Anybody interested in cracking DOS (or other) software?
I have done some reverse engineering work and have some familiarity with software disassembly, so I've been poking at some DOS programs for fun and created a few cracks and keygens. One of the most fun has been a keygen for Buccaneer (door game) - my interested was sparked by a post on reddit:
Anybody interested in cracking DOS (or other) software?
I have done some reverse engineering work and have some familiarity
with software disassembly, so I've been poking at some DOS programs
for fun and created a few cracks and keygens. One of the most fun has
been a keygen for Buccaneer (door game) - my interested was sparked by
a post on
reddit: https://www.reddit.com/r/bbs/comments/1b626zo/curious_if_anyon e_remember_my_fathers_door_game/
telnet://bbs.roonsbbs.hu:1212 <<=-
i really like to watch videos of Robin @ 8-bit show and
tell, who cracks and disassembles commodore vic20/64
software and explains what's happening.
altough i've never tried.
yeah you got some "colds and hots" in the DOORGAMES ;)
Old DOS software has been around long enough that I'd be
surprised if there weren't already some cracks and
keygens for a lot of it.. I think you'd have to know
where to look. Years ago I was aware of some groups of
people who were doing that and releasing their cracks
and keygens, and I imagine a lot of that may still be
around, and may be hidden from the usual search engines online.
Also I thought there was already a key generator
released for Buccanneer? I remember seeing some posts
here and on Reddit about that recently, from the son of
the developer of Buccaneer, and I thought he said he
himself released a key generator that he reverse-
engineered?
I wrote that keygen and posted it in the thread created by the son of the developer of Buccaneer.
Since then, he (graffd03 on reddit - son of the developer of Buccaneer) has called my BBS (another.tel) a few times and played Buccaneer. There's an active game going with at least a couple of us playing daily. It's a fun game - though your ship may spend significant time on the bottom of the sea, depending on your luck!
Since then, he (graffd03 on reddit - son of the developer of Buccaneer) has called my BBS (another.tel) a few times and played Buccaneer. There's an active game going with at least a couple of us playing daily. It's a fun game - though your ship may spend significant time on the bottom of the sea, depending on your luck!
That's cool. :) I've added it to my BBS too.
Have you played the game much? I am curious if you've noticed some minor issues with the screen being cleared before messages are readable. An
Anybody interested in cracking DOS (or other) software?
It's certainly interesting seeing the different levels of protection in various software - sometimes it is pretty easy to find and disable the registration check, or to write a simple keygen. Sometimes there are multiple layers of obfuscation and anti-disassembly and anti-debugging techniques. It's hard to predict what to expect!
It looks like EZ-ROM is written in Turbo Pascal, I wonder if this protectio is part of the Pascal code or if it is a wrapper around a compiled program. would imagine there's heavy use of assembler to implement the an i-disassembly/anti-debugging/obfuscation. (just thinking out loud)
Anybody interested in cracking DOS (or other) software?
While I don't have the technical skills to perform the work, I've enjoyed watching you dig in and release SEVERAL great cracks/keygens!
I particularly love that you did a submission of mine,
TERMINATE 5.00 - there was never a decent keygen for
version 5; I'll be trying it out soon and hopefully will
be able to use it as a terminal. It was great back then,
and I used to have to reinstall it every 31 days. :/
I know lots of people that would love to watch a video
of the methods and talking thru a crack - dunno if yer
photogenic but you should make some YT videos; I'd be a
subscriber!!
Can you do one for Iron Ox? The one that's out there
dosen't work for many people and you have to run the
keygen .exe on a 64bit windows machine. I have no idea
why.
It looks like EZ-ROM is written in Turbo Pascal, I
wonder if this protectio
is part of the Pascal code or if it is a wrapper
around a compiled program.
would imagine there's heavy use of assembler to implement the an i-disassembly/anti-debugging/obfuscation. (just thinking out loud)
You'll be my hero if you can get a key for 2.20b :)
Has anyone ever found a working keygen for Bluewave
offline mail reader (both DOS & 386)? I've found serial
numbers for the DOS version which I've used when playing
around with them, but never a keygen.
Has anyone ever found a working keygen for Bluewave
offline mail reader (both DOS & 386)? I've found serial
numbers for the DOS version which I've used when playing
around with them, but never a keygen.
I just checked and I am using:
Name: NoBoDy!
Number: ii47j56n
Which you might recognize from the serial numbers you've already found -
I definitely pulled this one out of an archived list. So I guess I haven't seen a keygen either.
I hope it works! :) I tried it here and it seems to work fine, other
than showing random characters instead of your name in the registration information - I think that's purely cosmetic, and is mentioned as a side effect of this keygen technique in the writeup from Spath. It's so neat to be able to find and rebuild an old keygen like this!
