Luigi Auriemma

me@aluigi.org


News
QuickBMS
Research
MyToolz
Advisories
Proof-of-concepts
Fake_players_bug
Patches
Password_recovery
MyMusic
TestingToolz
About...
RSS_feeds
aluigi.org
ZenHAX
old.forum
twitter
KEY RESEARCH

Section dedicated to developers and moreover the games'developers who want to implement or have already implemented a cd-key's control in their software for both offline and online usage.
Here I show some common problems divided in sections, how to avoid them and some real examples all resulted by my research.


Local (offline) cd-keys'controls common problems

    Documents:     Real examples:
  • Q3keybrute 0.1.1
    This is a very simple cd-key brute-forcer proof-of-concept for Quake 3. It uses the Quake 3 algorithm used to check if keys are valid or not to retrieve all the locally valid cd-keys for this game

  • Q3keyauto 0.1.1
    Random cd-key auto changer for Quake 3: this tool creates a new random cd-key for Quake 3 and writes it in the baseq3\q3key file, so then must just relanched the game to use the new key

  • SOF2keybrute 0.1.1
    As the previous examples, this tool instead uses the Soldier of Fortune 2 algorithm used to the check the valid keys. SOF2 is a game based on the Quake 3 engine and in fact we can note how poor are the differences between the 2 algorithms

  • SOF2keyauto 0.1
    This tool is the same of the previous but with the automatic function to add the first random valid key in the file base\mp\sof2key

  • HLkeybrute 0.1.1
    Also Half-Life is another example of brute forcing applied to the local cd-keys

  • HLkeyauto 0.1
    Same as above but the first valid random key is directly saved into the registry

  • CSkeyauto 0.1
    Just the same tool as above but specific for Counter Strike

  • Gore cd-key checker 0.1 (gorekeycheck)
    checks if a specific Gore cd-key is valid or not.



Online cd-keys'controls common problems

    Documents:
  • Online cd-keys: details of the problem and possible solutions 0.1 WORK IN PROGRESS
    Real examples:
  • Online cd-key brute-forcer for Quake III 0.1.1
    Finding valid online cd-keys is quite impossible however I have written this simple proof-of-concept for the game Quake 3. The brute-forcer finds the valid offline cd-keys and then checks them online contacting the server authorize.quake3arena.com (or one chose by the user)


Problems derived by universal cd-keys

    Documents:
  • Universal cd-keys: possible problems and solutions 0.1 WORK IN PROGRESS
    Real examples:

Possible problems derived by the usage of cd-keys'hashs

    Documents:
  • Cd-keys'hashs: possible problems and solutions 0.1 WORK IN PROGRESS
    Real examples:
  • CD-Key hash changer for UnrealTournament 2003 v2225 for Win32 0.1
    Fortunately UT2003 uses strong mechanisms to avoid abuses in the usage of the hashs of the cd-key, so this patch (it is a patch, not a tool) is completely useless but is very useful to understand or imagine how a method to protect a cd-key could become a possible flaw


Possible problems derived by sending unique Cd-keys through Internet in plain-text

    Documents:
  • Possible problems derived by sending unique Cd-keys through Internet in plain-text 0.1 WORK IN PROGRESS
    Real examples:
  • All the games based on the Quake 3 engine: they send the unique Cd-key of the player to the relative master server for authorization but the keys are just in plain-text so they can be used by who can read the UDP packet (DNS hijacking, sniffing and so on)