thinking on it. The following is the result of such thinking.
Many of us spend a lot on hardware (computer and its peripherals). But when it comes to buying software, we move a step backwards; although everybody knows that without software, our computers are nothing but a piece of junk metal. Software is what drives our computer. But then why we don't buy it? The answer is (i) A good, working software costs (if not 10 times) at least as much as the cost of computer itself!!! (ii) Cheaper alternatives are available.
The alternative here doesn't mean alternatives for the software, but alternative for paying. Cracking the software is exactly what I meant. The question that pops up is how is it done? Although it is very simple, there are different procedures for different softwares.
1> Borrowing: Borrowing or sharing the serial key.
2> KeyGens: Stands for Key Generator. It generates your own serial keys. Imagine a software with a "Registered to: You" Tag!
3> Patches: Piece of software code used to disable the constant nagging of sharewares.
4> Crack An intelligent form of patch. That makes even the software vendor go wondering whether you are a registered owner!!!
5> Wares: A pirated but full version software.
Many of us spend a lot on hardware (computer and its peripherals). But when it comes to buying software, we move a step backwards; although everybody knows that without software, our computers are nothing but a piece of junk metal. Software is what drives our computer. But then why we don't buy it? The answer is (i) A good, working software costs (if not 10 times) at least as much as the cost of computer itself!!! (ii) Cheaper alternatives are available.
The alternative here doesn't mean alternatives for the software, but alternative for paying. Cracking the software is exactly what I meant. The question that pops up is how is it done? Although it is very simple, there are different procedures for different softwares.
1> Borrowing: Borrowing or sharing the serial key.
2> KeyGens: Stands for Key Generator. It generates your own serial keys. Imagine a software with a "Registered to: You" Tag!
3> Patches: Piece of software code used to disable the constant nagging of sharewares.
4> Crack An intelligent form of patch. That makes even the software vendor go wondering whether you are a registered owner!!!
5> Wares: A pirated but full version software.
Subscribe to:
Posts (Atom)
