• wtf (unregistered) in reply to Cuttie McPasty
    Cuttie McPasty:
    - You:
    Andi S.:
    "3773 kr@xx0rs"? Come on, even the MS page does better than that. I believe the correct term is "1337 haxx0r"...

    It's "1337 h4x0r"

    PWND!!!!!111

    it is spelled "pwnt", you n00b!

  • Dark (unregistered)

    Not so long ago installation for a database server decoded from a key how many licences you have. The thing was that I did not had a key with me on a remote office one time and simply left the key field blank during install. Of course installation complain about missing key for a few times after pressing Next button, and then installation asked me how many licences I have (more like want to have), and whatever number I typed he was perfectly happy with it and continue with install. After installation was completed I had as many licences as I wanted.

  • Griglars (unregistered)

    I recall a friend of mine worked in a scholastic environment when the administrative offices upgraded to XP. There's a "password hint" button on that login, and it was policy to make the hint the same as the password. "If you make your hint something other than the password," went the memo, "no one will be able to retrieve it because we are now using Active Directory for all accounts."

    Really? Is the admin for the AD THAT lazy?

    Another was a BBS I was one that after three password tries, you got a popup that said due to failed logins, you password would be changed. You then got a mail that said your passowrd had been changed to the default password, which was your login plus "123" on the end.

    That software was replaced pretty quickly once that hole was found.

  • Ling (unregistered) in reply to wha?
    wha?:
    I can beat this.

    There is a popular application that advertises itself as cross-platform: available for Windows, Mac, and Linux. It's on all 3 platforms for free in try-for-X-days-before-you-buy form; once the X days runs out, it stops working and you have to pony up for a license.

    EXCEPT on the Linux version, that is, where the "copy protection" is (drum roll)... a single file created in a dot directory within your home (i.e. "~/.app-name"). Delete the dot directory, and your trial starts all over again.

    (Name of application omitted to protect the not-so-innocent)

    A famous windows compression utility does the same, but just in the registry. Delete the company key and you have 30 more days.

    PeriSoft:
    The other one was another "line X from the manual" thing. It had a data file it used with all the lines in it, all in binary and messed up - and I'm no real hax0r so I didn't have a clue how to really crack it. So I figured, what the hell, and deleted everything after a certain bit in the data file. The game reacted by skipping the questions entirely - must have been some dev shortcut or something; I can't imagine it just randomly worked.
    Could you share the file & offset? Just going to find the manual is so annoying...
    The MAZZTer:
    I've cracked one program that hit a unix timestamp (of when it was to expire, I guess) in among microsoft keys using a legitimate sounding value name (that changed with each version)... of course if you have a tool that sniffs registry reads and writes it stands out like a sore thumb. Then I just deleted it to reset my trial any time I wanted to.
    I have seen those, and being manually restoring the days, until passed to XP. Now the program can't write to the key so the count will never decrease.
  • Anony (unregistered)

    I got a guy asking if I was jenny. Rather strange. Didn't know anything about a leaglease pro software..

  • Anonymous Coward (unregistered)

    Another story of a terrible security implementation:

    In the mid-nineties, my parents thought that I was spending too much time on the computer, so they wanted to figure out how they could lock it down. The machine was running Windows 95, so the NT locking features weren't available yet.

    They ended up buying and installing a program called Clasp 97 (I believe), which would lock the computer as a full screen application until the correct password was entered.

    The problem was that it didn't start itself before explorer started- I think it just added itself to the normal "Startup" folder. So for ~10-15 seconds while the OS was starting up, you could use the machine until it loaded and locked you out.

    As an enterprising young man, I quickly figured out that I could use that time to rename the application's directory in Program Files, and the shortcut in the startup folder would fail, and I had full access to the machine.

    After that my parents realized that they couldn't keep me off of the computer with a technology solution and I could play all of the Ski Free that I wanted.

  • bull (unregistered)

    ! Legalese Pro License File - Do Not Modify

    Lol. Nice encryption.

  • (cs) in reply to Anonymous Coward

    That seems pretty stressful to me, having to rename a direcotry somewhere. I think you could just press Shift or Ctrl during startup and windows would ignore the startups.

  • 008 (unregistered)

    Obviously the Legalese Pro license file was supposed to have been double-encrypted in ROT13, so n00b users couldn't mess with it...

    CAPTCHA: This would make a better license implementation...

  • (cs)

    Reminds me of the time when I "cracked" DBase III (yes, this was very long ago in a land far, far away) using a debugger. While stepping through the program (in 386 assembler of course), I found a conditional where it tested a register for a value. I changed the value of that register manually to what the conditional was looking for and poof I had a valid license. Ah, the good old days, when men were men and programs crashed in real mode.

  • Alonzo Meatman (unregistered)

    Great WTF!

