flat assembler
Message board for the users of flat assembler.

Index > Heap > Keygens listed as viruses?

Author
Thread Post new topic Reply to topic
Tyler



Joined: 19 Nov 2009
Posts: 1216
Location: NC, USA
Tyler
I've read plenty of times in the comments about torrents that the keygen/patch provided is a virus, then there's always someone else who comes along and says "Keygens and patches get detected as viruses because of what they do and how they work." So I'm wondering, without turning flatassembler.net into a cracker site, what are they talking about when they say keygens have properties that make them seem like viruses, or are they wrong?
Post 10 Apr 2010, 02:54
View user's profile Send private message Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel
They're wrong. It's true that patches behave more or less like viruses, i.e. they open binary files and modify them. And most AVs won't notice the difference.
But keygens only duplicate the algorithm found in the cracked application to generate a valid key/code/serial number. They're not supposed to modify anything.

It's very likely those torrents really contain viruses, and nothing else.
Post 10 Apr 2010, 10:03
View user's profile Send private message Reply with quote
Tyler



Joined: 19 Nov 2009
Posts: 1216
Location: NC, USA
Tyler
I didn't think there was a reason for keygens to set off anti-virus, but I was stupid and downloaded them anyway. I dled them some time ago, I was just recently curious what keygen functionality that would set off av. Thanks for clarifying.

But on the topic of cracking, is it illegal to reverse an app just to find out how it does a specific function, and if it is, who bears the burden of proof? I was stupid enough to buy a Zune, it turns out, the Zune is the only major mp3 player that doesn't allow you to use it as a normal flash drive. It requires the Zune to be enumerated in some special way(only doable by MS made apps) before you can transfer files to it(ie you can list the files without special enum, but can't copy off/transfer to).
Post 10 Apr 2010, 10:29
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17278
Location: In your JS exploiting you and your system
revolution
Illegal to reverse? It depends upon where you live. If you live in the USA, as your location states, then you are screwed. Read about DMCA.


Last edited by revolution on 10 Apr 2010, 13:13; edited 1 time in total
Post 10 Apr 2010, 12:26
View user's profile Send private message Visit poster's website Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
kohlrak
I once had a program called Haktek that got marked as a virus. I used to use it as a port scanner back on windows. It always got marked as a virus by some antiviruses. Ironically, not by all. I can't remember what it filed under, however i remembered it being quit fishy being found as a virus.
Post 10 Apr 2010, 13:01
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8900
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
my view is, as long as you start execute the executable, it got the potential to be a good virus or bad one, so here come the "FAITH",, like god faith..

if you believe it will does no harm, and somehow we able to prove it by not seeing anything weird after we run it, then we suppose it is good.

and if u don't believe it, then it is virus,, we will blame some "changes" even if it is tiny one, to that newly downloaded executable... virus..
Post 10 Apr 2010, 17:38
View user's profile Send private message Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
You can always run your keygen/crack in a sandbox(use sandboxie). Then you don't need to worry about it harming your computer.....Ok, there is a very small chance that somehow it could break out of the sandbox, but it's unlikely....

_________________
----> * <---- My star, won HERE
Post 10 Apr 2010, 17:40
View user's profile Send private message Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
kohlrak
sleepsleep wrote:
and if u don't believe it, then it is virus,, we will blame some "changes" even if it is tiny one, to that newly downloaded executable... virus..


So true, which is REALLY annoying, because anytime i'm even near a computer, people assume i'm at fault for whatever they did wrong. "No, installing ubuntu on your daughter's computer did not make your illegal copy of that program stop working after you updated it."
Post 10 Apr 2010, 19:02
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
Tyler



Joined: 19 Nov 2009
Posts: 1216
Location: NC, USA
Tyler
windwakr wrote:

You can always run your keygen/crack in a sandbox(use sandboxie).

Cool, I hand no idea that kind of thing existed. So how does it work, like Deep Freeze for a single program, or more like a chroot jail?
Post 10 Apr 2010, 19:23
View user's profile Send private message Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
Tyler wrote:
windwakr wrote:

You can always run your keygen/crack in a sandbox(use sandboxie).

Cool, I hand no idea that kind of thing existed. So how does it work, like Deep Freeze for a single program, or more like a chroot jail?


Never heard of either of those. It sandboxes the program(s) you choose, plus any programs they starts. All file/registry access is redirected to the sandbox. And when you're done with the sandbox, you can pick and choose files to recover from the sandbox(if you want), then empty it.

I use Sandboxie all the time, it's great for a lot of things. One great use is when you want to try a program out, but it needs to install, mess with the registry, etc. I can just sandbox it, and clear it when I'm done, and it will be like I never installed it. No file mess everywhere.

_________________
----> * <---- My star, won HERE
Post 10 Apr 2010, 19:35
View user's profile Send private message Reply with quote
Tyler



Joined: 19 Nov 2009
Posts: 1216
Location: NC, USA
Tyler
Deep Freeze does that, but it does it on the system wide level, redirecting all disk writes to a temporary location, then forgetting that temporary location when rebooted. Chroot is a unix/linux tool to hide directories from a process, it changes the root directory for a process. For example a process chrooted to C:\Users\Tyler, when using C:\ would actually be using C:\Users\Tyler and when using C:\Windows would really be redirected to C:\Users\Tyler\Windows. Idk if it's been ported to Windows, I just used Windows style paths for the example.
Post 10 Apr 2010, 21:30
View user's profile Send private message Reply with quote
Dex4u



Joined: 08 Feb 2005
Posts: 1601
Location: web
Dex4u
Most keygens are virus, rats etc, script kiddies use them to spread there stuff.
Post 12 Apr 2010, 04:53
View user's profile Send private message Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel
I don't know what you mean by rats. Maybe rats as a synonym for moles (i.e. spyware)?

If a "keygen" is a virus, then it can't really be a keygen. And even if most are in fact trojans, rootkits, etc. many are "legit" keygens made by serious cracking groups in The Scene. Plus, their module tracks are usually very good.

Actually I bet most infections are made by the software industry to discredit the crackers and encourage people to buy legit copies of their software.
Post 12 Apr 2010, 11:10
View user's profile Send private message Reply with quote
ass0



Joined: 31 Dec 2008
Posts: 521
Location: ( . Y . )
ass0
RAT == Remote Administration Tool

How would you get Steellions of proxies without infecting and making zombie-bots?

_________________
Image
Nombre: Aquiles Castro.
Location2: about:robots
Post 12 Apr 2010, 11:41
View user's profile Send private message Reply with quote
kalambong



Joined: 08 Nov 2008
Posts: 165
kalambong
Tyler wrote:
is it illegal to reverse an app just to find out how it does a specific function?
not that I know of

as long as you do not re-distribute what you do out in the wild, hurting the income of the original author, i believe you can carry out any reverse-engineering operation on any software you find interesting
Post 13 Apr 2010, 09:04
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17278
Location: In your JS exploiting you and your system
revolution
kalambong wrote:
as long as you do not re-distribute what you do out in the wild, hurting the income of the original author, i believe you can carry out any reverse-engineering operation on any software you find interesting
Legality, or otherwise, depends upon where you live.
Post 13 Apr 2010, 09:20
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.