Docstoc

IDA Pro 5.1.0.899 - Breaking License Tutorial

Document Sample
IDA Pro 5.1.0.899 - Breaking License Tutorial Powered By Docstoc
					possible download: http://www.download.com/IDA-Pro/3000-2218_4-
10800676.html?hhTest=1&tag=dl.1&cdlPid=10800675 (IDA Pro 5.1.0.899)

step one, step one… time trial protection




Now, this trick is “original”: 90% of the tuts’ starting point is the nag, but this is a well known
weakness and could be difficult to exploit…
It is also “generic”: every application setup has the EULA to agree on… so what?
Notice that there is a registry key behind it:
HKCU\Software\Datarescue\IDA\License Demo Version 5.1.0.899 (32-bit)
If you delete it, the EULA will pop-up again, showing the content of your license.txt file ;-)
Now it is time to BP (F2) on the registry creation API (before the output above):
All names, item 30087
Address=77DDEAF4 advapi32
Section=.text
Type=Export (Known)
Name=RegCreateKeyExA

and here we go….




CU

				
DOCUMENT INFO