oleg Posted March 10, 2006 Share Posted March 10, 2006 (edited) Hi there I have a Lord Of The Rings BFME 2 game on my hands and there is funny thing with it . When you install the game you enter a cd key when installation is finished it encrypts CD Key and Windows Serial Number ( or some other data ) to a game2.dat file that is created in installation directory . The funny thing is when you need to install a game to 50 - 100 computers you go like Because its actually checks the encrypted Game2.dat if it match with Serial Numbers and if not dosent allow multiplay match . The installation is done by Autorun.exe And AutoRunGUI.dll Well my question is it possible to debug what function the Autorun.exe calls to encrypt the cd key and execute it ? This would basically allow to encrypt cd key on the fly And make License Management a pieace of cake I provide Both Files here so could you experts take a look ? Edited May 20, 2006 by Jon There is a hex ( 31303030303030 ) reasons i love AutoIt ! Link to comment Share on other sites More sharing options...
oleg Posted March 10, 2006 Author Share Posted March 10, 2006 Any thoughts ? There is a hex ( 31303030303030 ) reasons i love AutoIt ! Link to comment Share on other sites More sharing options...
oleg Posted March 11, 2006 Author Share Posted March 11, 2006 Anybody ? There is a hex ( 31303030303030 ) reasons i love AutoIt ! Link to comment Share on other sites More sharing options...
death pax Posted March 11, 2006 Share Posted March 11, 2006 Section contains the following exports for AutoRunGUI.dll 0 characteristics 43DEBD96 time date stamp Mon Jan 30 19:29:58 2006 0.00 version 1 ordinal base 58 number of functions 58 number of names ordinal hint RVA name 1 0 00006480 dllALLStartups 2 1 00005A80 dllAdvancedUserDialog 3 2 00006B30 dllAfterCDRequest 4 3 00006480 dllAfterCancelInstallGame 5 4 00006480 dllAfterCopyCacheFiles 6 5 00006480 dllAfterCreateDesktopItem 7 6 000064E0 dllAfterCreateStartMenuItems 8 7 00006480 dllAfterDirectXInstall 9 8 00006480 dllAfterFlashInstall 10 9 00006480 dllAfterGameSpyInstall 11 A 00006480 dllAfterIE55Patch 12 B 00006480 dllAfterIEInstall 13 C 00006480 dllAfterLanguageSelection 14 D 00006480 dllAfterPatching 15 E 00006480 dllAfterRunGameInstallSpecificExe 16 F 00006400 dllAtStartup 17 10 00006480 dllBeforeALLRunGame 18 11 000065C0 dllBeforeCDKey 19 12 00006B10 dllBeforeCDRequest 20 13 00006470 dllBeforeCancelInstallGame 21 14 00006450 dllBeforeCopyCacheFiles 22 15 00006480 dllBeforeCreateDesktopItem 23 16 00006480 dllBeforeDirectXInstall 24 17 00006480 dllBeforeEReg 25 18 00006480 dllBeforeFlashInstall 26 19 00006480 dllBeforeGameSpyInstall 27 1A 00006480 dllBeforeIE55Patch 28 1B 00006480 dllBeforeIEInstall 29 1C 00006480 dllBeforePatching 30 1D 00006460 dllBeforeRunGameInstallSpecificExe 31 1E 00006480 dllBeforeUnloadDLL 32 1F 00006B30 dllCopySize 33 20 00006ED0 dllDefaultDirectory 34 21 00006B30 dllDefaultStartMenuDirectory 35 22 00005BF0 dllDemoDialog 36 23 00006F80 dllDisplayAllDialogs 37 24 00005D90 dllEULADialog 38 25 000062B0 dllEntertainUser 39 26 00006330 dllEntertainUserWithSlideShow 40 27 00005E40 dllGameSpyDialog 41 28 000063E0 dllGetCompileDate 42 29 00006490 dllInstallDirectory 43 2A 00006500 dllInstallationCompleted 44 2B 00005D00 dllLicenseDialog 45 2C 00006540 dllMacromediaFlashDialog 46 2D 00006B30 dllMaximumPriorityCopied 47 2E 000064C0 dllMessageBox 48 2F 00006290 dllPleaseWaitDialog 49 30 00005FC0 dllSelectLanguageDialog 50 31 00006520 dllSetDebugMode 51 32 00006AE0 dllSetERegDisplayName 52 33 00006A90 dllSetFriendlyProductName 53 34 000063C0 dllSetLanguage 54 35 000065D0 dllSetProductTitle 55 36 000065A0 dllSplashScreen 56 37 00006130 dllStartMenuDialog 57 38 00005EB0 dllToolsLicenseDialog 58 39 00006040 dllUserTypeDialog here are the functions in that dll Link to comment Share on other sites More sharing options...
death pax Posted March 11, 2006 Share Posted March 11, 2006 (edited) and the imports of the exe file hope these helpautorunexeimports.txt Edited March 11, 2006 by death pax Link to comment Share on other sites More sharing options...
