Crack the ComonentArt License Manage flow account and parse the verification process.

Source: Internet
Author: User
Flow account introduction in http://www.cnblogs.com/submaie/archive/2004/10/16/53105.htm

//----------
// Sorry, I was busy evaluating my title two days ago. The organization asked me to review my engineer title. I have been busy for the past two days and wrote a 5000-word technical work summary. Please forgive me for not coming soon!
//----------

1 finally cracked ComponentArt Web. UI 2.0 Asp.. Net custom server control library License Manager program, allowing the ComponentArt installer to automatically install the Web. all source code of the UI 2.0 control is also installed.
2. I admire Dr. Fei Dao. His registration method is authentic, but I am not. I used a method called "steal the bar and change the column" to cheat ComponentArt's Installation tool. For details, refer to my analysis ideas.
3. I have packaged all the code contained in this analysis into the Microsoft standard MSI installation package. Here, it is an installation file generated by the standard InstallShield and can be installed with ease. Be sure to install it in the E: \ CpmponentArt directory. Do not change this address. You can directly open the Vs. Net 2003 project in the Start Menu. The solution contains two projects. The ComponentArt. Licensing. Manager project is cracked in the code, and the Licensing. Manager project is the original code. The text boxes that enter the Key in both items have defined the default WUS-WEBUI2_SUB-02 string, but this string is not a legal registration code and cannot pass the registration at all. For more information about the cause, see my solution.

Well, I 've talked too much nonsense. Now I'm starting to talk about the technical content.
You must understand the official registration process for any registrar/analysis of the registration code. So the first step is to understand it. I am different from the flying knife method. He directly locates the encryption algorithm of the registration machine, and then writes an anti-algorithm to turn it into a registration machine. Download an installation file from ComponentArt and start installation,

Obviously, there are two options: Enter the registration code and use the trial version. If "Enter License Keys Now" is selected, a program is started when you click Next. The program name is ComponentArt.Licensing.Manager.exe, which verifies the registration code and writes information to the Registry. At this time, I first reflected that the. Net program was written in. Net, and only. Net programs could not be directly integrated into the InstallShield interface.

After the installation, I started the reflectordecompilation software and developed the C # source code of the .exe. At this time, I began to check the verification steps of the registration code. The software I use is Vs 2005, which has very powerful debugging functions. First, start from the constructor of the MainForm in the main window. The initialization steps are as follows:
First, generate a class named Manager. From the constructor of this class, we can see that: public Manager ()
{
This. _ resources = new SortedList ();
This. _ licensedata = new LicenseData ();
This. _ smallicons = new ImageList ();

ResourceReader reader1 = new ResourceReader (this. GetType (). Assembly. GetManifestResourceStream ("ComponentArt. Licensing. Manager. Resource. Manager. resources "));
IDictionaryEnumerator enumerator1 = reader1.GetEnumerator ();
While (enumerator1.MoveNext ())
{
If (enumerator1.Value. GetType () = typeof (Bitmap ))
{
This. _ smallicons. Images. Add (Bitmap) enumerator1.Value, Color. White );
Continue;
}
This. _ resources. Add (enumerator1.Key, enumerator1.Value );
}
// This. _ licensedata. ReadXml (base. GetType (). Assembly. GetManifestResourceStream ("ComponentArt. Licensing. Management. LicenseData. xml "));
This. _ licensedata. ReadXml (this. GetType (). Assembly. GetManifestResourceStream ("ComponentArt. Licensing. Manager. Resource. LicenseData. xml "));
Char [] chArray1 = new char [1] {','};
Char [] chArray2 = new char [1] {','};
This. _ licensecollection = new LicenseCollection (string) this. _ resources ["RegistryRoot"], (string) this. _ resources ["RegistryLicenseKeysNode"], (string) this. _ resources ["RegistryLicenseKeyTokensNode"], this. _ resources ["SmallIconIndex"]. toString (). split (chArray1), this. _ resources ["SourceCodeIndex"]. toString (). split (chArray2), ref this. _ licensedata );
}

From the code above, we can see that the most important operation is to generate a licensedata type object named _ LicenseData, which owns the ReadXml method and saves it as a resource named LicenseData. generate the LicenseData object in the xml file. Check the Xml file and find it is an Xml image of. Net DataSet. Then the LicenseData generated by the file is definitely a DataSet type object, which is used to compare with the content after the registration code calculation. You can use the registration code to obtain the version type of the installed Web. UI control. According to the product FAQ on the official website, two versions have source code, and their names saved in the Xml file are Web. UI for ASP. NET 2.x-Initialize ate Site License and Web. UI for ASP. NET 2.x-sub‑license, both of which contain source code, that is, if we can let the registration code pass the calculated verification to obtain the keyword (this keyword is unknown yet) match the keywords of the above two versions, then the installer can install the source code.

