there's nothing more fun, as a reverse engineer, then checking into a DLL to see about cracking it (it's been out of support since the Clinton administration, so I have to) and just seeing "validate_license" as an exported symbol.
GEE I WONDER WHERE I SHOULD START LOOKING
oh great it's right next to a string buffer labeled "verify_password"
I'm sure that'll come in handy
oh my god
I think this is even easier than I thought.
So the function looks basically like this:
validate_authorization_code (serial_number, expiration_date, max_users, authorization_code), right?
and it takes the serial number and expiration_date and max_users and confirms the authorization_code matches some hash or something to make sure it fits those serial numbers and expiration_date and max_users
a less sensible way to do this would be to have validate_authorization_code be implemented like this:
correct_authorization_code = generate_authorization_code(serial, expiration, max_users);
return strcmp(correct_authorization_code, authorization_code) == 0;
the authorization_code generator has an "encrypt" parameter that does some simple XORing
this code passes 0 for it, so that's not even turned on
the most infuriating thing in computers is when you have a program that does X, so you modify it, and it still does X. so you modify it more, and it still does X. so you change a bunch of stuff, and it still does X.
AM I MAKING CHANGES OR NOT? STOP IGNORING ME
Alice Averlong🏳️⚧️
snapman