from hxxp://xxw.ipmart-forum.com/showthread.php?360029-Request-Thread-For-Blackberry-Apps-Serials-amp-Activation-Codes
Please read before Req:
I received a lot of PM from many members asking me to repost this thread that was delated, to help other ppl who still dont know the cracking secret of the Blackberry Apps.
The idea is same cracking any computer software using a debugger so nothing new but the way changed, some forums (like "PDAxxx" and others) claims that its their idea, its wrong, the idea was posted first time on an american forum "crackbexxy" and was delated cause its agains their policy, and then was treated on "Srintgxxxs" forum, now this forum is dead, and then the secret was keept on a few forums for months, there is some members who know that and they keep it secret to get more credits, reputations and popularity.
I come today to offer this guide to all my ipmart friends, and broke this secret, and this post will be up to date than any other forum.
someone will tell me:
- why dont keep it secret, the developers will made new changes and the cracking process will be harder?
i will tell them that there is always a solution for any problem, for ex. Nokia, nokia is the biggest company and RIM is nothing beside Nokia, you can go and have a look in the moding section for nokia on this forum, we always find a solution to crack nokia apps and nokia phone security.
and it will be so boring to get all serials for all software.
NB: Cracking is against law, and this guide is for information only, i dont take any responsibility on any software you cracked, and/or installed on your device. you can always read and check developer license agreement.
Here is the detailed guide using ollydbg as debugger, you can also use winhex, it gives the same result, i made some changes on the guide to fit the new apps.
Tools :
1- Blackberry jde Download Here chose the version same your device version, if you dont know, hold "alt+shift" and press "H"
2- Olly debugger Download Here: Version 1.10 (Stable) or Version 2.00 Beta
3- MDS Services Simulator (optional, required for some email software) can be downloaded here
4- Dmpclean.bat (attached)
5- Our target app - Ascendo Datavault (download @ hxxp://www.ascendo-inc.com/DataVault.html)
How To? :
1-Download and install blackberry jde version of choice, chose the version same your blackberry version, to check your device version hold "alt+shift" and press "H"
2-when the installation is complete.
click start > programs > research in motion > blackberry jde 4.x.x locate device simulator icon > right click and go to properties then click on find target. create a shortcut of defaultsimulator.bat on your desktop or the quick launch menu, whichever you prefer.
copy dmpclean.bat into your simulator’s folder, by default it should be c:\program files\research in motion\blackberry jde 4.x.x\simulator basically the same folder where the defaultsimulator.bat file is located. once copied, create a shortcut of dmpclean.bat as well next to your defaultsimulator.bat shortcut on the desktop or quick launch.
3-Right click on shortcut to defaultsimulator.bat and choose edit, at the end of the text you will see /pin=0x2100000A change this value to your blackberry's pin, and behind add your IMEI without any quotes (necessary for some IMEI verified applications) , and save it.
For example, if my pin number is 24d25d8a and my IMEI is 357880.00.879598.5
then the parameter would look like this /pin=0x24d25d8a /IMEI=357880008795985
4-Launch the device emulator by double clicking on the shortcut to defaultsimulator.bat icon. be patient, it takes some time to load the
simulator as it has the same feel as your blackberry. (note, jde 4.5.0 or maybe even lower versions start up much faster).
To be sure your pin is being read correctly, navigate to options > scroll down to status and check for your pin.
5-To install an application into the simulator click on file > load java program> point to the DataVault.cod “our target app” then navigate to downloads and run the program. go to register, it shows our pin “good” and it’s asking
for the registration code else it will expire. leave it (dont close it)
6-let's launch the debugger now. double click on ollydbg.exe, once loaded click on file then choose attach. the attach window opens up very small, simply stretch by pulling it from the right buttom corner so you can see the
running programs on your computer. we are looking for a process name titled fledge with a path to the executable which should look like the following -c:\program files\research in motion\blackberry jde 4.x.x\simulator\fledge.exe - select this process and click attach. as it
finishes loading all necessary files the debugger will pause, simply press F9 once or twice to continue or sometimes SHIFT + F9, depending on olly’s mood. leave it (dont close it)
7-Now go back to the simulator and enter any facke code, untill you see the message "field full" (we will enter the following as your code 97531) then press arrow down ↓ and click on register. note: do not enter 1234567... as your bogus serial ever because most likely you will end up nowhere. after pressing enter or clicking to register a window comes up saying “Wrong Key!”. we knew that. leave it (dont close it)
8-Now go back to the debugger window (OllyDbg), then click on do an ALT + M to open the memory map, and select the first line in the memory map window. then do CTRL + B to search for the number we entered in the ASCII field and enter 97531 as your search string and click oK.
it begins to search in the memory for our bogus serial, a window titled dump pops up shortly showing the 97531 number we entered in the application > right below it shows our pin number > further down our serial is being constructed > finally we see the serial 42350 which happens to be the correct serial for my bogus pin number 24d25d8a.