w0uter Posted March 11, 2006 Share Posted March 11, 2006 at first glance (dissasembled, since i cant debug it without having to crack the cd protection first ) there are 2 points of interest. check them out for yourself. .text:00411C73 mov ebp, [esp+2Ch+arg_7034] .text:00411C7A mov edi, ebp .text:00411C7C mov esi, offset a1234abcd56ef78; "1234ABCD-56EF-78GH-90IJ-123456KLMNOP" .text:00411C81 mov ecx, 25h .text:00411C86 xor edx, edx ; Logical Exclusive OR .text:00411C88 repe cmpsb ; Compare Strings .text:00411C8A jz short loc_411D07; Jump if Zero (ZF=1) .text:00411C8C lea eax, [esp+2Ch+var_14]; Load Effective Address .text:00411C90 push eax .text:00411C91 push ecx .text:00411C92 mov ecx, esp .text:00411C94 mov [esp+34h+var_8], esp .text:00411C98 push offset aProductguiid; "ProductGuiID" .text:00411C9D call sub_4046E0 ; Call Procedure .text:00411CA2 push ecx .text:00411CA3 mov ecx, esp .text:00411CA5 mov [esp+38h+var_10], esp .text:00411CA9 push offset aSpecial; "Special" .text:00411CAE mov [esp+3Ch+arg_7024], 4 .text:00411CB6 call sub_4046E0 ; Call Procedure .text:00411CBB lea ecx, [esp+38h+var_4]; Load Effective Address .text:00411CBF mov [esp+38h+arg_7024], 2 .text:00411CC7 call sub_41A180 ; Call Procedure .text:00411CCC mov eax, [esp+2Ch+var_14] .text:00411CD0 mov esi, ebp .text:0040CB17 mov esi, offset a1234abcd56ef78; "1234ABCD-56EF-78GH-90IJ-123456KLMNOP" .text:0040CB1C rep movsd ; Move Byte(s) from String to String .text:0040CB1E push eax .text:0040CB1F mov [esp+24h], dl .text:0040CB23 mov eax, [esp+24h] .text:0040CB27 push eax .text:0040CB28 movsb ; Move Byte(s) from String to String .text:0040CB29 lea esi, [ebp+arg_3254]; Load Effective Address .text:0040CB2F push esi .text:0040CB30 lea ecx, [esp+2Ch+arg_140]; Load Effective Address .text:0040CB37 push ecx .text:0040CB38 push 1 .text:0040CB3A lea ecx, [esp+34h+var_8]; Load Effective Address .text:0040CB3E call sub_412050 ; Call Procedure .text:0040CB43 test eax, eax ; Logical Compare .text:0040CB45 jnz loc_40D964 ; Jump if Not Zero (ZF=0) .text:0040CB4B mov eax, esi .text:0040CB4D lea edx, [eax+1] ; Load Effective Address My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll Link to comment Share on other sites More sharing options...
Confuzzled Posted March 12, 2006 Share Posted March 12, 2006 Should this thread be re-titled "Please help me crack copy protection for Lord Of The Rings BFME 2 for 50-100 computers"? Link to comment Share on other sites More sharing options...
greenmachine Posted March 12, 2006 Share Posted March 12, 2006 Should this thread be re-titled "Please help me crack copy protection for Lord Of The Rings BFME 2 for 50-100 computers"?And to continue in that direction, wouldn't this be illegal...? Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted March 12, 2006 Moderators Share Posted March 12, 2006 Oh come on now... read all his/her posts... he's so much on the up and up... his 'Corporation' needs all this stuff done. Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
Confuzzled Posted March 12, 2006 Share Posted March 12, 2006 Oh come on now... read all his/her posts... he's so much on the up and up... his 'Corporation' needs all this stuff done. Now that you brought it up, and I did go back and read all his posts in the forums, it sounds like his 'corporation' is generating a swarm of remotely controllable bots to take over a widespread number of Windows PCs. If the problem with mass distribution of a copy protected piece of software runs into 50 to 100 copies, I'm sure the legitimate vendor would be more than happy to sit down and discuss a customised version just for the 'corporation', and offer a special deal on the whole package, including a reduced cost on multiple copies.Sorry, it just smells a little too much like the 'corporation' is one of those based in Russia or Sicily, or rented out to spammers for profit. I'd be more than happy to have my suspicions laid to rest. Link to comment Share on other sites More sharing options...
