Fishing Primer with SmartCheck #2:
Wipe It Off & Lock It Down
By: Palaryel
http://cracking.accessroot.com
The Targets:
Wipe It Off 2.10
Lock It Down serial 2.00
The Tools:
SmartCheck 6.03
The Protection:
serial check

Level:
Beginner

Best viewed in Firefox at 1280x1024

1. Introduction


Another tutorial by me and again a SmartCheck related one. Only, this time we have two real targets instead of crackmes.
SmartCheck should be configured in the same way as described in my previous tutorial and I will not again waste the time needed to explain how to set up SmartCheck. One more thing, both targets have identical serial routines, I will describe how to serial one of them step by step, to serial the other perform exactly the same steps
 


2. Finding the correct serial


Start SC, load and run "wipeitoff.exe" or "lockitdown.exe". Then, click on the "Show My System ID" button, write the ID down and click "Exit". Enter Test123 as the unlock code and click "Unlock", you will get an "Invalid Unlock Code..." MSG box, but do not click on the "OK" button, witch back to SC and expand the last click entry. You should see something like this:



As you see, the click entry is not complete but that is becouse you have not clicked "ok" in the msgbox, for now it is better to leave the msgbox open, if you close it SC will generate more code, useless code. Click on the, last line of the click entry , go to View->Show all Events and you'll get something like this:



Notice the highlighted line, it shows the function called "IsNumeric", alone by knowing the function name we can guess, that this function checks a string for letter (with other words if it is a non-numeric value it will return false), in our case we can see that it checks our serial and we can conclude that the serial needs to be numeric (only numbers). Switch to Wipe It Off, close the msg box, enter 123456 as the serial number and, again, click on the "Unlock button". Remember do not close the msgbox, switch back to SC, go to View->Show Errors and Specific Events (you can ignore this step, but for me it is easier to work with it). Expand the new click entry (the last one), click on the last line of the entry, and, again, go to View->Show all Events. Now you can see that there is more code between the IsNumeric line and the msgbox line. Our serial is verified between the two events, but where? If you look five lines up (from the msg box line) you will notice the following lines:

Long(993361104) --> Double(9,99331e+008)
Sqr(double:9,99331e+008) returns double 31517,6 (displayed as single-precision floating point)
Double(8,00863e+007) --> Long(80086301)

The numbers "993361104", "80086301" and their double representatives will be different on your comp.
The number "993361104" is the seccond part of the System ID (my sys ID was: WIO45-993361104), so the only thing that could be the serial is "80086301". Switch back to the program, close the msgbox, enter the just obtained number as the serial, and click "Unlock", you should see this screen:


 

 

Greetings

The whole ARTeam
All people who read my first SC tut and encouraged me to write this one