progcor
Programmer's corner

An incredibly stupid "commercial" Protection
 06 September 1998

by LSD
(slightly edited by fravia+)

Courtesy of fravia's pages of reverse engineering

**Title: An incredibly stupid "commercial" Protection: 

         (4 Very Stupid Programmers)



**SubTitle: Another Ready-Made Protection Suck!

**Writer  : Lsd     Email: LSD-LSD.USA.NET



**INTRODUCTION:

Plz, excuse my very bad English 'coz i'm an Italian boy (da Cesenatico 

un "Forza Pantani!")

I will show, how to crack a stupid Ready-Made commercial protection scheme:

SoftSentry 2.07 of the 20/20 Software. Download the Full Trial (very 

easily crackable) version at www.twenty.com.

This software allows zombie-programmers (IMHO does not deserve to be called 

"programmer" somebody that has fallen for this bogus protection), to  easyly 

'automagically' transform their FULL program in a Trial/Demo version. Sounds 

like a snakeoil vendor uh? It is exactly that: bogus comm˜ercialism at his 

best, as usual when they do something for money.



This is what they say: read yhe following and open your mouth in awe:

...softSENTRY 2 allows people who develop and market software to increase their 

sales by cutting down on unlicensed use of their software and by making it 

easy to provide effective trial versions that let prospects try out the products 

for a limited period. 

SoftSENTRY offers a range of software protection and trialware options to fit a 

variety of needs.

How softSENTRY is used?

The softSENTRY product is currently sold in three models: softSENTRY, softSENTRY 

Lite 16 and softSENTRY Lite 32. They all work alike, but the Lite versions do not 

have all the capabilities of the full version. (See Feature Summary for differences 

between the models.) 

When started, the main softSENTRY program is displayed, allowing you to select 

the types of limitations that are to be applied and what forms are to be displayed. 

When the appropriate Edit buttons are clicked, softSENTRY's Form Editor is invoked 

allowing the text, buttons and edit boxes on the forms to be visually created and 

arranged. Clicking the "Build .EXE" button and selecting a target Windows executable 

file will let you produce a protected copy of that file. 

Clicking the "Build .DLL" button will create a dynamic link library file which can 

be called from your program. (Use of a .dll is required for .exe files created with 

certain development systems. See Reference for more detail.) Each combination of 

limitation definitions and forms is saved as a softSENTRY project that can be 

reopened in softSENTRY for future use.

Absolutely No Programming Necessary (sic!)

You can protect your completed application or create fully-functional "trialware" 

without the need to modify your product's source code in any way. SoftSENTRY works 

directly on your 16 or 32 bit Windows .EXE files. Plus, softSENTRY lets you specify 

the protection methods and forms to be displayed working solely with selection boxes 

and visual layout tools.

....[and more]..





**ToolZ: 

Soft-Ice 3.x

an Hex Editor

SoftSentry 2.007 Trial Version (www.twenty.com)



**Essay:

Let's go.. Download the demo program at www.twenty.com

I will not show how to crack this demo, 'coz it is not interesting, and it's incredibly 

easy to do (Do it youself! Tip: delete C:\windows\system\ss.drv and the "magicKey" 

located in  HkCLassRoot\{XXXXXXXXXX} to restore the trial period) but i will show how 

to kill its protection schemes (ANY kind!)

(BTW: the fact that the protection of the supposed protecting application is so 

easy to crack says a lot about the quality of the product itself :-)



Ok, now you will have to use your target: protect some small file, in order to 

disassemble the process and watch how SoftSentry does work.

For disassemble we will use SoftIce, 'coz Wdasm89 seem to crash when we try to 

load this target.

The Protected file, and the original file have a different size. Good, you'll 

probably expect, as I did, some encryption and variable random protection scheme 

inside the target. You'r in for a surprise.



Now hold your breath: this is the entry point for ALL PROTECTED FILES:



:004B066F CC             int    03

:004B0670 55             push   ebp     ; 












 redhomepage 

 red+ORC 

 redanonimity academy 

 redcounter measures 

 redtools 

 redbots' wars




redjavascript wars 

 redreality cracking 

redstudents' essays 

 redacademy database

 redprogrammer's corner




 redantismut CGI-scripts 

 redcocktails 

 redsearch_page 

 redhow to search 

 redmail_fravia+ 




 redIs reverse engineering legal?