Go to the navigation barGo to the navigation bar

Reversing Meta Master

by NECRO'99

Target: Meta Master v2.5 and v2000
Difficulty: Easy
Tools used: Hiew
SmartCheck
Date: 21-05-'99
Section: Visual Basic reversing
 

Essay

!! My first essay for DREAD !!

Yowzer,

In this essay I will teach you how to crack Meta Master V 2.5 and V 2000.

The first thing you need to know is in which code-language it is coded, so load HIEW and open the file you wonna crack (REVERSE) (in our case it is META MASTER). (Tip: make a shortcut in your SEND TO map, if you use windows).
You should see something that points to a VB application (the name of a DLL wich is used in VB). Now you see this, and you are shure it is an VB program. This points that there are 2 ways to crack this serial protection.
1) use Softice
2) use Smartcheck

Because I haven't seen many tutorials on Smartcheck, I tought as wel try to crack it this way, and write a tutor over it.

So, load Smartcheck, open the executable file of META MASTER and press F5 (or click the PLAY triangle). Now Meta Master starts. Try to register the program. You'll see something like this (in version 2.5) (version 2000 comes later on in this tutorial.)

NAME:NE©RO'99© = [ALT] [1][8][4]
COMPANY:[DoB]Then I didn't work for DREAD yet
SERIAL:22446688This is our fake s/n

REGISTER NOW      REGISTER LATER

Click on register now, and you'll see a message like this: "The serial entered is NOT the right one"(or something similiar). Click OK.

Close the program and go to Smartcheck.

In one of the 2 screens you'll see something with many "+". Just click on +command_click and it extracts.. good..
Scroll down to the bottom and scroll up again untill you'll see your wrong serial (22446688 in my case).
You'll see that it will be "converted" to an other character. Some places lower you see a similaire number that's been converted to a "normal" number.
This is the serial (in my case it is:   265185164 )
(The numbers could be otherwise one your computer).
Now you can try of it works, or you can repeate all of this with your name.

Final notes

I don't really know anything about the Visual Basic code, but it isn't really dificult to crack these applications. Please note that if you wonna keep on using this program, please buy it.


Meta Master 2000


Well, Since I've written this tutorial, I checked the website again and I found a new version of META MASTER, I've cracked it by a M8, and I saw that the registration proces was diferent, so here we go (again).
Assuming that you already D/L and installed this program, you would like the FULL version for removing that anoying banner, and to make the first option work. So, what do we do? Let's check in which language it's written.
Right, check it in HIEW (Tip: Make a shortcut in your WINDOWS\SEND TO directory). Go to the dir. Where Meta Master is installed, and click on it, right click, Send to --> HIEW. What do we see?
Well, we see the program isn't encrypted or packed, and we see it's written in VB (U should see the reference to MSVBVM50.DLL --> this stands for VB 5.0).
So, already 2 choices about how to crack: SoftICE or Smartcheck. Because I've not seen so many tutorials about Smartcheck, I'm writing one. So, here we go.

Open Smartcheck, and let the program load (F5)
It will take a while, so let it go. I'll be back when it's done (I wont breakfast!! NOW). When it's done you'll see Meta Master Pops up.
Try to register it. It doesn't work?

Damn, it needs to be cracked.

Close META MASTER, and then I'll be back of breakfast. I yust dressed up and looked at my PC, It was ready, so breakfast can wait, and here we go again.

