You are here: start / cracks / entropy

Shortnote

Entropy 1.5 for OSX is an archive-manager with extensive tools. The downloadable version is a trial that works for 15 days. In order to circumvent the protection, we look at the code responsible for displaying the license window: 

====== B E G I N   O F   P R O C E D U R E ======
 
 
                                       ; Basic Block Input Regs: rax rdi -  Killed Regs: rax rbx rsi rdi r12 r15
                                            methImpl_LicenseWindowController_setupUI:
000000010002342e 55                              push       rbp
000000010002342f 4889E5                          mov        rbp, rsp
0000000100023432 4157                            push       r15
0000000100023434 4156                            push       r14
0000000100023436 4155                            push       r13
0000000100023438 4154                            push       r12
000000010002343a 53                              push       rbx
000000010002343b 50                              push       rax
000000010002343c 4989FF                          mov        r15, rdi
000000010002343f 30C0                            xor        al, al
0000000100023441 E8E3F9FFFF                      call       sub_100022e29
...

The last call triggers a subroutine sub_100022e29 which in turn calls two other subroutines, in order to determine whether the application is registered of not. This is the weakest point of entropy and we can skip over the code that is meant to display the window and nag about registration: 

                                            sub_100022e29:
0000000100022e29 55                              push       rbp                           ; XREF=0x10000ee75, 0x100023441, 0x10002381e
0000000100022e2a 4889E5                          mov        rbp, rsp
0000000100022e2d E8A4FBFFFF                      call       sub_1000229d6
0000000100022e32 E87BFCFFFF                      call       sub_100022ab2
0000000100022e37 88C1                            mov        cl, al
0000000100022e39 B802000000                      mov        eax, 0x2
0000000100022e3e 84C9                            test       cl, cl
0000000100022e40 E91A000000                      jmp        0x100022E5F
0000000100022e45 90                              nop        
0000000100022e46 90                              nop        
0000000100022e47 488B358AC40400                  mov        rsi, qword [ds:objc_sel_intValue] ; @selector(intValue)
0000000100022e4e 4889C7                          mov        rdi, rax
0000000100022e51 FF1529430300                    call       qword [ds:imp___got__objc_msgSend]
0000000100022e57 85C0                            test       eax, eax
0000000100022e59 0F9EC0                          setle      al
0000000100022e5c 0FB6C0                          movzx      eax, al
0000000100022e5f 5D                              pop        rbp                           ; XREF=0x100022e40
0000000100022e60 C3                              ret

The jmp at 0x100022e40 and the succeeding nops make entropy ignore all licensing issues and proceed anyway. That is all that is required.

cracks/entropy.txt ยท Last modified: 2022/04/19 08:28 by 127.0.0.1
You are here: start / cracks / entropy

Access website using Tor Access website using i2p Wizardry and Steamworks PGP Key


For the contact, copyright, license, warranty and privacy terms for the usage of this website please see the contact, license, privacy, copyright.