• Cracking DOS software

    From AKAcastor@21:1/162 to All on Thu Apr 4 11:36:10 2024
    Anybody interested in cracking DOS (or other) software?

    I have done some reverse engineering work and have some familiarity with software disassembly, so I've been poking at some DOS programs for fun and created a few cracks and keygens. One of the most fun has been a keygen for Buccaneer (door game) - my interested was sparked by a post on reddit:
    https://www.reddit.com/r/bbs/comments/1b626zo/curious_if_anyone_remember_my_fathers_door_game/

    If anybody else is interested in cracking some old software, I would love to swap notes and have some discussion.

    It's certainly interesting seeing the different levels of protection in various software - sometimes it is pretty easy to find and disable the registration check, or to write a simple keygen. Sometimes there are multiple layers of obfuscation and anti-disassembly and anti-debugging techniques. It's hard to predict what to expect!

    I started looking at the EZ-ROM door, and wow it has layers of protection that I hadn't expected to see. Self-modifying code, overlapping code segments, some pretty significant obfuscation. I spent a few hours stepping through code in DOSBox-X debugger and loading decrypted code segments into IDA, which got me to the subroutine that reads EZROM.KEY, but haven't worked out any idea of what it's doing with it yet.

    It looks like EZ-ROM is written in Turbo Pascal, I wonder if this protection is part of the Pascal code or if it is a wrapper around a compiled program. I would imagine there's heavy use of assembler to implement the anti-disassembly/anti-debugging/obfuscation. (just thinking out loud)


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From Roon@21:4/148 to AKAcastor on Thu Apr 4 21:51:04 2024
    Hello AKAcastor,

    04 Apr 24 11:36, you wrote to All:

    Anybody interested in cracking DOS (or other) software?

    i really like to watch videos of Robin @ 8-bit show and tell, who cracks and disassembles commodore vic20/64 software and explains what's happening.
    altough i've never tried.

    I have done some reverse engineering work and have some familiarity
    with software disassembly, so I've been poking at some DOS programs
    for fun and created a few cracks and keygens. One of the most fun has
    been a keygen for Buccaneer (door game) - my interested was sparked by
    a post on
    reddit: https://www.reddit.com/r/bbs/comments/1b626zo/curious_if_anyon e_remember_my_fathers_door_game/

    yeah you got some "colds and hots" in the DOORGAMES ;)

    Regards,
    --
    dp

    telnet://bbs.roonsbbs.hu:1212 <<=-

    ... Uptime: 6d 6h 57m 42s
    --- GoldED/2 1.1.4.7+EMX
    * Origin: Roon's BBS - Budapest, HUNGARY (21:4/148)
  • From Nightfox@21:1/137 to AKAcastor on Thu Apr 4 13:02:07 2024
    Re: Cracking DOS software
    By: AKAcastor to All on Thu Apr 04 2024 11:36 am

    Anybody interested in cracking DOS (or other) software?

    I have done some reverse engineering work and have some familiarity with software disassembly, so I've been poking at some DOS programs for fun and created a few cracks and keygens. One of the most fun has been a keygen for Buccaneer (door game) - my interested was sparked by a post on reddit:

    Old DOS software has been around long enough that I'd be surprised if there weren't already some cracks and keygens for a lot of it.. I think you'd have to know where to look. Years ago I was aware of some groups of people who were doing that and releasing their cracks and keygens, and I imagine a lot of that may still be around, and may be hidden from the usual search engines online.

    Also I thought there was already a key generator released for Buccanneer? I remember seeing some posts here and on Reddit about that recently, from the son of the developer of Buccaneer, and I thought he said he himself released a key generator that he reverse-engineered?

    Nightfox
    --- SBBSecho 3.20-Linux
    * Origin: Digital Distortion: digdist.synchro.net (21:1/137)
  • From AKAcastor@21:1/162 to Roon on Thu Apr 4 13:31:44 2024
    i really like to watch videos of Robin @ 8-bit show and
    tell, who cracks and disassembles commodore vic20/64
    software and explains what's happening.
    altough i've never tried.

    I haven't watched 8-Bit Show and Tell before, looks like a great youtube channel!

    Recently I came across solutions to the +HCU 1999 Strainer - a set of challenges from the 'cracking university' +HCU - it's great information. Several writeups from different people working through a few challenges. These writeups are an amazing source of information about how to reverse engineer DOS software.