We see, after long waiting: (Left side):


Green bar at top
Blue bar under it
Form1 (Fomr) created
+Form1_Load
+Picture1 (1)_MouseMove
+Picture1 (1)_MouseMove
+Picture1 (1)_MouseMove
+Picture1 (1)_MouseMove
+Picture1 (1)_MouseMove
+Picture1 (1)_MouseMove
+Picture1 (1)_MouseMove
+Timer1_Timer
+Picture1 (1)_MouseMove
+MnuUnlock_Click
+Timer1_Timer
+CmdRegister_Click

Note that the number of times you see +Picutre1 (1)_MouseMove, depends on the number of times you moved with your cursor over the banner.
We wonna get our serial, so let's see what's in Form1_Load. Click on the "+" and scroll down untill you see all the other items. We need to see this:


Long (0) Integer (0)
Left <-- We need this one!!!!!!
ActiveLock.PropertyChanged
Form1.Caption <-- "Meta Master 2000 - Unregistered" (String)

Well, asuming that you see this code, it isn't really dificult. You should start "Revers engeniering", so we see [Fomr1.Captiona <--].
Well, this is something wich tells us that it isn't registered.
Click on it and you will only see this text in your right window.

[ActiveLock.PropertyChanged] Doesn't give more information. Let's Click on [Left]. Well, what we see here is more interesting:


- string (variant)
- Unsigned Short * * .pbstrVal = 0065F380
o String = 00530C08
o ="CB8C9FBD9FFA537B575601D733606E12ACF597B3"
- Long Lengt = 16 0x00000010

Note that the software number on my computer is: 3336F1577D51B0E6
Well, what would happen if we give the FIRST 16 numbers as serial?
Nothing. Wrong serial. But I gave them in LOWERCASE.
Let's do the same UPPERCASE.

Registration was succesfull. Thank you for supporting our products.

Cool it works.
Click OK and you've got your 100% working program.
Please note that the numbers could be different on each computer.
I'm searching where they get that number, and If I find it, you'll find it on my homepage:
http://move.to/DoB.
If you know, let me know: NEcRO_DoB@ThePentagon.com

Greets, NE©RO.

Ok, that's it for now, cya l8er.
Please mail your comments and remarks to: NEcRO_DoB@ThePentagon.com. You can find me on EFNET in #C.i.A and #DREAD as NEcRO or Natazzz

Thnx to: tKC for his wonderfull tutor's, NaShA (xxx), SuPeRio®, PfH, DoBuTiL, G-Force, Northpole, everybody of CiA & DREAD.

Download some cracking tools here:
http://HarvestR.cjb.net
http://move.to/DoB

I hope you enjoyed this tutorial as much as I did...

Cya in my next tutorial.
We're small, but we're everywhere. [DoB]

 

Disclaimer notice

DREAD is NOT responsible for any abuse of the information we provide. Members of DREAD don't crack to get programs registered. As a matter of fact, we don't crack at all, since we are reverse engineers. Our only objective is to further our knowledge. If you want to use a program you reversed, you have to buy it!

 
This essay is © copyright 1999 by NECRO'99.

RE Lab Essay Overview Coding Lab Essay Overview

Main Reverse Engineering Lab Coding Lab The Guide Resources Search

erator()
{
}

TextField nameText;
TextField codeText;
Label label1;
Label label2;
}
------------------------End Code------------------------

Ok fire up the program enter the yes button enter your name
Enter your calculated code and it's registered.
For the lazy people:
Name: Rhytm [Dread]
Code: 8973

Conclusion

So what was different in this program.
We now know why the breakpoint on the comparestring was useless.
The strings don't get compared.
The program checks if the difference between the codes is larger then 3 :)

Well that was all folks, sorry for my bad English.
And sorry for the messy way of writing this tutor.
I'll write a better one later.

Questions, Comments and Money can be send to:
Rhytm@Newmail.net or ICQ me at 16549991

 

Disclaimer notice

DREAD is NOT responsible for any abuse of the information we provide. Members of DREAD don't crack to get programs registered. As a matter of fact, we don't crack at all, since we are reverse engineers. Our only objective is to further our knowledge. If you want to use a program you reversed, you have to buy it!

 
This essay is © copyright 1999 by Rhytm.

RE Lab Essay Overview Coding Lab Essay Overview

Main Reverse Engineering Lab Coding Lab The Guide Resources Search

E="Arial,Helvetica">