KeyGens - Part I

In the previous post, we saw how borrowing allows you to by-pass even a User-name based serial key. For example, If I register my valid copy of a Software say, WinZip with a User name: "Rathish" and Password: "6d6608d4", people reading this blog can copy and paste the above information and register their copy of WinZip.

But Rathish is my name. Any Tom, Dick and Harry can register a copy of the software. However, it will still be registered under my name. There is a classy group of Software users (including me) who want every Software in the computer to be registered under their name. In this case there are two options. Spend a fortune and buy all the available Software in the market. Or, crack it.

The role of KeyGens plays an important part here. KeyGen stands for Key Generator. As the name suggests, it will generate a Serial key based on the User name you provide. A Keygen typically consists of a small piece of software but usually with lots of research and intelligence required to write it.

Every piece of Software on earth can be cracked. The basic funda used is, however strong the door may be, a small key is required to open it. And for a key to be inserted, a key-hole is required. The key can be a physical key, number codes or even a bio-mechanical device. Unless it can be opened, there is no point in using the door.

When a key is entered, it goes through the key-hole and pushes the right levers to open the lock. The lock can stop an unauthorized person from opening the door. Unfortunately, it cannot stop a thief from opening it if the thief has a key!

Similarly, every software, whatever security settings they may use, has to have an access key for the truly registered people to open it. To validate a registered user, a Software has an algorithm. It takes the user name entered by the user as an input. It then runs a set of codes to create a hash key string. The user is also required input a serial key. This serial key is compared with the hash key string. If they are same, a flag is set to indicate the user as a registered user.

A cracker reads the algorithm used by the software to validate a registered user and uses the algorithm to create a hash key in a different piece of software. This software called a KeyGen has provisions for the users to enter their own name. As you can guess, the input is processed to create a hash key. The user has to enter their name and copy this key in the original software to see "This software is registered to: You!" banner.

In the next section of KeyGens, we'll have a look at how the latest software that uses the Activation technique to validate users are cracked.