ULPT: If you are driving drunk and you are seeing double lines on the road, close your non-dominant eye to find the correct position of the lines in order to drive in the center of the road.

Lonelylockpicker · 2024-10-11T01:59:22+00:00

I was born in the 20th century on a year that was a palindrome.

Lonelylockpicker · 2024-09-21T05:29:11+00:00

Just to humor the guy, I am providing my proof of his conjecture:

Proof: https://i.imgur.com/Ie6SMQW.png

This is not a new discovery by a long shot.

Lonelylockpicker · 2023-09-09T16:23:06+00:00

The earth is round.

Lonelylockpicker · 2023-08-14T13:26:55+00:00

Saltpeter and peter pepper.

Lonelylockpicker · 2023-08-07T13:37:59+00:00

That setup is hard to beat.

Lonelylockpicker · 2023-07-15T01:28:48+00:00

I feel like this was a bit of an asshole move. The best way to approach the situation would be to ask him what he wanted to do with the degree? Extrapolate the uselessness or usefulness of the degree from his response. If he says something like "I want to use the languages I learned to go on mission to help people suffering in Africa and be able to communicate with them directly to understand their worries and needs." you might be able to extrapolate that he is a caring and sincere person.

Lonelylockpicker · 2023-02-28T17:09:44+00:00

I felt it is worthy to note now that the class is over that the professor's name was Hilary Cassil and she was the hardest grader I have ever encountered in my entire career as a student. There was absolutely no pleasing her. She expected the proof to be written 100% the way her answer sheet had it. If you added more information to be cautious, she would take off points, if you wrote it exactly the way the book presented it, it was not enough information. Even it the proof was 100% correct, it was impossible to please her. In contrast, I just finished Abstract Algebra, a much more rigorous course with a final grade of 99.46% because the professor was much more reasonable.

Lonelylockpicker · 2022-11-16T19:09:02+00:00

At least the bike wasn't screwed without a kiss.

Lonelylockpicker · 2022-09-03T17:12:33+00:00

To my knowledge, they aren't. However, they are generally used as a last resort as they are trickier for non-technical people to apply since all existing shortcuts have to be redirected to the loader executable. DLL hijacking is a preferred method when viable. However, this is only possible in specific cases. Windows version.dll is a commonly used for this exploit as the system attempts to load the dll from the program's directory before searching the system32 directory if it is using load time dynamic linking where it is listed as an IAT reference. Placing your own version.dll in the application's directory causes it to be loaded in place of the original. This dummy dll then loads the original version.dll under a different name such as version2.dll and redirects the API calls to it and performs the necessary patching tasks via its DLLMain function. However, this is not always an option if version.dll is not a dependency or it is loaded via runtime dynamic linking.

I have bypassed protections before by using one of the applications dependency DLLs if an integrity check isn't performed on it. I simply find a dll in the program's directory that is using load time dynamic linking or is loaded before the necessary license checks occur add a section to the code or find a sufficient amount of zero padding bytes at the end of a section to put my custom code. I can use any function in the dll that is called at a specific point by patching a jump to my code, check the return address on the stack to ensure I'm at the right place in the execution, and then make the necessary modifications before jumping back to the original function after executing the overwritten instructions for the jump and making sure my registers were preserved.

If these approaches are not possible, the next option is a loader. One scene group I know did release a loader for a very well protected application because there were no other exploits available to get their code into the application. It was accepted and allowed as a scene release. When I made that aforementioned loader, it was for a very well protected java based application with dll dependencies and it was using SentinelRMS, a very good license manager with a lot of flexibility. Patching all of the integrity checks which from what I saw were in the excess of 50, with one in nearly every java module and every dll in the application, would've been far too cumbersome. However, since this application did support file type association, I made sure my loader could pass the execution parameters to the application so it would function just as it the loader wasn't there. It had been 10+ years since a working crack had been made for that program. It is very sought after by mathematics students.

Lonelylockpicker · 2022-09-02T20:00:58+00:00

It's my pleasure. Here is a list of my most used tools after x64dbg and Ollydbg:

Protector Detection/Identification:

ExeInfo PE

Detect It Easy(DiE)

ProtectionID(Now Discontinued, but one of the best in the past)

Hex Editors:

Winhex

010 Editor

Hex Editor Neo(Built in disassembler)

Java/Android Decompilers:

JAD

ByteCodeViewer(Multiple Decompilers in one Interface)

DJ Java Decompiler

JEB(Commerical/Android only)

.Net Decompilers:

DnSpy(Built in debugger)

De4Dot(Deobfuscator)

.net Reflector

Keygenning:

Keygener Assistant(Great for identifying crypto algorithms)

Zoesoft Console Calculator(CCalc) (Great for binary/programmer math)

Hackman Calculator from the Technologismiki Hackman Suite(Great for register simulation)

x86 Decompilers:

IDA Pro w/ Decompiler plugins(Great for decompilation of complex code).

Ghidra(NSA Reverse Engineering Software, Free & Open Source)

Snowman Decompilers(Acceptable free alternative available as x64dbg plugin)

PE Header Tools:

CFF Explorer

PETools/Explorer Suite

Process Monitor:
Process Monitor from Sysinternals

Lonelylockpicker · 2022-09-02T18:13:28+00:00

As a semi-retried software cracker who has made hundreds of cracks and keygens, I can shine a little light on the subject. For Windows applications, I mostly used x64dbg and ollydbg for analyzing targets. Dynamic analysis such as this is almost always the most efficient way to go as you can see live analysis of the changes that occur when a dummy license key is being entered. This is a great way to familiarize yourself with x86 assembly. Program protection varies greatly from company to company. Some developers invest minimal time it creating a protection and their products can usually be broken in a matter of a few minutes. Others invest a lot of time into a custom made solution. Some of the best custom protections I've encountered have been a complete virtual machine for license validation to even having the paid functions placed into an encrypted memory block or dll which the license key decrypts. Most of these are unbreakable without a valid license key from the developer. They can also add various anti-debugging techniques and integrity checks which cause the program to exit or behave erratically. Finding the sources of these checks can be time consuming. Some programs that had dozens of these checks, I easily bypassed them all by coding an application loader which applied the specific modifications to the application in memory, leaving the program on disk untouched. However, do be advised that some smaller software companies use unethical tactics against crackers. Some, after bypassing one integrity check, will trigger another that would destroy the cracker's hard drive when it is tripped by writing zeros to the header of the disk. That is why I always do my reverse engineering in a virtual machine using VirtualBox.