9-To test our discovered registration code let’s switch to the simulator window and enter it to see what happens, well just as we hoped it would be “you have successfully register..."
Remember:
1-Almost of registration codes for blackberry apps are generally 5 characters long in numeric format, unless the developer decided to get super creative, they made it longer and become alphanumerical, and others get two serials, one Key and one Activation Code
2-Most Blackberry apps are pin specific, which means that when you discover one working key for one pin it doesn’t always mean it will work on all other berries.
3-When searching the memory map in olly, your search string could sometimes be in UNICODE, however i only noticed some Blackberry app thus far.
4-When searching for serial in the dump sometimes the first search result isn’t the only instance. while in the dump do CTRL+L to see if your bogus serial shows up more than once. with some apps the reg code shows up right away and with others you have to look for it. i also noticed that some times the reg code appears around your pin number, you might get lucky with some apps if you search for your pin number in ASCII while in the dump window by doing CTRL+B. generally, once your first search result pops up in the dump window you may need to scroll up or sometimes down several pages until you find your valid reg code. anyway, once you find a key or two and feel comfortable enough you will try other features of the debugger…
5-Remember, you may not be successful with every app when it comes to finding a valid reg code. while in the dump window you will see 5 digit number 45654, this is a port number and not a serial. you will also see PURG followed by some numbers, this is not a serial either. when you download trial apps make sure the app has the option to register by inputting a serial which would make the app fully registered, otherwise some apps are just demo apps with expiration or limited functionality, these are not trial. we are not cracking the apps with this method but just finding the right codes for our pin.
6-You will be unable to crack some new apps version, try to crack the old one, install it on your blackberry and update to the new one, the apps will stay registerd in almost of time excepl for some (berrybuzz.v2,...etc)
7-Use Dmpclean.bat everytime before starting to clean the simulator’s memory to default.
Crackable Program List With Serial Length
Code:
3jam supertext (8 Characters)
ActionVoip (8 Characters)
Aerize Alerts (5 Characters)
Aerize Card Loader 2008 v1.2.0 (5 Characters)
Aerize Explorer 2008 (5 Characters)
Aerize Optimizer (5 Characters)
Aerize Wifix (5 Characters)
AreaCode411 (5 Characters)
Ascendo Datavault (5 Characters)
Ascendo Money (5 Characters)
Ascendo Photos (5 Characters)
Auto Redial Pro (5 Characters)
AutoTextBak
BBAlarms (5 Characters)
BBAssistant (5 Characters always start with "11")
BBProfiles Profile Scheduler (5 Characters)
BBShortcut (5 Characters)
BBSmart Alarms Pro (5 Characters)
BBSmart Email Viewer (5 Characters)
BBSmart Shortcuts v1.5 (5 Characters)
BBText2im (5 Characters)
BeFTP
Berricons.v1.0.6 (5 Characters)
BerryCommander 1.x
BerryBuzz.v1 (6 Characters)
BerryPix (5 Characters)
BerryPopup.v1.0 (4 to 6 Characters)
BerrySoftCCNT
BerrySoftPS
Berrytunes2 (5 Characters)
BerryWeather v1.5 (6 Characters)
BilbyBatchRename (5 Characters, always start with 0)
BilbyConnections (5 Characters, always start with 0)
BilbyFile v1.5 (5 Characters, always start with 0)
BilbySMSMate (5 Characters, always start with 0)
BizMatica (5 Characters)
BizTrackit (5 Characters)
BlackBerryAlerts (5 Characters)
BlackBook (8 Characters)
BlackPangolin v0.0.0.3 (14 Characters)
BlackPanacea (14 Characters)
Blink 3.31 (5 Characters)
CallBarring v3.0 (8 Characters)
Call FireWall (8 Characters)
Call Seeker (5 Characters)
CameraToGo (5 Characters)
Card Pack Gold (5 Characters)
CellSeeker (5 Characters)
ChronoMagic (5 Characters)
