Amer Posted August 20, 2013 Posted August 20, 2013 This is a legal files to test the protection cracking. This file is intended by the company to experience crack the protection and is not intended for sale.This file was sent to me after I asked Star Force sent me to try Crack their protection.------------------------------------------------------Info:StarForce Audio/VideoStarForce Audio/Video tool provides protection from unauthorized use of audio files (mp3, ogg, wma, wav etc.) and video files (avi, mpg, wmv etc.), intended to be viewed on a personal computer Moreover, this solution allows secure of DVD-Video format for either personal computer and DVD players use.StarForce Audio/Video helps secure private as well as professional audio/video content and ensure it isused for intended purposes only.StarForce Audio/Video is easy to install online using the free protection Studio tool.Protection Technology, Ltd.StarForce Audio - Video DemoProtection version 5.70.43.1Trade Name: SF Audio/VideoBuild Info: 5.70.043.001, 04.02.13Project Guid Hash: 3A2489331DF302A363B196FEA40AE61FMonday, February 04, 2013 10:29:27 AM >>>>> More Info: Self keygen <<<<<-----------------------------------------------------------------------------------the serial number chr count from 28 to 34 that belonging to the license you purchase. you can use these serials to help you trace the protection: AMER-TUTS4U-UAW9FS-QPKDT4-7U3JXHAMER-AMER-AMER-AMER-AMER-AMER-AMER when you enter the serial choose > (other) or (I already have an Activation Key)Self keygen:at the activation window you'll see the HW ID, you can use it as serial number....!!! the serials work on StarForce protected Notepad file: 4.50.07.00 (Build 29.01.07)StarForce protected Notepad is also Self keygen....http://tuts4you.com/download.php?view.1277------------------------------------------I DON'T KNOW WAY MY NAME ACCEPTED AS SERIAL NUMBER......Don’t ask me about this mess, I DON’T KNOW….-------------------download: http://rghost.net/48258126 http://www1.datafilehost.com/d/55f6e676-------------------remember this is legal files to test the protection cracking... sorry for bad English
EvOlUtIoN Posted August 23, 2013 Posted August 23, 2013 Can you upload in other places such as sendspace?
EvOlUtIoN Posted August 23, 2013 Posted August 23, 2013 Can you upload in other places such as sendspace?
Dreamer Posted August 23, 2013 Posted August 23, 2013 here you go @ EvOlUtIoN http://www.sendspace.com/file/7arar3password : Dreamer
Teddy Rogers Posted August 24, 2013 Posted August 24, 2013 The [unpackme] tag has been added to your topic title. Please remember to follow and adhere to the topic title format - thankyou! [This is an automated reply]
Amer Posted September 4, 2013 Author Posted September 4, 2013 more infolink1link2 do not be confusedthe sections names (“.aspack”, “.pcle” or “.sforce” and secserv.dll) in NTDLL are not any kinde of code injectionArchaeological excavations reveal the depths NTDLL.DLL very interesting fact.The boot loader checks the names of the sections of each run executable files (dynamic link library), and if it finds a section named ".Aspack", ".Pcle", ".Sforce" taking a number of actions to ensure backward compatibility and cocks the flags are cut down a lot of protections that have emerged in Vista or disconnect legally.Snippet from NTDLL.DLL sections with names PE- file for that special compatibility mode is activated. text: 77F24FEC aSecserv_dll db 'secserv.dll', 0 ; DATA XREF: sub_77F0B5E5 +36 o. text: 77F24FF8 a_sforce db '.sforce', 0 ; DATA XREF: sub_77F0B717 +85 o. text: 77F25000 a_pcle db '.pcle', 0 ; DATA XREF: sub_77F0B717 +6 F o. text: 77F25006 a_aspack db '.aspack', 0 ; DATA XREF: sub_77F0B717 +59 o-------------------------------------------------------------------------------Kaspersky Labs 6 Virus Bulletin 2005 International Conference, DublinNTDLL.dll in x64 Windows7DA3CC37 6A 08 push 87DA3CC39 68 BC CB A3 7D push offset a_aspack7DA3CC3E 56 push esi7DA3CC3F E8 1C 1E 05 00 call strncmp7DA3CC44 8B D8 mov ebx, eax7DA3CC46 83 C4 0C add esp, 0Ch7DA3CC49 85 DB test ebx, ebx7DA3CC4B 74 29 jz short loc_7DA3CC767DA3CC4D 6A 06 push 67DA3CC4F 68 C4 CB A3 7D push offset a_pcle7DA3CC54 56 push esi7DA3CC55 E8 06 1E 05 00 call strncmp7DA3CC5A 8B D8 mov ebx, eax7DA3CC5C 83 C4 0C add esp, 0Ch7DA3CC5F 85 DB test ebx, ebx7DA3CC61 74 13 jz short loc_7DA3CC767DA3CC63 6A 08 push 87DA3CC65 68 CC CB A3 7D push offset a_sforce7DA3CC6A 56 push esi7DA3CC6B E8 F0 1D 05 00 call strncmp•…checking if one of the sections in the PE file is named “.aspack”, “.pcle” or “.sforce”A special “feature”, continued• If any of the sections in the PE file is called “.aspack”, “.pcle” or “.sforce”, NTDLL calls ZwSetInformationProcess with a certain set of flags• This results in disabling the NX (DEP) protection for the _entire_ process• All 32-bit programs packed by ASPack do not benefit from the hardware DEP in Windows, even if enabled and enforced by the system!• Same is true about applications protected by StarForce, or those with “.pcle” sections
Amer Posted September 4, 2013 Author Posted September 4, 2013 (edited) edited because the post replicated... Edited September 4, 2013 by Amer
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now