    I was looking for a working crack for Terminate 5.0, which led me to the +HCU strainer solutions - it turns out that cracking Terminate was one of the challenges! Spath's solution included assembly source, so I built that and have a working crack. More fun than just downloading a .exe, way easier than doing the reverse engineering work! :)

    A mirror of the +HCU 1999 Strainer solutions: https://www.darkridge.com/~jpr5/mirror/fravia.org/99solu/soluhtm.htm

    The comments and solutions from each of the participants are full of detailed technical information and techniques.

    yeah you got some "colds and hots" in the DOORGAMES ;)

    Yeah... yeah.


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From AKAcastor@21:1/162 to Nightfox on Thu Apr 4 14:05:28 2024
    Old DOS software has been around long enough that I'd be
    surprised if there weren't already some cracks and
    keygens for a lot of it.. I think you'd have to know
    where to look. Years ago I was aware of some groups of
    people who were doing that and releasing their cracks
    and keygens, and I imagine a lot of that may still be
    around, and may be hidden from the usual search engines online.

    For sure there are TONS of cracks and keygens out there, and I think you're right that a lot may be hidden from the usual search engines online.

    I know of multiple BBSes with large collections, I'm not sure how much overlap there is between them so it's sometimes hard to know when to stop searching. Titantic BBS has a great collection.

    The last couple programs I worked on were by request, so at least a couple of us spent a bit of time searching for available cracks before I dug into the code.

    Also I thought there was already a key generator
    released for Buccanneer? I remember seeing some posts
    here and on Reddit about that recently, from the son of
    the developer of Buccaneer, and I thought he said he
    himself released a key generator that he reverse-
    engineered?

    I wrote that keygen and posted it in the thread created by the son of the developer of Buccaneer.

    The reddit post: https://www.reddit.com/r/bbs/comments/1b626zo/curious_if_anyone_remember_my_fathers_door_game/

    Since then, he (graffd03 on reddit - son of the developer of Buccaneer) has called my BBS (another.tel) a few times and played Buccaneer. There's an active game going with at least a couple of us playing daily. It's a fun game - though your ship may spend significant time on the bottom of the sea, depending on your luck!


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From Nightfox@21:1/137 to AKAcastor on Thu Apr 4 15:08:36 2024
    Re: Cracking DOS software
    By: AKAcastor to Nightfox on Thu Apr 04 2024 02:05 pm

    I wrote that keygen and posted it in the thread created by the son of the developer of Buccaneer.

    Ah, although that was fairly recent, I must have forgotten it was you. :)

    Since then, he (graffd03 on reddit - son of the developer of Buccaneer) has called my BBS (another.tel) a few times and played Buccaneer. There's an active game going with at least a couple of us playing daily. It's a fun game - though your ship may spend significant time on the bottom of the sea, depending on your luck!

    That's cool. :) I've added it to my BBS too.

    Nightfox
    --- SBBSecho 3.20-Linux
    * Origin: Digital Distortion: digdist.synchro.net (21:1/137)
  • From AKAcastor@21:1/162 to Nightfox on Thu Apr 4 15:23:22 2024
    Since then, he (graffd03 on reddit - son of the developer of Buccaneer) has called my BBS (another.tel) a few times and played Buccaneer. There's an active game going with at least a couple of us playing daily. It's a fun game - though your ship may spend significant time on the bottom of the sea, depending on your luck!

    That's cool. :) I've added it to my BBS too.

    Have you played the game much? I am curious if you've noticed some minor issues with the screen being cleared before messages are readable. An example: in case of a mutiny, I have to look in the log to see what happened. The message disappears from the screen as soon as it's printed. It's like a 'press enter' prompt is missing, or maybe the message was supposed to be timed and it's too fast now.

    I'm curious if you've noticed the same minor issues or if it may be something in my setup.


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From Nightfox@21:1/137 to AKAcastor on Thu Apr 4 16:44:21 2024
    Re: Cracking DOS software
    By: AKAcastor to Nightfox on Thu Apr 04 2024 03:23 pm

    Have you played the game much? I am curious if you've noticed some minor issues with the screen being cleared before messages are readable. An

    I haven't played it much, but maybe I should. I'm also running my BBS in Linux, using dosemu2 to run DOS doors, and I'm not sure if that would make a difference (compared to using dosemu 1.4 or running in Win32 or an old-school DOS machine).

    Nightfox
    --- SBBSecho 3.20-Linux
    * Origin: Digital Distortion: digdist.synchro.net (21:1/137)
  • From paulie420@21:2/150 to AKAcastor on Thu Apr 4 18:09:35 2024
    Anybody interested in cracking DOS (or other) software?

    It's certainly interesting seeing the different levels of protection in various software - sometimes it is pretty easy to find and disable the registration check, or to write a simple keygen. Sometimes there are multiple layers of obfuscation and anti-disassembly and anti-debugging techniques. It's hard to predict what to expect!

    While I don't have the technical skills to perform the work, I've enjoyed watching you dig in and release SEVERAL great cracks/keygens!

    I particularly love that you did a submission of mine, TERMINATE 5.00 - there was never a decent keygen for version 5; I'll be trying it out soon and hopefully will be able to use it as a terminal. It was great back then, and I used to have to reinstall it every 31 days. :/

    I know lots of people that would love to watch a video of the methods and talking thru a crack - dunno if yer photogenic but you should make some YT videos; I'd be a subscriber!!



    |07p|15AULIE|1142|07o
    |08.........

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: 2o fOr beeRS bbS>>20ForBeers.com:1337 (21:2/150)
  • From Cozmo@21:3/135 to AKAcastor on Thu Apr 4 21:43:24 2024
    Can you do one for Iron Ox? The one that's out there dosen't work for many people and you have to run the keygen .exe on a 64bit windows machine. I have no idea why.

    |02-=|10Cozmo|02=-

    ... Some people have no idea what they're doing, and are really good at it!

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: Lunatics Unleashed BBS (21:3/135)
  • From Exodus@21:1/144 to Akacastor on Thu Apr 4 21:55:31 2024
    It looks like EZ-ROM is written in Turbo Pascal, I wonder if this protectio is part of the Pascal code or if it is a wrapper around a compiled program. would imagine there's heavy use of assembler to implement the an i-disassembly/anti-debugging/obfuscation. (just thinking out loud)

    You'll be my hero if you can get a key for 2.20b :)

    ... Press [ESC] to detonate or any other key to explode

    --- Renegade v1.35/DOS
    * Origin: The Titantic BBS Telnet - ttb.rgbbs.info (21:1/144)
  • From Warpslide@21:3/110 to AKAcastor on Thu Apr 4 22:31:40 2024
    On 04 Apr 2024, paulie420 said the following...

    Anybody interested in cracking DOS (or other) software?

    While I don't have the technical skills to perform the work, I've enjoyed watching you dig in and release SEVERAL great cracks/keygens!

    I don't have these technical skills to do this either. Has anyone ever found a working keygen for Bluewave offline mail reader (both DOS & 386)? I've found serial numbers for the DOS version which I've used when playing around with them, but never a keygen.


    Jay

    ... Did you know that dolphins are just gay sharks?

    --- Mystic BBS v1.12 A49 2023/04/30 (Linux/64)
    * Origin: Northern Realms (21:3/110)
  • From AKAcastor@21:1/162 to Paulie420 on Thu Apr 4 20:47:40 2024
    I particularly love that you did a submission of mine,
    TERMINATE 5.00 - there was never a decent keygen for
    version 5; I'll be trying it out soon and hopefully will
    be able to use it as a terminal. It was great back then,
    and I used to have to reinstall it every 31 days. :/

    I hope it works! :) I tried it here and it seems to work fine, other than showing random characters instead of your name in the registration information - I think that's purely cosmetic, and is mentioned as a side effect of this keygen technique in the writeup from Spath. It's so neat to be able to find and rebuild an old keygen like this!

    I know lots of people that would love to watch a video
    of the methods and talking thru a crack - dunno if yer
    photogenic but you should make some YT videos; I'd be a
    subscriber!!

    This kind of content is interesting to me, too. I haven't done any coding videos - it's an interesting idea to try, I am also hoping to put together some writeups, but it's always easier to plan to do it later than it is to actually get it done.


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From AKAcastor@21:1/162 to Cozmo on Thu Apr 4 21:14:22 2024
    Can you do one for Iron Ox? The one that's out there
    dosen't work for many people and you have to run the
    keygen .exe on a 64bit windows machine. I have no idea
    why.

    I see there's a reddit post from the last day or so:

    https://www.reddit.com/r/bbs/comments/1bv7p2b/any_bbss_with_active_iron_ox_games/

    It looks like there's been updates in the past couple hours that the keygen has been figured out to be working?

    If there's still issues I'm interested in taking a look. Nice of Deuce to share oxgen.c!


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From AKAcastor@21:1/162 to Exodus on Thu Apr 4 21:21:14 2024
    It looks like EZ-ROM is written in Turbo Pascal, I
    wonder if this protectio
    is part of the Pascal code or if it is a wrapper
    around a compiled program.
    would imagine there's heavy use of assembler to implement the an i-disassembly/anti-debugging/obfuscation. (just thinking out loud)

    You'll be my hero if you can get a key for 2.20b :)

    I thought "EZ-ROM, that sounds like it should be an easy crack!" and then I ran it in debugger and opened it in disassembler and OH BOY it's a doozy! :)

    It's more challenging than other software I've cracked, so I don't know how long it will take to work my way through it or if it will be too frustrating. I did make some progress in following the code in debugger, but I'm not sure how many more layers of obfuscation to expect. I'm learning on the job here! :)


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From AKAcastor@21:1/162 to Warpslide on Thu Apr 4 21:32:42 2024
    Has anyone ever found a working keygen for Bluewave
    offline mail reader (both DOS & 386)? I've found serial
    numbers for the DOS version which I've used when playing
    around with them, but never a keygen.

    I just checked and I am using:

    Name: NoBoDy!
    Number: ii47j56n

    Which you might recognize from the serial numbers you've already found - I definitely pulled this one out of an archived list. So I guess I haven't seen a keygen either.

    I'll take a look!


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From fusion@21:1/616 to AKAcastor on Fri Apr 5 01:38:18 2024
    On 04 Apr 2024, AKAcastor said the following...

    Has anyone ever found a working keygen for Bluewave
    offline mail reader (both DOS & 386)? I've found serial
    numbers for the DOS version which I've used when playing
    around with them, but never a keygen.

    I just checked and I am using:

    Name: NoBoDy!
    Number: ii47j56n

    Which you might recognize from the serial numbers you've already found -
    I definitely pulled this one out of an archived list. So I guess I haven't seen a keygen either.

    run the door in dosbox with those codes, then MEMDUMPBIN 0:0 640000 or whatever and find where they are in memory (or just search around in the debugger itself) then change the NoBoDy! part and then MEMDUMPBIN again the next run and see what the memory area the ii.. part used to be in changes to? that's how i used Arrowbridge I and II & Betrayal of the Obsidian Baboon to keygen themselves. i would find the old code in memory twice, and then the second run the second spot would have the new code in it for the new sysop/bbs name..

    if it's consistent between dosbox debugger runs you can put a breakpoint on the memory location the KEY file for that other program is read to. would put you right where you want to be. i tried putting random data into EZROM.KEY and it seems to be sensitive to the length of data provided.. should give you an idea of approximately what length the data should be. just make it something you can easily recognizing looking at the memory. 000011112222 or whatever.

    i like cracking stuff too but the only keygen i made was for LORD 2 .. even though there's a few different ones out there it's still a fun one to work through

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/32)
    * Origin: cold fusion - cfbbs.net - grand rapids, mi (21:1/616)
  • From paulie420@21:2/150 to AKAcastor on Thu Apr 4 22:17:05 2024
    I hope it works! :) I tried it here and it seems to work fine, other
    than showing random characters instead of your name in the registration information - I think that's purely cosmetic, and is mentioned as a side effect of this keygen technique in the writeup from Spath. It's so neat to be able to find and rebuild an old keygen like this!

    It was really neat to read his writeup - and I appreciate the effort. I'll be testing and will report if I don't have to re-install after 30 days. :P Hopeful!!

    I'm just st0ked that we have new and m0re eyes on these topics in 2024, dude!! Can you believe it???

    This kind of content is interesting to me, too. I haven't done any
    coding videos - it's an interesting idea to try, I am also hoping to put together some writeups, but it's always easier to plan to do it later
    than it is to actually get it done.

    The technology is a bit of a barrier, but once you get thru that dude - just press record... there are nerds that would love to hang out.

    If you ever want to collab or work learning HOW to record and present the data - I'm yer huckleberry.

    We can load up zoom and go to town.



    |07p|15AULIE|1142|07o
    |08.........

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: 2o fOr beeRS bbS>>20ForBeers.com:1337 (21:2/150)
  • From AKAcastor@21:1/162 to Warpslide on Thu Apr 4 23:54:06 2024
    I don't have these technical skills to do this either.
    Has anyone ever found a working keygen for Bluewave
    offline mail reader (both DOS & 386)? I've found serial
    numbers for the DOS version which I've used when playing
    around with them, but never a keygen.

    Brief update: I have found the subroutine used to calculate key for the DOS 16 bit Blue Wave mail reader, so am pretty close to writing a keygen. It's a couple hundred lines of assembly to convert - not a huge job, but was time for me to take a short break and refresh my drink.

    In the meantime, using the technique fusion suggested:

    For the DOS 16-bit Blue wave mail reader 2.30
    Warpslide
    6DD6A88W


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From AKAcastor@21:1/162 to Fusion on Fri Apr 5 00:01:16 2024
    run the door in dosbox with those codes, then MEMDUMPBIN 0:0 640000 or whatever and find where they are in memory (or just
    search around in the debugger itself) then change the
    NoBoDy! part and then MEMDUMPBIN again the next run and
    see what the memory area the ii.. part used to be in
    changes to? that's how i used Arrowbridge I and II &
    Betrayal of the Obsidian Baboon to keygen themselves. i
    would find the old code in memory twice, and then the
    second run the second spot would have the new code in it
    for the new sysop/bbs name..

    Good technique! Can confirm it works on DOS 16-bit Blue Wave mail reader. With a breakpoint after the registration check, the valid key can be read from the stack.


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From Exodus@21:1/144 to Akacastor on Fri Apr 5 06:13:33 2024
    how many more layers of obfuscation to expect. I'm learning on the job her

    haha, good luck!

    ... History books which contain no lies are extremely dull.

    --- Renegade v1.35/DOS
    * Origin: The Titantic BBS Telnet - ttb.rgbbs.info (21:1/144)
  • From Exodus@21:1/144 to Akacastor on Fri Apr 5 06:14:22 2024

    I just checked and I am using:

    Name: NoBoDy!
    Number: ii47j56n

    Which you might recognize from the serial numbers you've already found - I definitely pulled this one out of an archived list. So I guess I haven't s a keygen either.

    I might have one over here ... take a look, maybe save you from this and keep you on ez-rom. hahah

    ... When the going gets tough, most people leave

    --- Renegade v1.35/DOS
    * Origin: The Titantic BBS Telnet - ttb.rgbbs.info (21:1/144)
  • From Warpslide@21:3/110 to AKAcastor on Fri Apr 5 07:25:26 2024
    On 04 Apr 2024, AKAcastor said the following...

    Has anyone ever found a working keygen for Bluewave
    offline mail reader (both DOS & 386)?

    Brief update: I have found the subroutine used to calculate key for the DOS 16 bit Blue Wave mail reader, so am pretty close to writing a
    keygen. It's a couple hundred lines of assembly to convert - not a huge job, but was time for me to take a short break and refresh my drink.

    In the meantime, using the technique fusion suggested:
    For the DOS 16-bit Blue wave mail reader 2.30

    Warpslide
    6DD6A88W

    Well this is just awesome, thank you! :)

    *great gatsby cheers gif*


    Jay

    ... Why's the third hand on the watch called the second hand?

    --- Mystic BBS v1.12 A49 2023/04/30 (Linux/64)
    * Origin: Northern Realms (21:3/110)
  • From Spectre@21:3/101 to AKAcastor on Sat Apr 6 02:55:00 2024
    It looks like EZ-ROM is written in Turbo Pascal, I
    wonder if this protectio is part of the Pascal code or if it is a
    wrapper around a compiled program. would imagine there's heavy use

    Been an awfully long time since I looked at TP5, but I have recollections of
    it being able to produces two versions of a binary, one of which was either compressed or wrapped somehow.

    Spec

    PS: I could use a key for SuperBBS 1.17-3, I had the authors turn up
    but they've long lost the source code.