    The sad part is that, with the draconian DMCA laws being what they are, I bet that this thread breaks the law in that it tells us "how to circumvent copy protection" or some BS like that.

  • Alonzo Meatman (unregistered)

    And could somebody please, for the love of god, tell me why people put CAPTCHA : blah blah blah after their posts?

  • Brady Kelly (unregistered) in reply to Andi S.
    Andi S.:
    "3773 kr@xx0rs"? Come on, even the MS page does better than that. I believe the correct term is "1337 haxx0r"...

    Maybe that's under the Reference License and he's scared of being sued?

  • Brady Kelly (unregistered) in reply to n9ds
    n9ds:
    Reminds me of the time when I "cracked" DBase III (yes, this was very long ago in a land far, far away) using a debugger. While stepping through the program (in 386 assembler of course), I found a conditional where it tested a register for a value. I changed the value of that register manually to what the conditional was looking for and *poof* I had a valid license. Ah, the good old days, when men were men and programs crashed in real mode.

    How many other conditionals did you need to get through?

  • Cloak (unregistered) in reply to Dark
    Dark:
    Not so long ago installation for a database server decoded from a key how many licences you have. The thing was that I did not had a key with me on a remote office one time and simply left the key field blank during install. Of course installation complain about missing key for a few times after pressing Next button, and then installation asked me how many licences I have (more like want to have), and whatever number I typed he was perfectly happy with it and continue with install. After installation was completed I had as many licences as I wanted.

    This reminds me of SQL Server. In the Control Panel you had the so-called Licence Manager with a text field where you enterd just the number you liked. Is this still the same?

  • Cloak (unregistered) in reply to Griglars
    Griglars:
    Really? Is the admin for the AD THAT lazy?

    In Windows/AD you can just re-set the password but in theory nobody can read it because it has been hashed before it was put in the database.

    But, of course, it's not a big deal to reset a pwd. Indeed, a WTF.

  • (cs) in reply to wtf
    wtf:
    Cuttie McPasty:
    - You:
    Andi S.:
    "3773 kr@xx0rs"? Come on, even the MS page does better than that. I believe the correct term is "1337 haxx0r"...

    It's "1337 h4x0r"

    PWND!!!!!111

    it is spelled "pwnt", you n00b!

    pwn that noob with the uber leet hax and the pr0n omg wtf?

    dairy queen?

    ROFLMAO!

    -- Seejay

  • AnonHacker (unregistered) in reply to Lynx@Work
    Lynx@Work:
    A real hacker has too much time on his hands.

    In a word: Yes. Being a real hacker means showing creativity in the usage of technology. You can't do that if you're always under pressure to get some job done as quickly as possible.

  • Random832 (unregistered)

    INVALID CAPTCHA Was: ewww Expected: tastey

  • (cs)

    I can't believe that noone has caught perhaps the biggest WTF^D^D^Dsorry.. err I mean missed opportunity here. Brian is a total luser for not:

    1. Put an answering machine at that phone # with a message instructing Legalese Pro users wishing to renew to Paypal $(fraction of original cost) to [email protected].
    2. Set up an auto responder that observes when a user sends Paypal funds, then emails them the 10 line vbscript that would do essentially what Noah did - change the expiry date to the same day next year.
    3. Profit$$
  • (cs) in reply to Alonzo Meatman
    Alonzo Meatman:
    And could somebody please, for the love of god, tell me why people put CAPTCHA : blah blah blah after their posts?

    It's what happens when really stupid people think they're being clever and witty. Furthermore, since we are talking about stupid people here, once the CAPTCHA-posting becomes an automatic behavior, it's almost impossible to break the conditioning.

  • ViciousPsicle (unregistered)

    I remember the early days of the shareware movement. Most trial period expirations could be circumvented by adjusting the date on the system clock before starting the program, or changing a value in an ini file.

  • - (unregistered) in reply to Zylon
    Zylon:
    Alonzo Meatman:
    And could somebody please, for the love of god, tell me why people put CAPTCHA : blah blah blah after their posts?

    It's what happens when really stupid people think they're being clever and witty. Furthermore, since we are talking about stupid people here, once the CAPTCHA-posting becomes an automatic behavior, it's almost impossible to break the conditioning.

    I don't mind reading it.

    Captcha: dubya, he doesn't like free speech either

  • KM (unregistered) in reply to stiggy

    INVALID CAPATCHA KEY

    Was: WTFCapatcha Expected: dreadlocks

    CAPATCHA: dreadlocks

  • (cs) in reply to Brady Kelly
    Brady Kelly:
    n9ds:
    Reminds me of the time when I "cracked" DBase III (yes, this was very long ago in a land far, far away) using a debugger. While stepping through the program (in 386 assembler of course), I found a conditional where it tested a register for a value. I changed the value of that register manually to what the conditional was looking for and *poof* I had a valid license. Ah, the good old days, when men were men and programs crashed in real mode.