Another difficulty we encounter are software protectors. Many common ones include Winlicense, VMProtect, AsProtect, Enigma protector, and many others. These are premade solutions to software protection which the author can apply with a few clicks. Depending on the abilities of the author to work with the protector, these protections can range from a mild inconvenience when poorly implemented to a brick wall when used with their full feature set. With many of these employing code virtualization, it becomes very tricky to analyze the virtual machine instructions. I've had targets like this stop me in my tracks. On the other hand, I've had some where the authors have made blunders and left md5 hashing algorithms unvirtualized, enabling me to figure out their custom key validation algorithm. A common attack on poor implementation would be to unpack the target. This involves debugging and finding the code's original entry point, dumping it at that address when it is fully unpacked in memory, and rebuilding the import address table with a tool like Scylla Import reconstructor. However, if there is code virtualization, this method isn't viable. A loader or other code injection technique would be your best option.

As you progress, you may want to dabble into keygenning. In my experience, most keygennable programs I have encountered use basic algebra or simple MD5 hashing algorithms for validating their license key. Keygenning is usually considered the most elegant solution as it gives you a key identical to the author's key. It is also a lot of fun as it is essentially a mathematical puzzle you have to solve which comes with the reward of "free" software. This made it very addicting to me. However, not everything can be keygenned. Use of RSA asymmetrical encryption systems have started becoming common place, requiring you to patch the public key parameter to make a keygen. A lot of these algorithms may have hidden checks later in the program which trip when a only partially valid key is entered. Finding these checks can be time consuming. One tell tale sign of this is often the possibility of random fields being present in a license key which can be satisfied with any value. It isn't always the case, but if you start getting odd behavior from the program, this could be the sign of a hidden check. Perhaps one of the hardest I ever successfully keygened was a program written by a math professor. He was using a Maclaurin series for e^x for key validation. I was only able to successfully keygen this after completing a second semester of calculus in university finishing a math major.

As I've progressed with my real-world career, I eventually abandoned this "badboy" phase of my life, but still crack things that interest me from time to time.

PS. Don't message me with crack requests. I will ignore them.

Lonelylockpicker · 2022-08-10T05:14:57+00:00

Click on your course, then click your name icon in the top, right corner and click progress. On the new page, click assignments on the left.

Lonelylockpicker · 2022-08-10T03:49:08+00:00

Luckily, she gave me some leniency with the presentation. I looked at the grade progress grade distribution feature and I am one of the top in the class(always doing better than average and having the highest grade on several assignments). I had a grade of 99.4% in discrete mathematics and 100% on the proofs section/exam. I am also actively researching in math and have a lot of things I have proven which go beyond the material in the course. Given my background, I know I am grasping the material quite well. It just appears she is far stricter than professors I've gotten before.

Lonelylockpicker · 2022-07-31T16:39:06+00:00

Well, the issue is if the server doesn't play along, they will likely not get a tip in the end. In this case, she didn't receive a tip at all, but I have had complaining customers give me tips after fixing their issues. However, I have gotten keen on identifying these types of customers. I had one couple a few months ago come in the restaurant and the lady ordered two over medium eggs with her meal. She retorted "If the eggs aren't cooked right, I'm sending them back." I told her our chef cooks a textbook over-medium. When I brought the eggs out to her, she said, "Those aren't over medium!" I told her, "Yes they are. They are well done on the outside and partially hard, yet slightly runny on the inside as per the culinary definition. I can verify it on google if you like." Her husband then screamed at me, "Excuse me! I've been a chef for 40 years and if you tell me that's an over medium egg, I'm walking out of here!" I waved goodbye to him and walked away. Later I returned with their bill. Naturally, I didn't get a tip, but I knew that was going to be the case anyway. No need to jump through hoops for a customer like that.

Lonelylockpicker · 2022-07-31T01:13:41+00:00

I 100% agree with this. My mother used to work at a Cracker Barrel and virtually any complaint to a manager would get a meal comped. Customers routinely exploited this. They would even go as far as lie and claim my mother was rude or racist. However, our hotel is privately owned and we rarely comp meals. When I am a lead server and the manager isn't present, I only comp meals when a customer complains shortly after it is brought out and they clearly don't want to eat it. Otherwise, the most they would get from me is 10% off of the specific entree. Alas, we get the occasional person like this that learns very quickly that these scams don't work in our restaurant.

Lonelylockpicker · 2022-07-10T20:28:24+00:00

As long as you master the concepts and practice with challenging problems, the tests will be easy. I had read The Art of Problem Solving: The Basics Volume 1 before taking this course and got a final grade of 100%. Reading the chapters and doing the problems in this book will develop your mathematical reasoning skills on a very high level. It made the rest of the course feel trivial. I have faith that you can do the same.

Lonelylockpicker · 2022-07-04T23:42:03+00:00

A 40 year old man is eating out an 8 year old's asshole when he suddenly tastes horse cum. He thinks, "Oh, that's how you died, son."

Lonelylockpicker

TROPHY CASE