    *** THE READER V4.50 [freeware]
    --- SuperBBS v1.17-3 (Eval)
    * Origin: A camel is a horse designed by a committee. (21:3/101)
  • From AKAcastor@21:1/162 to Warpslide on Fri Apr 5 12:51:36 2024
    BW23-KEY.ZIP is available on Another Millennium BBS (another.tel port 23) in file area 4 (cracks).


    The readme:

    ------------------------------------------------------------------------------- Blue Wave Mail Reader 2.30 DOS & 386 KEYGEN by akacastor 2024-04-05 -------------------------------------------------------------------------------

    There have been keys for this version of Blue Wave for many years,
    but we wanted a keygen too. Now we have one.

    Greetings to Warpslide and everyone on fsxNet!

    -------------------------------------------------------------------------------

    usage: BW23-KEY <Name>

    -------------------------------------------------------------------------------
    T H E @ ############
    @ @ #### ### Blue Wave Mail Reader DOS 16-bit 2.30 @@@ ### #### KEYGEN by akacastor 2024-04-05 @@ @@@@ @@ ### ####
    @@@ @@ @@ ### ###
    @@ @@@@ @@ ### ####
    @@ @@ @ @@ ### ###
    @ @@ @@ @ ### ####
    @ @@ @@ @@@@########## Name: Mail Reader @ @@ @@ @@@@@@ ###
    @ @@ @@@@@@ @ ### Key: 2mbn759m [2.30/DOS] @ @@ @@@@@@ @ #M# Key: fmj2ea9m [2.30/386 (DOS)] @ @@@@@@ @@ @ #t#
    @@ @@@@ @@ @@ #M#
    @@@@@ @@@@ ###
    @@@ @@@ @@ ###
    @@@ @@ @@@@@@@@ @@@ #####
    @@ @@ #########
    @@ @@
    @ @ C L A S S
    guess what... 1994, 2024, your shit's still getting cracked.
    it's just now more of a philanthropic move instead of an anarchist one


    Chris/akacastor


    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From AKAcastor@21:1/162 to Spectre on Fri Apr 5 13:42:22 2024
    Been an awfully long time since I looked at TP5, but I have recollections of it being able to produces two versions of a binary, one of which was either compressed or wrapped somehow.

    I haven't actually used TP5, it's gonna be interesting learning all these compiler quirks.

    PS: I could use a key for SuperBBS 1.17-3, I had the authors turn up
    but they've long lost the source code.

    Just took a quick look at SuperBBS, I think it looks doable. Will dig into it a bit more.


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From Cozmo@21:3/135 to AKAcastor on Fri Apr 5 20:09:03 2024
    I have no idea how to use that key

    |02-=|10Cozmo|02=-

    ... User Error: Replace user and hit any key to continue...

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: Lunatics Unleashed BBS (21:3/135)
  • From AKAcastor@21:1/162 to Cozmo on Fri Apr 5 17:38:10 2024
    I uploaded OXGEN-AP.ZIP to file area 4 (cracks) on another.tel. It's Deuce'soxgen.c file from gitlab.synchro.net compiled for 16-bit DOS.


    Chris/akacastor

    ------------------------------------------------------------------------------- oxgen - Keygen for Iron Ox - by deuce - compiled by akacastor 2024-04-05 -------------------------------------------------------------------------------

    from: https://gitlab.synchro.net/main/sbbs/-/blob/master/src/doors/oxgen/oxgen.c

    Compiled for DOS 16-bit using Open Watcom 2.0.

    -------------------------------------------------------------------------------

    example usage:

    C:\CRACKS>OXGEN
    Sysop Name (40 chars max): Sysop
    BBS Name (40 chars max): BBS
    Code: !/\K8(!^%2R#

    -------------------------------------------------------------------------------

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From AKAcastor@21:1/162 to Spectre on Fri Apr 5 22:38:20 2024
    PS: I could use a key for SuperBBS 1.17-3, I had the authors turn up
    but they've long lost the source code.

    I uploaded SBBS-KEY.ZIP to file area 4 (cracks) on Another Millennium BBS (another.tel port 23).

    I can't test it properly as I don't have a SuperBBS system setup. On my system, BBS.EXE crashes if I attempt local login after entering a registration code.

    Is the Beta code also required for this version? I haven't looked into that function.


    Chris/akacastor

    ------------------------------------------------------------------------------- SuperBBS 1.17.3 KEYGEN by akacastor 2024-04-05 -------------------------------------------------------------------------------

    We like keygens! Enjoy!

