scattrbrain

I implemented a cache on my website for the AllPosters.com webservice. Instead of caching the raw response from the webservice, I cache the model constructed after parsing the results. The speedup I get on a cache hit is ridiculous because I don’t need to parse data anymore.

My secret weapon was YAML. All I do is take the model constructed after parsing the data and call to_yaml on it. On a cache hit, I simply call YAML::load. Here is the code. Let me know if this can be improved.

require 'digest/sha1'
require 'yaml'

module Utils
  class Cache
    @@cache_dir = "./cache/"

    def self.write(keywords, data)
      File.open(@@cache_dir + digest(keywords), "w") { |f| f.write(data.to_yaml) }
    end

    def self.cached?(keywords)
      File.exists?(@@cache_dir + digest(keywords))
    end

    def self.read(keywords)
      YAML::load(File.open(@@cache_dir + digest(keywords)))
    end

    def self.expire(keywords)
      File.delete(digest(keywords))
    end

    private
    @@lookup = {}
    def self.digest(keywords)
      @@lookup[keywords] ||= Digest::SHA1.hexdigest(keywords)
    end
  end
end

Cracking software on the MacOSX is easy. Once you install XCode you pretty much have everything you need to crack software. Software you need:

gdb - Debugger
otool - Disassembler
otx - GUI for otool
nm - Displays symbols in a binary
Hex Fiend - Hex editor

If you've done any kind of hacking on linux, using gdb should be familiar to you.

gdb commands you would use:

set disassembly-flavor intel
This sets the disassembled output to intel syntax from the default att syntax.

disassemble functionname
This returns the assembly listing for a function

stepi/nexti
Step into/next instruction

info registers
Displays the registers and their contents

x/FMT ADDRESS
Examine memory. Run help x in the gdb for details.
example: x/10xb 0x989b
displays 10 bytes in hex starting at 0x989b

break
Set a breakpoint. Run help break for details

bt/where
Displays the stack trace

up/down
Move up and down the stack frames

How to crack ?
Cracking is illegal and you should only be doing this to check how easy it is for someone to crack your application. I could give you step by step instructions on how to crack a commercial application but that would be both illegal and unfair to the app.

To crack an application:
1 - Run nm & otool on the application to get the list of symbols and the disassembled output. You can look at the disassembled output to get a grip on the code flow.

2. Run the application under the debugger and set breakpoints in functions you think are interesting. Or better yet, when the registration/unlock screen pops up, hit ctrl-c in the debugger and get a stack trace to find out functions you should be looking at.

3. Once you find the function you need to tweak, see the instructions that you need to modify. You NEED to know assembly for this. Once you find the instructions you need to replace, find the machine code equivalent. Once you get the machine code, you can use a hex editor to replace the current instructions with the new ones. This is the basic premise, but there are some caveats to this that you need to know about. Sometimes, you will need to replace x bytes of machine codes with y bytes where x > y. This is the easy case, you can put nop instructions for the unused bytes. Things get considerably harder the other way around. You need to find an equivalent instruction that does the same thing or sometimes rewrite the complete function.

Technorati Tags: cracking, macosx