courtesy of fravia+'s page of reverse engineering
Hi there fravia+,
I'm writing you in order to (try to) contribute with all those great
essays about reverse engineering. I have cracked other programs and
never emailed any essay; but this time, i think that this is going
to be usefull because this time its java, and i found very little about
java reverse engineering on the web.
Ok, the targets are those beautiful www.opencube.com applets.
they are great,and you can download them...but theres one little thing,
you wont be able to use them in your website if they are not registered.
When you upload the file to your webserver, and try to see the
page where the applet is embeded all you will get is a nasty phrase
which reads 'invalid notice tag'.
"Ahi!" -you say- "this high tech applet wont work!"
But if you send money to the guys at opencube, they will send you a
couple of 'key' files called 'ocekey.class' and 'ocjwkey.class'
and when you replace the files you had downloaded with those they sent
you... voila! the applets work.
Of course,when you buy the applets, they tell you to specify a domain so
they can make those applets 'workable' within your domain. The thing is
simple, all you ëcrackersí have to do is in some way, change the url
those demo applets are registered to...
How can you do that? VERY easy, remember that everything is possible
in this software world of us... if you use your head.
Ok now, i did decompile that ëkeyí class using JAD, a very
powerful ë.class-to-.javaí decompiler which can be found at :
ftp://Meurrens.ML.org/pub/Java/codeEngineering/jadnt15.zip
Well, in fact the game is already almost over, all you have to do is
decompile using jad (jad ocekey.class);
the jad decompiler will make a ocekey.jad file which is the
ocekey.class source code (cool huh?).
After that you open the file and see that little and poor class file
that is trying to prevent you from using an applet... the source of
the ocekey.class is the following:
import java.net.URL;
class ocjwkey
{
public static String getKey(String note, URL u)
{
String regURL = "www.opencube.com"; <------- bad guys :)
int i = 1;
while(Character.isDigit(note.charAt(note.length() - i)))
i++;
if(u.getProtocol().equalsIgnoreCase("file") ||
u.getHost().equalsIgnoreCase(regURL)) <---vital part :)
return note.substring(0, (note.length() - i) + 1).trim();
else
return "-1";
}
ocjwkey()
{
}
}
Yahooooo! Look at the regURL variable... what do we have here? Oh
yes you guessed it mr cracker! The url for the applet! Now you have two
options: you know, 1) you can change the url for the applet to work on your
own site or 2) you modify the source for it to work on ANY web site ...
If you choose the first option, I don't need to tell you what you should do,
since it is jolly obvious, but if you choose the second option you have
to delete the following lines :
1) if(u.getProtocol().equalsIgnoreCase("file") ||
u.getHost().equalsIgnoreCase(regURL))
2) else
3) return "-1";
After this, you recompile the ocekey.class and replace the old one with
the cracked one.
Well, that's it actually! Easy easy cracking... right?
The other 'key' class, is quite similar, i won't explain it here, tackle
that one yourself! (an easy reversing task)
Enjoy java cracking, it's easy, it's great fun, it's interesting.
El Latigo
Ps: If you dont know how to compile a .java file, then you shouldn't be
reading this at all, come back later... :)
Ps2: You can download the target applets from
http://www.opencube.com/colgo
User Name: cu2248
password: homefree
But, please, remember to delete them after having cracked them / played
with them... this is only for study purposes of course. In fact we
are not here in order to steal this or that specific software, we
are here in order to MASTER software, in order to LEARN how to use
any software whatsoever whenever we like, however we like and
for any purpose we want, changing it on the fly if needs be, cracking
it black and blue if we fancy it.