How to defeat security of File Protection Softwares...
------------------------------------------------------
How to defeat the security of File Protection Softwares............. (Softheap's File and Folder Protector and Fridaysoft's File Securer, "all versions"*, Discussed here)
*all versions means the versions released till June 21 2005. I don't know if they enhance their security in the future versions.
Legal Information:
Code:
_khAttAm_ is a Person who spends time on these protections for LEARNING PURPOSES.
The Applications used in this Tutorial are Copyrighted by the author.
All Files and names hold Copyrights and Registered Trademarks of the Authors and are in this tutorial for EDUCATiONAL PURPOSES ONLY to show how easy it is to break such protections offered by the applications. _khAttAm_ respects the programs and the authors' efforts on making such Softwares which can protect the data from foreign use.
The tools mentioned may not be available for free. _khAttAm_ highly encourages you to buy 'em if you want to use them and if you're using a pirated version, use 'em AT YOUR OWN DAMN RISK.
_khAttAm_ repeats, This TUTORIAL is for EDUCATiONAL PURPOSES ONLY.
For NO REASON, will _khAttAm_ or the site hosting this tutorial be held responsible for any person's actions with the knowledge held in this Tutorial.
You can reverse engineer the applications only if you have permission from the respective authors.
1 chicken (unhatched), 3 flies and 5 mosquitoes were harmed in the making of this tutorial.
These softwares claim to protect files from access by other people using the computer.
Quote:
|
Originally Posted by File and Folder Protector's Readme
....................
File and Folder Protector is intended for controlling access to files and
folders situated on local media of Windows 95/98/ME/2000/XP at Windows
kernel level. It enables you to control access to certain files and folders
by using the password requirement, or to hide them securely from viewing
and searching. The program does not modify your media: in protecting your
files, it just uses a high-reliability VXD (SYS for Windows NT/2000/XP) driver
working at Windows kernel level. This guarantees that File and Folder Protector
will never lose your data, as may happen if you use other file- and
folder-protecting software.
.....................
|
File Securer Speaks Louder
Quote:
|
Originally Posted by File Securer's Readme
...............................
Congratulations for choosing File Securer software!
================================== Introduce ========================================
File Securer software is the most powerful tool for protect you personal files not be accessed by others.
================================== Key Features ======================================
- Hide and lock your personal folders and files on windows system kernel.
- Protect on windows all platform.
- [b]Password to prevent others user and hacker accessing.[b]
- Integrated with System pop menu.
- Drag and Drop method locking object support.
- Protected folders and files list check.
- Settings wizard support.
- All activities are logged.
- Popular interface styles.
- Free technical support online.
- Password Recover for user.
- Extremely easy to use.
- ...
.....................
|
They claim to protect the files and want us to trust them. Moreover, they charge a good amount of cash for such programs. However, the protection they provide is really VERY easy to break. These are the programs that can be cracked by any newbie reverse engineer............
We'll discuss on how to break the security of these two programs and similar process may be applied on many other applications.
Tools Required
1. Windows Disassembler
2. Hacker's View (HIEW)
PS: The tools mentioned may not be available for free. However, they can be downloaded from various sites. Google can be used. However, I highly encourage you to buy 'em if you want to use them and if you're using a pirated version, use 'em AT YOUR OWN DAMN RISK.
If the program (File Securer or File and Folder Protector) is installed and ready to use and if you have Windows Disassembler and HIEW ready, you may proceed.
Procedure:
We'll talk about File Securer 3.80 (which is the latest version till June 21 2005). Similar process can be used for other versions and File and Folder Protector too.
1. Open the program. It will ask for a password.
2. Enter any wrong password. Now, it should show you a message. In case of file securer, it is "Please Input the Correct Software Password." Note it down. And Click OK and then Cancel.
3. Now, Open Windows Disassembler. Click on File>>Open File to Disassemble and open the main EXE file of File Securer which is "fhrapp.exe" located in :\Program Files\FridaySoft\File Securer\ directory or wherever you have installed the program.
4. Wait till it disassembles the file. Meanwhile, you can even go for peeing if you like. LOL
5. Dissemble complete. Ah, what is this?? All nonsense characters??
Ok, go to Disassembler>>Font>>Select Font and select your favorite ENGLISH font. Ah, now it looks like a bit English and Maths.