    How many other conditionals did you need to get through?

    One. Well, I had to trace through several (which actually didn't take that long), but only one really mattered.

  • Achibald (unregistered) in reply to tezoatlipoca
    tezoatlipoca:
    I can't believe that noone has caught perhaps the biggest WTF^D^D^Dsorry.. err I mean missed opportunity here. Brian is a total luser for not:
    1. Put an answering machine at that phone # with a message instructing Legalese Pro users wishing to renew to Paypal $(fraction of original cost) to [email protected].
    2. Set up an auto responder that observes when a user sends Paypal funds, then emails them the 10 line vbscript that would do essentially what Noah did - change the expiry date to the same day next year.
    3. Profit$$
    Doing that would be too much, as he doesn't bother any more about it. The WTF is that he gets a call from someone wishing to pay him (he just needs to recalculate a license key) and he doesn't want the money.
  • Barc (unregistered) in reply to Achibald

    I don't know about that. The way I read it was he was very anxious to get off the phone and stop talking about the app, so maybe he was a reseller who "hacked" the license routine to get people using it to call him instead of the author, and maybe the author found out and threatened to sue him into the stone age or something?

  • (cs) in reply to gabba
    gabba:
    That Microsoft leetspeak page is awesome.

    <joke>It's odd that they didn't rebrand it as "New Microsoft Windows Leetspeak, now with security version 1.2" or something.</joke>

    bob the dingo:
    The real WTF is that he's trying to tell me the internet isn't a big room-sized mainframe with blinking lights and green bar paper. Lies, all lies!

    No, d3wd, it doesn't. It actually looks like a blue letter E. Believe me, I saw it with my own eyes.

  • samic (unregistered) in reply to Anonymous Coward
    Anonymous Coward:
    Another story of a terrible security implementation:

    In the mid-nineties, my parents thought that I was spending too much time on the computer, so they wanted to figure out how they could lock it down. The machine was running Windows 95, so the NT locking features weren't available yet.

    They ended up buying and installing a program called Clasp 97 (I believe), which would lock the computer as a full screen application until the correct password was entered.

    The problem was that it didn't start itself before explorer started- I think it just added itself to the normal "Startup" folder. So for ~10-15 seconds while the OS was starting up, you could use the machine until it loaded and locked you out.

    As an enterprising young man, I quickly figured out that I could use that time to rename the application's directory in Program Files, and the shortcut in the startup folder would fail, and I had full access to the machine.

    After that my parents realized that they couldn't keep me off of the computer with a technology solution and I could play all of the Ski Free that I wanted.

    Wouldn't it be faster if you could just hold the shift key when the windows is booting up?

  • Fooindian (unregistered)

    Another good way to avoid tech support for relatives is to ask them if they are running any pirate software (specifically windows or office).

    If they do, I won't help them. Too many stability issues come from the fact that people run pirated copies. I tell them to reinstall using only legal software, and then call me if the problem is still there. They never do.

    If that fails (they are actually paying for their software) I say I have no idea how to solve the problem, I'm a Unix guy.

  • Dan Krüsi (unregistered)

    If only all licesnse keys where handled this way... :)

  • (cs)

    Huh? The REAL WTF is that someone used a program that would lock up important files when a license issue arose.

    IMHO, a tool would have to be pretty amazing to justify taking on that risk with business-critical files.

  • Phr34ker (unregistered)

    I once "cracked" another software in a similar way. I downloaded a demo, and in the license-file, there was a licenseId. I just changed a single character in the string, and suddenly I had the full version of the software.

    if (code == "6fas5df6asd46f653942ljk424j2öj42ds") activateDemoMode(); else runTheFullVersion();

    Not the best way to secure a demo-version...

  • Coyote (unregistered)

    Since we're all relating fun past experiences. Heres my first foray into the seedy underbelly of the cracking scene.

    When I was in HS I liked to mess around with editing and making my own sound effects. To do this I found Cool Edit, a nice audio app that had a somewhat useful shareware version. Now Cool Edit had about 20 different things you could do but the shareware would only allow 2 active per session. While looking around in the hex code with my ever present copy of X-tree Gold I noticed something odd. Mixed in with the random jargon was a odd looking word hojdivad along with a number string, I recognized it was part of the authors name David Johnston. Needless to say I immediately went to the registration screen put in hojdivad and the number and bamph I was now editing with the pros!

  • Stefan W. (unregistered)

    Ha - captcha: pirates!

    In the good old dos days, I had a programm, you could run 15 times. Clever me, I made a backup of the program-folder, but after running 2 times, there was no difference to run it 3 times - even after reboot.