This kind of content is interesting to me, too. I haven't done any
coding videos - it's an interesting idea to try, I am also hoping to put together some writeups, but it's always easier to plan to do it later
than it is to actually get it done.
I don't have these technical skills to do this either.
Has anyone ever found a working keygen for Bluewave
offline mail reader (both DOS & 386)? I've found serial
numbers for the DOS version which I've used when playing
around with them, but never a keygen.
run the door in dosbox with those codes, then MEMDUMPBIN 0:0 640000 or whatever and find where they are in memory (or just
search around in the debugger itself) then change the
NoBoDy! part and then MEMDUMPBIN again the next run and
see what the memory area the ii.. part used to be in
changes to? that's how i used Arrowbridge I and II &
Betrayal of the Obsidian Baboon to keygen themselves. i
would find the old code in memory twice, and then the
second run the second spot would have the new code in it
for the new sysop/bbs name..
how many more layers of obfuscation to expect. I'm learning on the job her
I just checked and I am using:
Name: NoBoDy!
Number: ii47j56n
Which you might recognize from the serial numbers you've already found - I definitely pulled this one out of an archived list. So I guess I haven't s a keygen either.
Has anyone ever found a working keygen for Bluewave
offline mail reader (both DOS & 386)?
Brief update: I have found the subroutine used to calculate key for the DOS 16 bit Blue Wave mail reader, so am pretty close to writing a
keygen. It's a couple hundred lines of assembly to convert - not a huge job, but was time for me to take a short break and refresh my drink.
In the meantime, using the technique fusion suggested:
For the DOS 16-bit Blue wave mail reader 2.30
Warpslide
6DD6A88W
It looks like EZ-ROM is written in Turbo Pascal, I
wonder if this protectio is part of the Pascal code or if it is a
wrapper around a compiled program. would imagine there's heavy use
Been an awfully long time since I looked at TP5, but I have recollections of it being able to produces two versions of a binary, one of which was either compressed or wrapped somehow.
PS: I could use a key for SuperBBS 1.17-3, I had the authors turn up
but they've long lost the source code.
PS: I could use a key for SuperBBS 1.17-3, I had the authors turn up
but they've long lost the source code.
I uploaded SBBS-KEY.ZIP to file area 4 (cracks) on
Another Millennium BBS (another.tel port 23).
I can't test it properly as I don't have a SuperBBS
system setup. On my system, BBS.EXE crashes if I
attempt local login after entering a registration code.
Is the Beta code also required for this version? I
haven't looked into that function.
I uploaded OXGEN-AP.ZIP to file area 4 (cracks) on another.tel. It's Deuce'soxgen.c file from gitlab.synchro.net compiled for 16-bit DOS.
I uploaded OXGEN-AP.ZIP to file area 4 (cracks) on another.tel. It's Deuce'soxgen.c file from gitlab.synchro.net compiled for 16-bit DOS.
Warpslide
xxxxxxx
Well this is just awesome, thank you! :)
Anybody interested in cracking DOS (or other) software?
I'm a software engineer, but I've never really looked
into reverse-engineering and cracking software. My
skills with that are fairly limited, but I think it
would be interesteing to do though. I've sometimes
looked at executable and other binary files with a hex
editor, but I'm not sure what I'd be looking for as far
as license and serial number checks and that sort of
thing. It's naturally more difficult to reverse-
engineer a binary than to look at source code. :)
I can't test it properly as I don't have a SuperBBS system setup. On my system, BBS.EXE crashes if I attempt local login after entering a registration code.
| As of version 1.15, there is a new security feature build in | to SuperBBS. When running a registered version of SuperBBS, | you will
need to have a valid .SCC file. Without this file | your system
will not run. | | Once you have a correct .SCC file, you will NOT
need to down- | load a newer .SCC file when they come available. | |
When you register, you will get a key and a .SCC file. Check | the
support nodes for more information on this subject.
The tools make all the difference! And willingness to trace through assembler code endlessly! :) Some of the disassembly and decompilation tools and debuggers can do a shocking amount of the work in some cases. There's no universal solution, but when it does work it's pretty impressive.
I love doing hex-edit hacks too. Neat to poke around inside an executable and just paint over some bits to adjust things just so. Another very handy tool is 'strings', to get a list of readable text inside a binary file - great for taking a quick peek.
Sysop: | Eric Oulashin |
---|---|
Location: | Beaverton, Oregon, USA |
Users: | 91 |
Nodes: | 16 (0 / 16) |
Uptime: | 17:24:38 |
Calls: | 5,074 |
Calls today: | 6 |
Files: | 8,491 |
Messages: | 352,929 |
Posted today: | 1 |