Back to Main Index
July 1999 - August 1999.
31st July - 31st August
Latest: Hiew 6.2, SoftICE v4.01 (speculative rumour).
Some brief notes about the PDM (Paradigm) games group bust, essentially this just confirms what you probably already knew, PDM released a game and missed the suppliers information which was embedded inside, result - supplier is busted and is then offered a "way out" of thousands of $ of law suits in return for names.....other US PDM members are subsequently busted whereupon several more games publishers decide to join the legal action, you know something, cracking for one of the big 4 games groups right now looks like a hazardous pasttime.
Several good friends of mine have shamelessly requested that I plug their new reversing websites, so here goes, be sure to check out The Hidden's Page (by cTT & zoltan) & NeuRaL_NoiSE's page at neudump.cjb.net (I trust those cheques are in the post guys :-) ). I note also that Aesculapius is re-organising his site somewhat, I recommend you rush over and download the PDF books +he has made available.
Several notable releases, AB4DS has sent me his VbRef program which adds StringRef's to W32Dasm deadlistings of VB5 programs, sadly the subsequent .alf file cannot be re-loaded into W32Dasm so you'll have to use an alternative viewer. NuMega's CodeReview has been updated to v6.12 & BlastSoft ensures the happiness of Rebel's couriers by releasing yet another build of his FlexGen tool. ShareLock v2.11 (1.64Mb) is also released, I don't recall seeing too many programs using it though, besides which all the previous versions required only 1 minute of SoftICE work to locate the incredibly secret key and voila you have a key generator.
Yes, yes, I know it says "updated weekly" and I know I'm light years behind :-), this page is only a news round up not a 0-day "scene site". FrogsICE has now gone to v0.2 beta, looks like an interface overhaul is the main change, LiuTaoTao has also moved TRW onto v0.75, looks like a few bug fixes have been performed but it still bombs on my system :-(.
Another week and you guessed it, another claimed version of SoftICE v4.0, this time from another warez group whose name escapes me right now. The acid test of course is the file comparison between this and the previous version which shows not a single bytes difference, in other words stick with the SoftICE you've got.
As IceDump seems to be under constant enhancement a temporary (soon to be permanent) webpage has been set up by Ghiri, http://icedump.tsx.org is where the latest version should always reside. Now guys hows about adding a facility to attach new dumps to the end of existing ones :-), perhaps even an ability to round an existing file up to a specified alignment value.
WinPatch v1.2.5 (1.18Mb) has been released, this is a pretty competent and easy to use Win32 patch maker, I like it anyhow, sadly any basic patch still carries at least a 60k overhead. You could also use this key generator (35k), but the author of this program does deserve something for his efforts.
Well it seems no-one can get IDA 3.84a or IDA 3.84b cracked properly, it would seem that saved .idb files are corrupted with Eclipse's release, this a pretty good indication of the skill of IDA's author and his keyfile won't be broken in a hurry I can tell you, does anyone else want to enter their crack into the game :-).
23rd July - 30th July
FrogsPrint has released a slightly updated version of his trademark FrogsICE (v0.15 adds support for the well-known MeltICE detection). Download it here (18k).
The_Owl has once again been busy with IceDump (still beta 5), here (28k) is a very updated version (released yesterday) which supports all v3.22-v4.0 versions of WinICE, 3 other things are perhaps worth mentioning:-
Firstly this release now includes an automated patcher, ideal for the lazy ones amongst you :), there are also 2 significant functionality improvements, the first is the ability to ASCII dump a SoftICE screen which will then be formatted either raw or in fetching HTML. One note regarding thread/process suspension, this directly from The_Owl.
"there are 2 subcommands for suspension, one is able to suspend the current thread BUT it also exits Winice, the other isn't and doesn't, one thing is common though: If you want Winice to break in the suspended thread when you resume it YOU have to manually set a BPX before suspension, my commands won't do it automatically for you, for various reasons".
