Fetch the repository succeeded.
原安装包安装后会(C:\Program Files (x86)\Entrian Attach)有EntrianAttach_xx.dll文件存在(比如EntrianAttach_14.dll EntrianAttach_17.dll等),对应不同的VS版本.
这些dll都存在混淆,需要通过de4dot反混淆后才能进行分析.
此处以EntrianAttach_14.dll为例,版本号为1.5.1.470
反混淆后的dll为EntrianAttach_14-cleaned.dll(MD5:A38D920105E7858651014DA10F81A29D)
其中包含一个TrialReminder的类,用于显示试用剩余天数
通过搜索字符串--- Entrian Attach License Block ---可以定位到license关键验证位置,核心代码如下
// Token: 0x02000027 RID: 39
internal class zzaez
{
// Token: 0x060001FD RID: 509 RVA: 0x0000C5D8 File Offset: 0x0000A7D8
public static bool zzafz(string orig, out string name, out string num, out string error)
{
name = "";
num = "";
error = "";
Stream manifestResourceStream = typeof(zzaez).Assembly.GetManifestResourceStream("EntrianAttach.Info.gif");
StreamReader streamReader = new StreamReader(manifestResourceStream);
string text = streamReader.ReadToEnd();
streamReader.Close();
RSACryptoServiceProvider rsacryptoServiceProvider = new RSACryptoServiceProvider();
rsacryptoServiceProvider.FromXmlString(text);
string text2 = "--- Entrian Attach License Block ---";
string text3 = "--- End of Entrian Attach License Block ---";
int num2 = orig.IndexOf(text2);
int num3 = orig.IndexOf(text3);
if (num2 != -1 && num3 != -1 && num2 <= num3)
{
Encoding encoding = Encoding.GetEncoding(65001, EncoderFallback.ExceptionFallback, DecoderFallback.ExceptionFallback);
Encoding encoding2 = Encoding.GetEncoding(1252, EncoderFallback.ExceptionFallback, DecoderFallback.ExceptionFallback);
string @string;
try
{
int num4 = num2 + text2.Length;
orig = orig.Substring(num4, num3 - num4).Trim();
byte[] array = Convert.FromBase64String(orig);
@string = encoding.GetString(array, 0, array.Length);
}
catch (Exception ex)
{
error = "License failed to decode: " + ex.Message;
return false;
}
XmlDocument xmlDocument;
try
{
xmlDocument = new XmlDocument();
xmlDocument.LoadXml(@string);
}
catch (Exception ex2)
{
error = "License decoded OK, but failed to parse XML: " + ex2.Message;
return false;
}
bool flag;
try
{
SignedXml signedXml = new SignedXml(xmlDocument);
XmlNode xmlNode = xmlDocument.GetElementsByTagName("Signature", "http://www.w3.org/2000/09/xmldsig#")[0];
signedXml.LoadXml((XmlElement)xmlNode);
name = xmlDocument.GetElementsByTagName("name")[0].InnerText;
try
{
name = encoding.GetString(encoding2.GetBytes(name.ToCharArray()));
}
catch (ArgumentException)
{
}
num = xmlDocument.GetElementsByTagName("serial")[0].InnerText;
string innerText = xmlDocument.GetElementsByTagName("count")[0].InnerText;
if (innerText != "1")
{
name = name + " (" + innerText + " users)";
}
if (!signedXml.CheckSignature(rsacryptoServiceProvider))
{
error = "License signature validation failed.";
flag = false;
}
else
{
flag = true;
}
}
catch (Exception ex3)
{
error = "License decoded and XML parsed, but failed to validate: " + ex3.Message;
flag = false;
}
return flag;
}
error = "Your license key is not valid. It should look something like this:\r\n\r\n" + text2 + "\r\nAaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz\r\nAaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz\r\nAaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz\r\n" + text3;
return false;
}
}
其中,签名校验使用RSA-1024算法,公钥存储在程序资源文件中EntrianAttach.Info.gif
生成一对公私钥之后,替换掉程序中的公钥,再根据license校验规则生成license文件即可
Patch的程序位于默认安装目录下,VS2022将会直接加载此目录下的文件,如图
对于VS2019以及其他版本,则需要Patch VS扩展目录下的对应文件.
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。