    -------------------------------------------------------------------------------

    usage: SBBS-KEY "Sysop Name" "BBS Name"

    NOTE - don't forget the quotes around each name!

    -------------------------------------------------------------------------------

    example:

    C:\CRACKS>SBBS-KEY "Sysop Name" "BBS Name"

    T H E @ ############
    @ @ #### ###
    SuperBBS 1.17.3 @@@ ### #### KEYGEN by akacastor 2024-04-05 @@ @@@@ @@ ### ####
    @@@ @@ @@ ### ###
    @@ @@@@ @@ ### ####
    @@ @@ @ @@ ### ###
    @ @@ @@ @ ### ####
    @ @@ @@ @@@@##########
    @ @@ @@ @@@@@@ ###
    @ @@ @@@@@@ @ ###
    @ @@ @@@@@@ @ #M#
    @ @@@@@@ @@ @ #t# Sysop: Sysop Name @@ @@@@ @@ @@ #M#
    BBS: BBS Name @@@@@ @@@@ ### Reg #: 37603203 @@@ @@@ @@ ###
    @@@ @@ @@@@@@@@ @@@ #####
    @@ @@ #########
    @@ @@
    @ @ C L A S S
    guess what... 1994, 2024, your shit's still getting cracked.
    it's just now more of a philanthropic move instead of an anarchist one

    -------------------------------------------------------------------------------


    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From AKAcastor@21:1/162 to AKAcastor on Sat Apr 6 00:09:54 2024
    I uploaded SBBS-KEY.ZIP to file area 4 (cracks) on
    Another Millennium BBS (another.tel port 23).

    I can't test it properly as I don't have a SuperBBS
    system setup. On my system, BBS.EXE crashes if I
    attempt local login after entering a registration code.

    Is the Beta code also required for this version? I
    haven't looked into that function.

    I decided to try something new and took a few minutes to RTFM. According to SDOC117A.ASC I don't think the Beta code should be necessary. (I am curious if there's features it would unlock though?)


    I also found the following in SDOC117A.ASC:

    | As of version 1.15, there is a new security feature build in
    | to SuperBBS. When running a registered version of SuperBBS,
    | you will need to have a valid .SCC file. Without this file
    | your system will not run.
    |
    | Once you have a correct .SCC file, you will NOT need to down-
    | load a newer .SCC file when they come available.
    |
    | When you register, you will get a key and a .SCC file. Check
    | the support nodes for more information on this subject.

    So I guess the SBBS-KEY keygen by itself won't be enough to get SuperBBS to run registered. I will have to dig a bit deeper to figure out the .SCC file. It would be helpful if there are any valid .SCC files I could look at.


    Chris/akacastor


    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From Cozmo@21:3/135 to AKAcastor on Sat Apr 6 11:56:03 2024
    I uploaded OXGEN-AP.ZIP to file area 4 (cracks) on another.tel. It's Deuce'soxgen.c file from gitlab.synchro.net compiled for 16-bit DOS.

    Cool, Thanks! I'll give it a go.

    |02-=|10Cozmo|02=-

    ... A PC a day keeps the Apple away!

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: Lunatics Unleashed BBS (21:3/135)
  • From Cozmo@21:3/135 to AKAcastor on Sat Apr 6 13:29:19 2024
    I uploaded OXGEN-AP.ZIP to file area 4 (cracks) on another.tel. It's Deuce'soxgen.c file from gitlab.synchro.net compiled for 16-bit DOS.

    Worked like a charm! Thanks for compiling it.

    |02-=|10Cozmo|02=-

    ... There are two types of people; those who finish what they start and

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: Lunatics Unleashed BBS (21:3/135)
  • From paulie420@21:2/150 to Warpslide on Sat Apr 6 14:05:06 2024
    Warpslide
    xxxxxxx

    Well this is just awesome, thank you! :)

    Isn't that awesome??? Akacastor has helped me out more than a couple times, too!! :P



    |07p|15AULIE|1142|07o
    |08.........

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: 2o fOr beeRS bbS>>20ForBeers.com:1337 (21:2/150)
  • From Nightfox@21:1/137 to AKAcastor on Sun Apr 7 14:13:57 2024
    Re: Cracking DOS software
    By: AKAcastor to All on Thu Apr 04 2024 11:36 am

    Anybody interested in cracking DOS (or other) software?

