Re: Serial key Framework for cocoa?
Re: Serial key Framework for cocoa?
- Subject: Re: Serial key Framework for cocoa?
- From: glenn andreas <email@hidden>
- Date: Tue, 30 Jan 2007 14:02:46 -0600
On Jan 25, 2007, at 3:41 PM, Ferhat Ayaz wrote:
Thanks for all the answers. I think I'll read more about esellerate.
I found this on the net. It's really simple to crack cocoa
applications. Be carefull.
http://groups.google.com/group/BeltofVenus/browse_thread/thread/
bb6bd0845fe26e48/c46285126b5f51cf?lnk=st&q=get+macosx+serial+number
+with+cocoa&rnum=2&hl=en#c46285126b5f51cf
Note this has little to do with Cocoa apps being crackable other than
the fact that Objective C selectors end up naming routines - it would
be no different if the user didn't strip routine names in Carbon,
since they are just using the names to give them a hint as what
routine to look at for how the user validation is done (though, of
course, you can strip the name in the non-Objective C case, which
isn't as easy to do in Objective C in a general manner, though you
can at least obfuscate them a bit).
The problem that this exploits instead is that the user validation is
relatively weak and they can easily reverse engineer the algorithm to
write their own key generator which is independent of it being a
Cocoa app.
It's also true that there are more sophisticated attacks that can be
performed leveraging the Objective-C runtime (and defenses against
them), but this thread doesn't show them.
Glenn Andreas email@hidden
<http://www.gandreas.com/> wicked fun!
quadrium2 | build, mutate, evolve, animate | images, textures,
fractals, art
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden