Earlier, in an establishment, say a corporate bank, the security was limited to a guard standing out in the post. The robbers used to hit the guard and get off with the loot. Then, a security company was appointed who beefed up the security by engaging a dozen or so people around the bank. Robbers found a way out by performing some aerobics and landing on the roof. Drilling the roof as seen in some of the blockbuster movies or unlocking the doors after by-passing the security cordon.
With such instances, the banking corporations came to a conclusion that manual security was not adequate. Instead, the usage of a high-end security system was the need of the hour. Not only do you have to pass through the basic security cordon you also need to have the key to the lock. It doesn't end there. The Bio-metric security device now wants to verify that you are the person who is supposed to handle the keys. Only after your authentication and authorization is verified, will you be able to enter the vault!
Our great software companies started using similar methods. For the purpose of a case study, let's use Industry leading Image organizing / editing software ACDSee from ACD Systems. First, you need to visit their web site to download a trial copy of ACDSee (I am referring to ACDSee version 7). Once you download and install it, don't be surprised if it asks you for a trial serial code. Yes, this is a new trick they started using it. Even I was surprised the first time I installed it.
To obtain the trial serial code, you need to visit their web-site and register your name and other details. Next, you need to enter that serial code in the initial dialog box. This will unlock the software to be used for a period of 7 days. Once you are satisfied with Software (in 7 days), you need to visit their web site again and provide them with the previous details and make a payment and finally, you'll get the instructions to convert the trial copy to a full featured software.
Getting back to our banking example, with the latest security system used, the bankers may have a ball until they watch "Mission Impossible: 2" or read Dan Brown's "Angels and Demons" where Leonardo Vetra' eye is plucked to get authenticated!
Don't worry, the crackers are not animals to pluck someone's eye to crack a software. In case of ACDSee, they use more of a patch than a KeyGen. We'll get back to "Patch" in near future. Now that you have understood the security constraints set in a Software, let's have a look at what KeyGens have to offer.
For Advanced KeyGens, we need to use a related case study. There are many a software that uses the "Activation" principle to set the security constraint similar to the banking example which we had discussed earlier. Famous companies include Microsoft (Windows XP, Vistas), Symantec (Norton Antivirus, Norton System Works), Adobe ( Photoshop, GoLive!) etc.
Let's take a look at Symantec's Norton System Works 2006 - A System software suite that takes care of your System right from Anti-Virus, Anti-Worm protection to providing simple System Information. Here is how it's security system works. Once you receive the Install CD (or download from Internet) and start installation, it asks for the serial key that you find on the back of the CD Jewel case. You need to enter the 25-digit serial key. The rest of the installation runs normally. It then asks you to reboot your System. Once it is back from reboot, the Norton wizard will start running. It then gives you the option to Activate and register. Activation requires you to contact Symantec either thru the software itself or if it fails connecting the server a few times, it will offer you the alternate ways of contacting like using the web-browser or by calling. Once you call their toll-free number, you need to provide them with the unique System Generated ID and finally they'll give you the Activation code that you need to enter in the Activation dialog box to activate it. Puff.
With an advanced keygen, you don't have to go through all these. Although there are many Keygens available, I am describing one from SSG. It has a very simple interface. Three text boxes and three buttons (Generate, Make and Copy). When "Generate" is pressed, a serial key is generated that you can "Copy" and paste prior to the installation. Post installation and reboot, make sure that the Internet is disconnected and let the Symantec Registration and Activation wizard run. Choose the option to Activate only. The Software makes 5 - 6 in vain attempts to contact the Symantec server. After a series of failure, it provides you with the alternate options. Select th option to register by phone. The activation dialog will then present you with the unique System code. Copy the code in to the Keygen's second field and then click "Make". Viola! the activation code is presented in front of you!
Saturday, February 17, 2007
Friday, February 09, 2007
KeyGens - Part I
In the previous post, we saw how borrowing allows you to by-pass even a User-name based serial key. For example, If I register my valid copy of a Software say, WinZip with a User name: "Rathish" and Password: "6d6608d4", people reading this blog can copy and paste the above information and register their copy of WinZip.
But Rathish is my name. Any Tom, Dick and Harry can register a copy of the software. However, it will still be registered under my name. There is a classy group of Software users (including me) who want every Software in the computer to be registered under their name. In this case there are two options. Spend a fortune and buy all the available Software in the market. Or, crack it.
The role of KeyGens plays an important part here. KeyGen stands for Key Generator. As the name suggests, it will generate a Serial key based on the User name you provide. A Keygen typically consists of a small piece of software but usually with lots of research and intelligence required to write it.
Every piece of Software on earth can be cracked. The basic funda used is, however strong the door may be, a small key is required to open it. And for a key to be inserted, a key-hole is required. The key can be a physical key, number codes or even a bio-mechanical device. Unless it can be opened, there is no point in using the door.
When a key is entered, it goes through the key-hole and pushes the right levers to open the lock. The lock can stop an unauthorized person from opening the door. Unfortunately, it cannot stop a thief from opening it if the thief has a key!