    I'm a software engineer, but I've never really looked into reverse-engineering and cracking software. My skills with that are fairly limited, but I think it would be interesteing to do though. I've sometimes looked at executable and other binary files with a hex editor, but I'm not sure what I'd be looking for as far as license and serial number checks and that sort of thing. It's naturally more difficult to reverse-engineer a binary than to look at source code. :)

    Nightfox
    --- SBBSecho 3.20-Linux
    * Origin: Digital Distortion: digdist.synchro.net (21:1/137)
  • From AKAcastor@21:1/162 to Nightfox on Sun Apr 7 15:05:36 2024
    I'm a software engineer, but I've never really looked
    into reverse-engineering and cracking software. My
    skills with that are fairly limited, but I think it
    would be interesteing to do though. I've sometimes
    looked at executable and other binary files with a hex
    editor, but I'm not sure what I'd be looking for as far
    as license and serial number checks and that sort of
    thing. It's naturally more difficult to reverse-
    engineer a binary than to look at source code. :)

    The tools make all the difference! And willingness to trace through assembler code endlessly! :) Some of the disassembly and decompilation tools and debuggers can do a shocking amount of the work in some cases. There's no universal solution, but when it does work it's pretty impressive.

    I love doing hex-edit hacks too. Neat to poke around inside an executable and just paint over some bits to adjust things just so. Another very handy tool is 'strings', to get a list of readable text inside a binary file - great for taking a quick peek.


    Chris/akacastor

    --- Maximus 3.01
    * Origin: Another Millennium - Canada - another.tel (21:1/162)
  • From Spectre@21:3/101 to AKAcastor on Mon Apr 8 07:56:00 2024
    I can't test it properly as I don't have a SuperBBS system setup. On my system, BBS.EXE crashes if I attempt local login after entering a registration code.

    It'll crash and burn if there's no fossil loaded. I don't recall any beta
    code for it. Mines running in DOS virtualbox VMs although it will run in
    DOSBOX too. I'll try sucking it in and see what it does. Ta

    Spec


    *** THE READER V4.50 [freeware]
    --- SuperBBS v1.17-3 (Eval)
    * Origin: A camel is a horse designed by a committee. (21:3/101)
  • From Spectre@21:3/101 to AKAcastor on Mon Apr 8 08:00:00 2024
    | As of version 1.15, there is a new security feature build in | to SuperBBS. When running a registered version of SuperBBS, | you will
    need to have a valid .SCC file. Without this file | your system
    will not run. | | Once you have a correct .SCC file, you will NOT
    need to down- | load a newer .SCC file when they come available. | |
    When you register, you will get a key and a .SCC file. Check | the
    support nodes for more information on this subject.

    Given the rest of the system I'd hazzard a guess its just going to be some
    kind of ASCII file.. but I've never seen one so I have no idea what the contents might have been.

    Spec


    *** THE READER V4.50 [freeware]
    --- SuperBBS v1.17-3 (Eval)
    * Origin: A camel is a horse designed by a committee. (21:3/101)
  • From Nightfox@21:1/137 to AKAcastor on Sun Apr 7 18:31:47 2024
    Re: Cracking DOS software
    By: AKAcastor to Nightfox on Sun Apr 07 2024 03:05 pm

    The tools make all the difference! And willingness to trace through assembler code endlessly! :) Some of the disassembly and decompilation tools and debuggers can do a shocking amount of the work in some cases. There's no universal solution, but when it does work it's pretty impressive.

    Yeah, I guess I'd need to practice a bit to learn more of what to look for. I suppose with dissasembly, you can at least see the CPU instructions being executed and the data it's working with, which would provide some clues about what's going on.

    I love doing hex-edit hacks too. Neat to poke around inside an executable and just paint over some bits to adjust things just so. Another very handy tool is 'strings', to get a list of readable text inside a binary file - great for taking a quick peek.

    I'll have to look into strings. Thanks. :) Sometimes I've used a hex editor to do simple things like replace a string in an executable to make it say something else (and it's cool when the new text is able to fit in what was there before).

    Nightfox
    --- SBBSecho 3.20-Linux
    * Origin: Digital Distortion: digdist.synchro.net (21:1/137)