Concise Oxford Dictionary and Thesauraus
CryptMagic (5 Characters)
Compass Lite
DateMathica (5 Characters)
DietOrgainzer (10 Characters)
DocumentToGo (12 Characters for the serial, and 16 for the Activation key)
DynoStorm
Email Assistant
EventsImitator (8 Characters)
EveryNote (5 Characters)
EZ 3Way (5 Characters)
EZ ConCall (8 Characters)
EZ Exercise Tracker v2.0 (5 Characters)
EZ Her Calendar (5 Characters)
EZ Lady Calendar (5 Characters)
EZ MobiGo (5 Characters)
EZ Stopwatch (5 Characters)
EZ Timer (5 Characters)
EZ Weight Tracker (5 Characters)
FaceLift
FastForward
Fierce Towers
Foot Assistant
GoTrackIt (5 Characters)
GoTimeIt (5 Characters)
GPRS Monitor
Gvdialer
HandiTrack (7 Characters)
HNHSoft Talking English-Chinese Dictionary (8 Characters)
HNHSoft Advanced English Dictionary (8 Characters)
HNHSoft Larousse English-French Dictionary (8 Characters)
HNHSoft Larousse English-German Dictionary (8 Characters)
HNHSoft Larousse English-Italian Dictionary (8 Characters)
HNHSoft Larousse English-Spanish Dictionary (8 Characters)
Impatica viaDock
Informs (16 Characters)
IntelliBerry v1.0.3 (7 Characters)
Jumblo (8 Characters)
Launcher
Leave it on
Log2File (5 Characters)
Mail2Fax (5 Characters)
MBusy (8 Characters)
MediaPop (5 Characters)
Memory Eye
Messagescheduler (9 Characters)
MindBerry (10 Characters)
MiniExcel
MiniSafe
Mobimouse v1.4.1 (5 Characters)
Mobiscope (9 Characters)
Monopoly here and now
MP3 Ringtone Creator
mRing
NoteThis
PeekaWho (10 Characters)
PhoneBAK2U (9 Characters)
PhoneBAKUP (9 Characters)
PhonePix (5 Characters)
Phone Tweak (6 Characters)
Phone Assistant (14 Characters)
PhonyFarts v1.2 (5 Characters)
Photo Caller ID Deluxe (5 Characters)
Pocket 10B SE (5 or 7 Characters)
Pocket 10C SE (5 or 7 Characters)
Pocket 12C SE (5 or 7 Characters)
PocketInformant (17 Characters)
QuickContact (6 Characters)
QuickMessage (5 Characters)
QuickPullPro (6 to 8 Characters)
QuickCopy
RADGuard
Readywords113 (5 Characters)
Redialer (5 Characters)
RepliGo Reader (10 Characters for the Key, and 6 for the Actication code)
Relaxing Sounds
Ring & Vibrate (8 Characters)
RSVP
SafeBox v0.0.3 (16 Characters)
SafeWallet
Salat
Sendafix101 (5 Characters)
SexyDice (5 Characters)
ShopAssitMobile
ShopMagic (5 Characters)
ShortCutme (8 Characters)
Shrinkit (8 Characters)
SmartAlerts (6 Characters)
Smart Alarm Pro (5 Characters)
SmartCalling (8 Characters)
SmartLight (8 Characters)
SmartVoip (8 Characters)
Snapscreen v1.2 (5 Characters)
Spot for Blackberry
StormLock
SugarMini
Text Forward (6 Characters)
Themes In Motion: All versions
TieMaster
TimeLogMagic (5 Characters)
Track It Custom Edition (5 Characters)
Track It Expense Edition (5 Characters)
Track It Timezone Edition (5 Characters)
Track It Vehicle Edition (5 Characters)
Video Caller ID (5 Characters)
VideoLight
VoipBuster (8 Characters)
Vorino Clock/Savescreen (5 Characters)
Vorino Timer/StopWatch (5 Characters)
Vorino Fractal Explorer (5 Characters)
Wallpaper Changer
WebCallDirect (8 Characters)
WifiHero
Wifi File Transfer Full Version (6 Characters)
WorldMagic (5 Characters)
Zenminder
NB: some characters are only numerical and others are alphanumerical
Crackable Programs By Time Hack only Described here (others can be cracked buy the two ways are not listed below)
Future SMS
In Process
Mail2Fax
Quicklunch
Resize Picture
WorldMagic
Crackable Programs By Cracking old version and updating to new one
RDM+
Blink 3.5x
Uncrackable Program list due to Online verfication and/or Serial encrypting (if anyone cracked one of them, plz let me know)
AcceloDex
Antair Apps
Beejive IM
BerryBuzz 2
BerryScroll
Cannon Software Apps
Concrete Software (Full Version)
IcallManager
IM+
Miu Tunes
Mobiola Apps
mVoice
Peekawho
Privacy Easy
QuickLaunch
Sim Detective
SlickTask
SlovoED
Stock Manager
Tetherberry
ToySoft Apps
Webgate Software
Wifi Disable
How to crack slovoed deluxe english explanatory dictionary version 2.02
ReplyDeleteIs there a way brother??????