Find a quick way back to more documents with this link.
Return to Main Index,
Key Generators.
http://www.dbsonline.com - Webpage.
FTP File Search - bs1pr15.zip (3.47Mb)
I first started following Davis Business Systems programs 8mths or so ago when they released BS/1 Small Business (v1.1 is the earliest I recall), all v1.1x used the same protection, there were a total of 10 options ranging from single user to a 10-user network, registration codes were all 6 hard-coded in defaults + 04.
Having highlighted previously how appalling the previous scheme was I had hoped v1.5 ($118 worth) would surprise me or at least show some improvement. Sadly the program still relies on the same .ini file although several options have been dispensed with and most legacy ini files do not work. The serial # routine isn't particularly hard to find using SoftICE but this is truly a program you can crack using just a deadlisting.
Without further delay, start the application and select a sample company, then in the Help menu select About and License Upgrade, you'll be confronted with a familiar site, a dialog box begging for your Company Name and Registration Code. We'll naturally use the simple deadlisting approach, firstly enter a bogus code of some description and note down the dialog text "Registration code is invalid", now locate that inside W32Dasm's StringRef's. Here's the only occurence inside bs1pro.exe.
:004F4583 MOV ECX, 004F48A8 <-- "Registration code is invalid".
Now we'll simply use the backtracing and see "who jumps here".
:004F454E MOV EAX, DWORD PTR [EBP-10] <-- Code entered.
:004F4551 MOV EDX, 004F4894 <-- "c9kk43111" (no comment).
:004F4556 CALL 004036E8 <-- Compare routine.
:004F455B JNZ 004F4578 <-- Jump_invalid_code.
If you just take a quick look at 004036E8 you'll see immediately just from
feeling the code that it is a compare routine, you'll also see thats its
called a lot of times. Evidently this function is a generic string compare
which is used for other tasks besides the protection. Naturally several
steps higher inside the disassembly would locate you the other valid code,
where as a little below gives you /users.ini as the location, note that only
the first 6 digits are required in the ini file.
BS/1 Professional v1.5
Single-user license code ($118): b935k5111
Multi-user license ($315): c9kk43111
If I actually cast my mind back I recall that these codes may actually have been used in the previous versions. So legacy ini files which used c9kk43 and b935k5 are probably still valid. I don't think I really need to state what I think of this protection.
Return to Main Index,
Key Generators.