Okay. Let's start performing the verification in one step. In vs2005, go to the "OK" button after entering the registration code and double-click the mouse to go to the code, add a breakpoint on the first line of code to be executed and start debugging.

First, the Code adds the entered registration code to the LicenseCollection to which the Licenses attribute in the Manager object points (using the Add method), and then controls the conversion to the Add method of the LicenseCollection class.

The first step is a for loop. It checks whether the Key attribute of the LicenseCollectionItem matches the Input Key attribute. If yes, the registration code has been verified and an exception is thrown out. It can be seen from this that LicenseCollectionItem is responsible for processing and decrypting encrypted registration information in the registry.

If no, create a new LicenseCollectionItem object. It seems that the trick is to continue the single step here. It indicates a new license. The constructor parameters include the input Key, the LicenseData object generated by the Manager object to compare with the input Key, and the RegistryTokensCollection object, the RegistryTokensCollection is the object responsible for reading and writing data to the Registry. In addition, the registry can be seen from the code in HKEY_LOCAL_MACHINE \ SOFTWARE \ ComponentArt \ Web. UI for ASP. NET \ 2.0, where the heaviest registration code is stored. In addition, the primary key name is "Token ".

Then, start matching. The operation is to assign a value to the Key attribute of the new LicenseCollectionItem object. Continue. At this time, the operation right is switched to the Key attribute of the LicenseCollectionItem, and finally it is time to verify the Key entered by the user. The original Key set operation has a lot of code, as shown below: public string Key
{
Get {return _ licensekey ;}

Set
{
_ Licensekey = value;
Try
{
_ Licensecode = LicenseCodeFromKey (_ licensekey );
_ Licensename = LicenseNameFromCode (_ licensecode );
_ Licensebuild = LicenseBuildFromKey (_ licensekey );
_ Issubpartition = SubscriptionTypeFromCode (_ licensecode );
_ Issourcecode = SourceCodeTypeFromCode (_ licensecode );
If (_ issourcecode)
_ Sourceentitlement = GetSourceCodeEntitlement ();
_ Expiry = KeyEncoding. ExpiryDateFromKey (_ licensekey );
_ Registrytokenscollection. Load (_ licensekey, _ licensecode );
_ Displaycollection. Load (_ licensekey, _ licensecode );
Return;
}
Catch (Exception e)
{
Throw e;
}
}
}

From the property definition code above, we can see that, first, the program assigns the Key entered by the user to a local variable, and then queries the local variable in various ways, obtain the version type, version name, and version Build value to be registered from these queries. This value is used for calculation, whether it is subscribe, whether it contains the source code, and the expiration time of the control. This code is used to execute the verification algorithm. From the code, we can see that all the code calls a static method called in the KeyEncoding class. Then the KeyEncoding class is used to execute encryption, decryption, and computation, the conversion algorithms must all be in it.

According to the information obtained from the LicenseData class (the data in this class is stored in the LicenseData. xml file), the information queried by all the code above is the information in the License attribute of the LicenseData class. Indicates that license information is currently being processed.

Code debugging fails here, but it doesn't matter. The basic flow of the validators has come out. We can use "eyes" to run the code.

Below is a line of code like _ registrytokenscollection. Load (_ licensekey, _ licensecode );

It must be the RegistryTokenCollection object that is just generated to perform registry operations. Based on the Key, a RegistryTokenCollectionItem object is generated, and the Key entered by the user is verified again, query the content in the Product table returned by the Product attribute in LicenseData based on the Key, and then reinitialize the RegistryTokenCollection object based on RegistryTokenCollectionItem. Note that the _ token internal variable generated by the RegistryTokensCollectionItem class during initialization is a string variable. This variable is output through the Token attribute and the content is written in the registry.

If an object is not found in any of the above methods, an exception with the content "Invalid license key" will be thrown, indicating that the registration code verification failed.

Then, the control is returned to MainForm. The execution method is butOK_Click (). The following method Fill () is to Fill the registered control type in the ItemList control. The following code is a common form operation.

So far, the verification process has ended. The following article describes how to generate a registration code based on this verification process.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.