Similarly, every software, whatever security settings they may use, has to have an access key for the truly registered people to open it. To validate a registered user, a Software has an algorithm. It takes the user name entered by the user as an input. It then runs a set of codes to create a hash key string. The user is also required input a serial key. This serial key is compared with the hash key string. If they are same, a flag is set to indicate the user as a registered user.
A cracker reads the algorithm used by the software to validate a registered user and uses the algorithm to create a hash key in a different piece of software. This software called a KeyGen has provisions for the users to enter their own name. As you can guess, the input is processed to create a hash key. The user has to enter their name and copy this key in the original software to see "This software is registered to: You!" banner.
In the next section of KeyGens, we'll have a look at how the latest software that uses the Activation technique to validate users are cracked.
But Rathish is my name. Any Tom, Dick and Harry can register a copy of the software. However, it will still be registered under my name. There is a classy group of Software users (including me) who want every Software in the computer to be registered under their name. In this case there are two options. Spend a fortune and buy all the available Software in the market. Or, crack it.
The role of KeyGens plays an important part here. KeyGen stands for Key Generator. As the name suggests, it will generate a Serial key based on the User name you provide. A Keygen typically consists of a small piece of software but usually with lots of research and intelligence required to write it.
Every piece of Software on earth can be cracked. The basic funda used is, however strong the door may be, a small key is required to open it. And for a key to be inserted, a key-hole is required. The key can be a physical key, number codes or even a bio-mechanical device. Unless it can be opened, there is no point in using the door.
When a key is entered, it goes through the key-hole and pushes the right levers to open the lock. The lock can stop an unauthorized person from opening the door. Unfortunately, it cannot stop a thief from opening it if the thief has a key!
Similarly, every software, whatever security settings they may use, has to have an access key for the truly registered people to open it. To validate a registered user, a Software has an algorithm. It takes the user name entered by the user as an input. It then runs a set of codes to create a hash key string. The user is also required input a serial key. This serial key is compared with the hash key string. If they are same, a flag is set to indicate the user as a registered user.
A cracker reads the algorithm used by the software to validate a registered user and uses the algorithm to create a hash key in a different piece of software. This software called a KeyGen has provisions for the users to enter their own name. As you can guess, the input is processed to create a hash key. The user has to enter their name and copy this key in the original software to see "This software is registered to: You!" banner.
In the next section of KeyGens, we'll have a look at how the latest software that uses the Activation technique to validate users are cracked.
Thursday, February 01, 2007
Borrowing
In my office, there is a security constraint. Only the drivers who have been appointed by the Administration department are allowed to enter the office premises. This constraint is implemented by issuing an ID card. This allows unauthorized persons to be restricted.
There may be a few situations where in the driver may not be able to attend the duty. This makes the logistics company that is under a contract from my office to provide transport facilities will be under a loss as an alternate driver cannot be sent at the spur of the moment. However, as with many other security systems, there is always a workaround. Cab drivers never wear it on themselves. Instead they hang it to the rear view mirror. A security guard makes a note of the cab number and checks from a distance if there is an ID card. The cab will be then allowed to enter!
This security lapse is not just in my office. It was a part of many of the Software applications. The Software manufactures used to think that all the Customers were honest and will buy the Software (just like the security guards in our office).
Just like one driver used to share his ID card with his fellow driver, general people used to share their Serial code with others. The Software was designed in the good old days when there were very few computers and security was not a big issue.
There was a simple algorithm that was run during the Software registration. It is similar to a Checksum algorigthm. The serial code entered is processed and a string is generated. If the string is similar to the string generated by the security algorithm with the same inputs, the "Thank you for registering" greeting is generated. Although this system is outdated, a few software still uses the same technique.
After the Software companies noted this flaw, they started using the Username based serial key. In this version, the serial code is not a single line key. Instead, based on the username, a registration key is generated. Borrowing of course, by-passes even this.
There may be a few situations where in the driver may not be able to attend the duty. This makes the logistics company that is under a contract from my office to provide transport facilities will be under a loss as an alternate driver cannot be sent at the spur of the moment. However, as with many other security systems, there is always a workaround. Cab drivers never wear it on themselves. Instead they hang it to the rear view mirror. A security guard makes a note of the cab number and checks from a distance if there is an ID card. The cab will be then allowed to enter!
This security lapse is not just in my office. It was a part of many of the Software applications. The Software manufactures used to think that all the Customers were honest and will buy the Software (just like the security guards in our office).
Just like one driver used to share his ID card with his fellow driver, general people used to share their Serial code with others. The Software was designed in the good old days when there were very few computers and security was not a big issue.
There was a simple algorithm that was run during the Software registration. It is similar to a Checksum algorigthm. The serial code entered is processed and a string is generated. If the string is similar to the string generated by the security algorithm with the same inputs, the "Thank you for registering" greeting is generated. Although this system is outdated, a few software still uses the same technique.
After the Software companies noted this flaw, they started using the Username based serial key. In this version, the serial code is not a single line key. Instead, based on the username, a registration key is generated. Borrowing of course, by-passes even this.
Subscribe to:
Posts (Atom)