oleg Posted March 13, 2006 Author Share Posted March 13, 2006 (edited) Dudes there is no corporation behind this Just me and few other fellows And let me explainI dont want to crack protection I want to manage the licenses of this game automatically ? Do you get it ?Legal Licenses Management I have a companny that support internet cafes so i need to give them abilty to work legaly without a need of installing the game to just some of their machines but to all and dynamicaly manage the licenses they have ?Do you get it ?This would basically allow to encrypt cd key on the fly And make License Management a pieace of cake Edited March 13, 2006 by oleg There is a hex ( 31303030303030 ) reasons i love AutoIt ! Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted March 13, 2006 Moderators Share Posted March 13, 2006 I don't get it... if this is a 'Legitimate Business' and your questions are 'Legitimate'... Why do you ask questions like:Hi Im trying to hide a process that i run with @sw_hide flag but have no sucess Tis process have two threads is this could be related ?I dont want to hide windows that this process creates one by one because they still become visible Any 1. As stated before, if you need multiple copies of a product being sold, just work out a deal with the manufacturer.2. If these are your Cafe(s)... Why do you need to "Hide" your own applications? (And please don't be so lame as to say... I want to keep them from using task manager... Use windows permissions for them)3. If these are for your "Clients" Cafe(s)... What right do you feel you have to hide software on their PC's? Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
oleg Posted March 13, 2006 Author Share Posted March 13, 2006 I don't get it... if this is a 'Legitimate Business' and your questions are 'Legitimate'... Why do you ask questions like:1. As stated before, if you need multiple copies of a product being sold, just work out a deal with the manufacturer.2. If these are your Cafe(s)... Why do you need to "Hide" your own applications? (And please don't be so lame as to say... I want to keep them from using task manager... Use windows permissions for them)3. If these are for your "Clients" Cafe(s)... What right do you feel you have to hide software on their PC's?Ok then i will explain 1) We dont own a Cyber Cafe we support them 2) The Cyber Cafes ( our clients ) Have costumers That extremly stupid kids / teenagers ( i dont need to explain this )3) We have figured it out on how to manage the licenses without the need off Dll Calls ( still dll calls would work beter ) You ask how ? I answer : The game setup process goes through different functions CD Key dialogue / Directory Dialogue / Firewall etc . So we have ripped the content of the cd and left only things that setup needs to encrypt cd key Ok ? Now i have wrote a script that gets a cd key as a cmd line parameter and initiate a setup process .That way when it finishes the LEGAL CD KEY IS encrypted and in place and all this done realtime DYNAMICALLY ! So the problem is that the Autorun.exe < the setup process becomes visible AND as i mentioned some stupid costumer might press X button and the game wont run correctly !So is it clear why i want to hide this process ? There is a hex ( 31303030303030 ) reasons i love AutoIt ! Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted March 13, 2006 Moderators Share Posted March 13, 2006 (edited) So the problem is that the Autorun.exe < the setup process becomes visible AND as i mentioned some stupid costumer might press X button and the game wont run correctly !So is it clear why i want to hide this process ?No...That still makes no sense what so ever!Even hiding the 'Process', the setup windows would still be visible, therefore allowing anyone to do your so called X. Hiding' the 'Process' would not stop them from doing this. Edited March 13, 2006 by SmOke_N Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
oleg Posted March 13, 2006 Author Share Posted March 13, 2006 (edited) No...That still makes no sense what so ever!Even hiding the 'Process', the setup windows would still be visible, therefore allowing anyone to do your so called X. Hiding' the 'Process' would not stop them from doing this.Ok i can hide windows that setup process creates but its still not look good Its not nice to see windows popup in your face I will create a Gui that will inform of the Cd Key Installation and will be topmost window so the popup windows wont be seen Something ElseThere is no need to be so negative guys .I want to state that for me Autoit forum is the best place where people really help each others .So lets keep it this way I really hope that any of you guys expirienced programmers would help us with this . Edited March 13, 2006 by oleg There is a hex ( 31303030303030 ) reasons i love AutoIt ! Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted March 13, 2006 Moderators Share Posted March 13, 2006 Ok i can hide windows that setup process creates but its still not look good Its not nice to see windows popup in your face I will create a Gui that will inform of the Cd Key Installation and will be topmost window so the popup windows wont be seen Something ElseThere is no need to be so negative guys .I want to state that for me Autoit forum is the best place where people really help each others .So lets keep it this way I really hope that any of you guys expirienced programmers would help us with this .Just out of curiousity, have you checked if this game has a silent install / verification / run switch? Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
oleg Posted March 13, 2006 Author Share Posted March 13, 2006 Just out of curiousity, have you checked if this game has a silent install / verification / run switch?Yes didnt found anything I guess i will stick with GUI for now and see if we can comeup with anything else There is a hex ( 31303030303030 ) reasons i love AutoIt ! Link to comment Share on other sites More sharing options...
flaxcrack Posted March 13, 2006 Share Posted March 13, 2006 So the problem is that the Autorun.exe < the setup process becomes visible AND as i mentioned some stupid costumer might press X button and the game wont run correctly !So is it clear why i want to hide this process ?How about _MouseTrap?Also who makes the installer for the application? [quote] Gilbertson's Law: Nothing is foolproof to a sufficiently talented fool.Sandro Alvares: Flaxcrack is please not noob! i can report you is stop stupid. The Post[/quote]I made this: FWD & MD5PWD() Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted March 13, 2006 Moderators Share Posted March 13, 2006 Also who makes the installer for the application?Ancient Chinese Secret... Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
flaxcrack Posted March 13, 2006 Share Posted March 13, 2006 Ancient Chinese Secret... http://unattended.msfn.org/unattended.xp/view/web/38/It shows how to flag silent installs if you don't know how. [quote] Gilbertson's Law: Nothing is foolproof to a sufficiently talented fool.Sandro Alvares: Flaxcrack is please not noob! i can report you is stop stupid. The Post[/quote]I made this: FWD & MD5PWD() Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now