How to hack the program?
Watch the video
The problem of protecting programs from hacking is now gaining increasing popularity. Most often, the software is protected by a code that is reported to the user after registration.
Before activation, the program may have a limited period of use, may be filled with annoying ads, and the necessary functions may be disabled in it.
When the software is activated, the user is given a code, which, when entered, checks it and, if it is correct, provides access with all the necessary functions.
Often, protection for programs is developed by the founders monotonously, which allows them to be hacked in a matter of minutes. This article is created solely for educational purposes and hacking programs is not recommended.
Now you will learn about hacking methods used by hackers in order to effectively deal with unauthorized access to programs and improve the protection system.Article 159.6 of the Criminal Code of the Russian Federation provides for a maximum sentence of up to 10 years in prison for fraud in the sphere of computer information.
Ways of hacking
For hacking programs on .Net, at the moment there are three very simple ways available even to novice hackers using public free software tools such as Reflector ’. For example, let's take any program whose license does not contain instructions on hacking, but requires registration and is given the opportunity to use the demo period.
An example of such a site is Espresso, which provides free access without registration for 60 days after installation. It should be noted that programs on .Net are code written in Delfi.NER, C #, F # or Visual Basic, and compiled into MSIL or IL. Therefore, it is wrong in this case to apply the concept of software decompilation, because the program is publicly available, and programs such as Reflector ’can improve the readability of the code by transforming MSIL according to the design of F #, C # and others.
One of the options for fast hacking is the reset of the trial, which is hardly called hacking,since the method is an increase in the demo period of the program, which is not yet officially registered.
- Find a place to store the date of installation of the program.
- Change it or delete it.
For example Espresso:
- With the help of Reflector we view the code.
- In the MainForm constructor we find the line [email protected] "Software \ Ultrapico \ Expresso".
- Open the registry editor, go to HKEY_CURRENT_USERSoftwareUltrapicoExpresso and look for keys that contain information about the date of the first launch of the program.
- Remove them.
Now the program has been extended for another 60 days!
- Open Reflector ’and look for the code that contains the Registration or License classes. For example, the Expresso code looks like this: Public bool IsValid (string UserName, string RegistrationCode)
- When entering UserName and Code, a hash is calculated by name, which is then compared with the code. Public string ComputeCode (string UserName). This hash uses prefixes and des.
- We open IDE, we copy all necessary elements codes.
Having found out the values of Prefix, Suffix, the parameters of the MyDES implementation, you can eventually generate a key for any given name.
Using the wrapper is the third option for hacking. Since the license check is very problematic and takes a lot of time, the founders of the programs check the license only 1 time, and then check the box whether it is valid or not.This moment can be used for hacking; it is enough to indicate to the software that a license check has already been carried out or that it is valid. For hackers, there are some difficulties here, since the software is decompiled into MSIL and then assembled back.
The decompilation process requires the ildasm utility from the SDK, and the ilasm Framework is used as the compiler. With this method, the original signature is replaced with the signature of the hacker, as a result of which problems may arise when working with libraries, because they will need to be disassembled and then reassembled. But in the end, we get a free program with our own key.
On the example of Expresso, it is clear that if the program is already registered, then it does not check the correctness of the license, and this can be used. To do this, you need to create a new project, add a Reference to Expresso.exe and run it through yourself. As a defense against burglars, developers are advised to check the license a little more often, because it will be possible to prevent the possibility of setting unnecessary variables.
- Based on the information provided, it is possible to effectively deal with unauthorized access and hacking of programs by hackers, to create a more effective protection system.
- We conclude that programs on .NET are very easy to hack if the developer was not careful enough. The question of the feasibility of spending time and resources on the protection of software to solve only the creators.
- As an alternative, it is worth considering the possibility of creating a web-system or a free version of the program with limited functions.