    Now DOS doesn't have a registry, and just very few directories or files to rely on. The Root-Directory, /DOS, and the directory of the program itself.

    Looking for recently changed files nothing showed up. But I knew norton tools allowed to change a files date.

    Made a backup of C:/ and C:/DOS, and found out: C:/command.com differs after running at one byte.

    Having some kind of diff laying around, I recognized: a blank was added to command.com for every run of the program.

    Nice try. Security by obscurity - imagine having hundrets of programms acting that way. :)

    Well - yes - I know - DOS-Slashes are the other way round.

  • Stefan W. (unregistered) in reply to Alonzo Meatman
    Alonzo Meatman:
    And could somebody please, for the love of god, tell me why people put CAPTCHA : blah blah blah after their posts?

    Nobody will tell you the real reason, but you're invited to participate.

    captcha: secret.

  • auouymous (unregistered)

    it's 1337...

    not 3773.

    kthnxbye.

  • (cs) in reply to Barc
    Barc:
    I don't know about that. The way I read it was he was very anxious to get off the phone and stop talking about the app, so maybe he was a reseller who "hacked" the license routine to get people using it to call him instead of the author, and maybe the author found out and threatened to sue him into the stone age or something?
    Sued into the stone age? That's impossible. Get back as far as Cicero, and you run out of lawyers. (Demosthenes and Aeschines were orators, and don't count.)

    I can see you thinking that "running out of lawyers" is a Good Thing. Think again. At that point, they would just peel your skin off, put you in a burlap sack with a fox and a poisonous snake, and throw you into the Tiber.

    They were hard, but fair. If only they'd invented letterheads and fax numbers back then.

  • Pete (unregistered) in reply to Barc
    The way I read it was he was very anxious to get off the phone and stop talking about the app [...]
    Yep. Sounds right so far.
    [...] so maybe he was a reseller who "hacked" the license routine to get people using it to call him instead of the author, and maybe the author found out and threatened to sue him into the stone age or something?
    Much more likely is he's a Shareware developer who programmed the app from his home office. Remember, he answered the phone with just "Hello." He probably only sold 10 copies so canned the project, and received the call just as he was leaving home for a dental appointment or to pick up the kids.

    While the "copy protection" was probably a bit too lenient, I can't call it a WTF. It's a small ISV who sensibly didn't spend too much time on copy protection (just enough to remind the honest folk to register) knowing that however much time you spend on that sort of thing, someone out there will crack it anyway.

  • Mr-B (unregistered)

    I've had a few clients long in the past that lost their keys to a certain MS product but still had the original CD (And a set of floppies too). The funny thing I found out? If you clicked 'Exit', it would just go to the next step and install anyways.

    Was not the first MS product that did that either. A specific OS did the same thing. Clicked the close box, and it went on.

    There have been (And still to this day) plenty of these blunders. It's just the companies with $$$ to throw away make sure they work long enough to give the crackers some fun. Other companies flap their gums that it is unbreakable and end up with crackers doing it in record time.

    Captcha: slashbot - /// / / / /// / / / /// / / / ///

  • Anonymous Pedant (unregistered) in reply to Tom Melly
    Tom Melly:
    I will share with you a great and wonderful secret...

    She: Does this make me look fat? You: Not really. A bit skinny if anything. Like that Kate Moss woman.

    There are two classic trick questions women ask: "Is she prettier than me?" and "Does this make me look fat?". In both cases, the only safe way out is to answer "NO!". Say it loud, say it fast, and DON'T LOOK FIRST.

  • mroblivious1bmf (unregistered)

    YOU fail, douchebag it's 1337 not 7337 or whatever else you come up with! :D

  • opadcbrv (unregistered)

    odoimsyh http://yrykihre.com ulpxspjr jcbpbxad

  • aeylphav (unregistered)

    btnktfey http://czegwkav.com pbxaryrp xzcrpgmy

  • paccqgok (unregistered)

    pseheorz http://lhzoehqb.com mnjuklwq hufprcpg

  • Chris (unregistered)

    Looks like the CAPTCHA isn't working well enough. Strange that the bots are only hitting this article (as far as I've seen).

  • Bob (unregistered)

    I wonder if it's common enough for the CAPTCHA code word to not change often, and for people to put "Captcha: whatever" in their posts, that a bot might scan for those and try them?

    It wouldn't be all that hard to code, and since the people that spam forums clearly aren't deterred by extremely low success rates, then a technique that works even 0.1% of the time probably seems like it would be worth a shot.

  • computerfreaker (unregistered)

    Well, it's 2010 now. Does Noah have another visit with his relative coming up?

Leave a comment on “Classic WTF: Lock In Key Security”

Log In or post as a guest

Replying to comment #:

« Return to Article