FandomofHell

How would you get the response for a legitimate key? Wouldn't that require getting someone in on this who has NOT already logged in with their key?

BTW, nice job with the Wireshark sniffer.

deoton

Im not sure but it would be rational that it would check the key after every install from the server.
So if you have a legitimate key reinstall and check the response.

deoton

I tried that but after that it couldn't connect my server that was running in port 80 or to the ea server.

FandomofHell

But, by your logic, wouldn't that also mean that people who stole the executable file would also be able to connect as long as the serial code was correct? That wouldn't explain why people haven't been able to play the RA3 beta yet despite the innumerable keys on the front page... which is why people keep getting "invalid key" statements when they have been trying to boot up the game.

I might be talking out of my ear here, but is it possible that the game has a change in its registry coding after the demo has been verified? A change that is initiated by the contact with EA's server?

Edit: I didn't think about tracking MAC or IP addresses. It might be possible that the games are tracked through these as a way of allowing for your method to work.

deoton

nobody stole it somebody downloaded it from fileplanet and uploaded to mininova and demonoid and such.

they did not have a legitimate key they used a keygen to generate them.

And I assume that after the game has validated the key it will add or modify some key in the registry.

cyrilthebest8

Just to say, when you have your cd key and you connect to your account with it, it'll be assigned to your account and nobody else can use it...

gailo

Also looking at paul.dll shows some of the error messages it looks for and includes for if someone with the same key is already connected or if that key has been revoked so even if a legit key was leaked they could still stop people from using it.

FandomofHell

Isn't that TECHNICALLY stealing, since it is only supposed to be downloaded through FilePlanet?

Anyway, I don't really care about the semantics. I want this thing cracked.

I thought the keys on the front page were uploaded by legitimate users? I've seen some of the keys before on other sites as being claimed by the owners.

THAT's what I'm wondering. Is it just an edited registry? Or do the EA servers track the computers that have certain types of codes, through the MAC or IP (I wouldn't know which one)? I mean, the beta IS installed on the main computer, so getting the MAC should be possible for the beta launcher, shouldn't it?

Eh, I only know basic hacking. I wish I knew more. Then I could actually help... T_T

Edit:
So the EA servers DO track the keys! However, tracking the keys could still let some people in. Is it possible they are tracking IPs and/or MACs?

deoton

It doesn't work that way. After inspecting paul.dll i've come to a conclusion that every time ra3 is ran it checks is the key valid from the ea server. :-D

Lavarider

not true deoton, I have a legit key. If I log off the internet, i can still play the beta. It does not need to check the server more than once. The activation data is all in the registry.