6. Now, Click on the Refs>>String Data References on the File Menu.
7. You will see a window showing something like this:
8. Now, scroll downwards and look for the phrase that you had noted earlier. What was it?? Ah, yes it was "Please Input the Correct Software Password."
9. Scroll down and down and down....................... Oh yeah, there it is:
Note: You'll just see "Please Input the correct Software", and that it.
10. "Double Click" on the "phrase" and close the String Data Reference Dialog Box.
11. Now, you will return to the "Windows Disassembler"'s main window.
12. Scroll a littttle bit up and there you will see the phrase "Please Input the Correct Software Password." in red.
13. Scroll a little bit upwards and look for "Referenced by a (U)nconditional or (C)onditional.........."
Yeah there it is.
Note: In case of File and Folder Protector, you will need to scroll downwards and look for the "Referenced by a (U)nconditional or (C)onditional..........".
14. Note the referrer. Here in this case it is 00494537. Note it down.
Note that this address differs from version to version and program to program.
15. Now, You may close Windows Disassembler.
16. Then open HIEW. For convenience, copy the main executable "fhrapp.exe" to HIEW's Directory and copy the HIEW's directory to root if you have Ntfs or HIEW may fail to load.
17. HIEW is a keyboard-Only, Dos-Mode Application. Sorry for the inconvenience, but you'll have to keep your mouse aside.
18. Now, open the file "fhrapp.exe". (Navigate with Keyboard)
Oh, now what the hell is this??
19. Now, press F4 and Select "Decode" Mode.
20. Now, it looks something arranged. Don't care what it is. Just follow what I say. Press F5, now and then Type in the referrer address you noted in step 14. In this case it is 00494537. But wait, in HIEW, you shud type in a period (.) before the address. I.E. you will need to type in ".00494537" without the quotes and press enter.
21. You'll reach here:
22. There you'll see 754B. The 75 here stands for jne (which you can see to the right of 754B). JNE, my friend, stands for Jump if Not Equal. i.e. the procedure in the program will jump to certain address if the variables compared in the preceding statement are not equal. You shud not care about this now.......
23. Now, let us change the JNE to JE (i.e. Jump if equal). Well, if it was JE, we wud change it to JNE. If it was JGE (jump if greater or equal), then we would change it to JL (Jump if less than). This is how reverse engineering works and this is why it is called so. (Don't give a damn to my lectures. Just read further.)
Ok, to change it to 74, you will need to press F3 and type in 74 Over it. Note that Del and Backspace keys won’t work. You just need to type 74 over it.
24. Now, the JNE should change to JE, if you have done everything right.
25. Ok. Then you will need to save the file by pressing F9 and exit HIEW by pressing F10. Then copy the modified "fhrapp.exe" to original location. Do backup the old file. Rename the old file to anything like "fhrapp_original.exe" and copy the cracked "fhrapp.exe" in its place.
26. Now, launch the program. It will ask for the password. Give it any password that comes to your mind. But don't enter the original password, even if you remember it. If you enter the original password, it will ask you to enter the original password. This happens since we have altered the jump.
27. Now, It will take any damn password (except the original password) and you can unlock any files that were locked...............
28. That’s all...................Folks. If anything goes wrong, repeat from step 1. And please read very properly next time.
29. If this does not work for any of the mentioned programs or versions or if you'd like to learn how to break the similar kind of security of similar programs, you can pm me or email me @ khattam.khattam[attherateof]gmail.com
Note: [attherateof]="@". (This was done for security from spam bots.)
@MODS
If anything looks offensive, do send me a warning b4 banning me. I'd like to stay with this forum before I retire from this forum after a few weeks. I'll edit the post if you want and upload it somewhere else.
Moral:
1. DO NOT trust any such file protection softwares and pay for them.
2. Use encryption instead. However, that is also not always safe.
3. Use alphanumeric passwords/keys for encryption with special characters (!, @, # etc) if supported.
4. Make sure that you remember your passwords, if using encryption, or your encrypted data can be lost for ever. Don't cry if that happens. If you do, use a tissue..............
Fake Protection Cracked: How to recover protected files by..
Linear Mode
