Table of Contents
Shortnote
Acorn is a graphics drawing program (we're not even sure what we should say about it because Gimp is free and is more feature packed and if you really want to pay, you could just save up and buy PhotoShop) for babies. The trial is a fully functional demo with the following protections and annoyances:
- The application preference pane has a register option.
- The menu-bar contains an item called
Purchase. - After the 30-day trial any new image created has a watermark overlayed (with a "ps. the watermark will not affect your saved images" - thank you, less work).
- The application is paved with calls to their website - make sure you use a firewall (or
LitteSnitch) to block any outgoing connections.
We can remove all these annoyances and turn the application into a fully registered application.
Registration Preference Button
The registration preference button can be eliminating by simply noping the _FMAddToolbarItem call at 0x1000c4e9a:
0000001000c4e86 488D354B732700 lea rsi, qword [ds:cfstring_Registration] ; @"Registration" 00000001000c4e8d 4C89F2 mov rdx, r14 00000001000c4e90 4C89F1 mov rcx, r14 00000001000c4e93 4C8B45B0 mov r8, qword [ss:rbp-0x70+var_32] 00000001000c4e97 4531C9 xor r9d, r9d 00000001000c4e9a E88DDB0B00 call _FMAddToolbarItem_100182a2c
and replaced with a nop sledge:
00000001000c4e86 488D354B732700 lea rsi, qword [ds:cfstring_Registration] ; @"Registration" 00000001000c4e8d 4C89F2 mov rdx, r14 00000001000c4e90 4C89F1 mov rcx, r14 00000001000c4e93 4C8B45B0 mov r8, qword [ss:rbp-0x70+var_32] 00000001000c4e97 4531C9 xor r9d, r9d 00000001000c4e9a 90 nop 00000001000c4e9b 90 nop 00000001000c4e9c 90 nop 00000001000c4e9d 90 nop 00000001000c4e9e 90 nop
Purchase Menu
The purchase menu item can be eliminated by noping the insertItem_atIndex call at 0x10000cc0c:
====== B E G I N O F P R O C E D U R E ======
; Basic Block Input Regs: rdi - Killed Regs: rax rbx
methImpl_TSAppDelegate_checkPurchaseMenu:
000000010000cb67 55 push rbp
...
000000010000cc0c 488B35D5123100 mov rsi, qword [ds:objc_sel_insertItem_atIndex_] ; @selector(insertItem:atIndex:)
...
and replaced with the following nop sledge:
000000010000cc0c 90 nop ; @selector(insertItem:atIndex:) 000000010000cc0d 90 nop 000000010000cc0e 90 nop 000000010000cc0f 90 nop 000000010000cc10 90 nop 000000010000cc11 90 nop 000000010000cc12 90 nop
Remove Watermark
The watermark can be eliminated by attacking the objc_sel_drawWatermarkIn_withRect_ call which occurs twice at 0x1000442d4, respectively 0x100158923.
First time in the _drawRect_ method:
====== B E G I N O F P R O C E D U R E ======
; Basic Block Input Regs: rdi - Killed Regs: r13 r14
methImpl_TSCanvas_drawRect_:
00000001000430ba 55 push rbp
...
0000000100044299 757B jne 0x100044316
and replaced with a jmp over the entire logic:
0000000100044299 E978000000 jmp 0x100044316 000000010004429e 90 nop 000000010004429f 90 nop
Second time in newBitmapContextWithFilterResult with a jmp over the call to draw the watermark at the end of the method:
====== B E G I N O F P R O C E D U R E ======
; Basic Block Input Regs: rdi - Killed Regs: rax rbp rsi rdi r15
methImpl_RSImageFilterWindowController_newBitmapContextWithFilterResult:
000000010015869d 55 push rbp
...
000000010015890f 488B3592C41C00 mov rsi, qword [ds:objc_sel_demoMode] ; @selector(demoMode)
0000000100158916 488B3DDBDC1C00 mov rdi, qword [ds:0x1003265F8]
000000010015891d FFD3 call rbx
000000010015891f 84C0 test al, al
0000000100158921 7436 je 0x100158959
the je replaced with:
0000000100158921 E933000000 jmp 0x100158959 0000000100158926 90 nop 0000000100158927 90 nop 0000000100158928 90 nop 0000000100158929 90 nop
That's it for version 3.5. We uninstalled it, the application is pointless... Seriously. Fifty dalla? Really? Heck.
For the contact, copyright, license, warranty and privacy terms for the usage of this website please see the contact, license, privacy, copyright.