Hiew v6.15 (328k) by SEN Kemerevo (hi!) is now available, this superb HEX editor is now shareware and if there is any justice in this world then this is one Russian who ought to be well rewarded for his efforts. Like most Russians SEN has also learnt how to protect his program. egis (who seems to be making a career out of breaking RSA 64/256) has produced a keyfile generator (13k), now if you choose to use this please at least send a token of your appreciation (even if its not the full registration fee).
IDA v3.84b (really IDA v3.84a + an update) has finally made it to the scene, although I'd always assumed that warez releasing of IDA was never done (out of respect). At 16-17Mb's I'm not prepared to upload it here or link too it, if you really need it you know where I am :).
Again on a more concealed note, I've received 2 more dongle utilities, Haspgrab by Dmitry Konorev is a HASP dongle memory dumper/writer, in fact my preliminary disassembly reveals nothing extraordinary about this one. By a roundabout route I've also received Safesoft Systems SSI dongle emulator which seems to work on remarkably the same principles as my own HASPKill, I'll probably add the preliminary results of testing next week sometime. If you are a recognised reverser these utilities can happily be yours :).
BlastSoft has graced us yet again with another version of his FlexLM license generator (3.14Mb), I can't tell you much about enhancements, v7.0 of FlexLM is now out so maybe thats one.....read the readme :p. Finally CORP have released the HASP v6.1 CD-ROM, there is some stuff worth keeping here if you've yet to tool up, however there is also a notable amount of junk that should be/have been deleted, need I mention the pure indulgence of the .tif files.
July 2nd - July 23rd
The_Owl has released beta v5 of his dumper, suitable for v4.0 & v3.25 SoftICE users, you can download it here (8k). Surely it won't be long before NuMega wake up to this tool.
I'm not really a fan of mindless keygenners if I'm perfectly honest but egis (CORE) has released an ASPack v1.08.03 keyfile generator. ASPack of course is probably the simplest of the packers and a good introduction for reversers looking to make their first foray into PE unpacking. The keyfile algorithm I know personally is NOT weak, based on a well-known encryption which egis has evidently forced, get the key generator here (13k).
FlexLM also seems to have been on reversers minds this week, I'm not really sure why though as the scheme itself isn't really any good, BlastSoft of RBS has coded and released a FlexLM license generator, this is a great tool for any of you doing investigative work but has been released sadly with "scene" intentions, the license generator insists on BlastSoft's name being splashed across any license files generated. Now let me be clear about this, I'm not criticising BlastSoft for doing this, I think we all understand the reasons why, however the program has isolated itself, because it won't be used by reversers or sceners, then again maybe I'll be proved wrong.
FlexLM License Generator - courtesy of BlastSoft (2.6Mb's).
ProcDump v1.5 (the very capable process unpacker by G-RoM & Stone) has now hit the streets, the key new feature seems to be the VBox 4.2 support but I've found a few minor niggles also, just get to grips with the script and you'll do fine :).
I was recently made aware of another potentially useful tool, Windows Sniper seems to offer all of the features of The Customiser with a convenient registration facility :), check it out.
Finally, Okay, is it me?, but where the hell is SoftICE v4.0, I've had this debate with a lot of people now and no-one really knows, we've had Union's beta or RC3 and a claimed v4.0 FINAL which isn't?, I've also heard of a plethora of bugs in every version since v3.23, anyone care to shed some light :).
.....& the final "finally" honest :), tomorrow will be the 1st anniversary of my page on the web with 160,000 genuine hits, (this doesn't even take account of the 3 months I was forced from the web either). So a small present for you dear reversers as a token of my appreciation of your support:-
Dune (Virgin Games, 1992) - (1.67Mb).
The graphics might be average, but the soundtrack and playability ought to keep you playing till completion. If ANYONE can beat my record of 49 days to completion (and I mean ready to launch the final attack) I want to hear about it :).
Back to Main Index