(07-07-2017 02:37 PM)dottluca Wrote: [ -> ] (07-05-2017 12:12 PM)RootUser Wrote: [ -> ] (06-17-2017 12:38 PM)dottluca Wrote: [ -> ]I don't think you tried with latest updates
What was the last update that worked before the crack stopped working? @NewEraCracker Please analyse the pattern and see if it can be cracked?
Thanks
It stop working with updates dated 13 June 2017. Last working 12.0.6768.5000
Ok thanks for your answer.
last version: MSO.DLL 12.0.6772.5000 07 Jule 2017.
MSO.DLL v12.0.6772.5000
Pattern: F0 85 F6 75 4C 39
Replace: 75 with 74 (JNZ with JZ)
Prepatched MSO.DLL v12.0.6772.5000 :
https://www.sendspace.com/file/q3abou
Code:
3282D835 |. 68 3C215432 PUSH MSO_ORIG.3254213C ; /Arg1 = 3254213C
3282D83A |. 8D4D AC LEA ECX,DWORD PTR SS:[EBP-54] ; |
3282D83D |. AA STOS BYTE PTR ES:[EDI] ; |
3282D83E |. E8 9183ECFF CALL MSO_ORIG.326F5BD4 ; \MSO_ORIG.31B85BD4
3282D843 |. 33C0 XOR EAX,EAX
3282D845 |. 3BF0 CMP ESI,EAX
3282D847 |. 0F84 D2000000 JE MSO_ORIG.3282D91F
3282D84D |. 3945 E0 CMP DWORD PTR SS:[EBP-20],EAX
3282D850 |. 0F84 C9000000 JE MSO_ORIG.3282D91F
3282D856 |. 8B0B MOV ECX,DWORD PTR DS:[EBX]
3282D858 |. 0B4B 04 OR ECX,DWORD PTR DS:[EBX+4]
3282D85B |. 0F84 BE000000 JE MSO_ORIG.3282D91F
3282D861 |. 3945 DC CMP DWORD PTR SS:[EBP-24],EAX
3282D864 |. 0F84 B5000000 JE MSO_ORIG.3282D91F
3282D86A |. 3945 D8 CMP DWORD PTR SS:[EBP-28],EAX
3282D86D |. 0F84 AC000000 JE MSO_ORIG.3282D91F
3282D873 |. 3945 E4 CMP DWORD PTR SS:[EBP-1C],EAX
3282D876 |. 0F84 A3000000 JE MSO_ORIG.3282D91F
3282D87C |. 8D7D EC LEA EDI,DWORD PTR SS:[EBP-14]
3282D87F |. AB STOS DWORD PTR ES:[EDI]
3282D880 |. AB STOS DWORD PTR ES:[EDI]
3282D881 |. AB STOS DWORD PTR ES:[EDI]
3282D882 |. 6A 23 PUSH 23
3282D884 |. 8D4D AC LEA ECX,DWORD PTR SS:[EBP-54]
3282D887 |. AB STOS DWORD PTR ES:[EDI]
3282D888 |. E8 BB82ECFF CALL MSO_ORIG.326F5B48
3282D88D |. 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
3282D890 |. 50 PUSH EAX
3282D891 |. 56 PUSH ESI
3282D892 |. 8D4D AC LEA ECX,DWORD PTR SS:[EBP-54]
3282D895 |. E8 1FC57600 CALL MSO_ORIG.32F99DB9
3282D89A |. 8BF0 MOV ESI,EAX ; 8B F0 (pattern start)
3282D89C |. 85F6 TEST ESI,ESI ; 85 F6
3282D89E |. 75 4C JNZ SHORT MSO_ORIG.3282D8EC ; 75 4C ; opcode JNZ -> JZ (75 -> 74) to bypass activation
3282D8A0 |. 3945 08 CMP DWORD PTR SS:[EBP+8],EAX ; 39 45 08 (pattern end)
(09-17-2017 12:10 AM)anssik Wrote: [ -> ]MSO.DLL v12.0.6772.5000
Pattern: F0 85 F6 75 4C 39
Replace: 75 with 74 (JNZ with JZ)
Prepatched MSO.DLL v12.0.6772.5000 : https://www.sendspace.com/file/q3abou
Code:
3282D835 |. 68 3C215432 PUSH MSO_ORIG.3254213C ; /Arg1 = 3254213C
3282D83A |. 8D4D AC LEA ECX,DWORD PTR SS:[EBP-54] ; |
3282D83D |. AA STOS BYTE PTR ES:[EDI] ; |
3282D83E |. E8 9183ECFF CALL MSO_ORIG.326F5BD4 ; \MSO_ORIG.31B85BD4
3282D843 |. 33C0 XOR EAX,EAX
3282D845 |. 3BF0 CMP ESI,EAX
3282D847 |. 0F84 D2000000 JE MSO_ORIG.3282D91F
3282D84D |. 3945 E0 CMP DWORD PTR SS:[EBP-20],EAX
3282D850 |. 0F84 C9000000 JE MSO_ORIG.3282D91F
3282D856 |. 8B0B MOV ECX,DWORD PTR DS:[EBX]
3282D858 |. 0B4B 04 OR ECX,DWORD PTR DS:[EBX+4]
3282D85B |. 0F84 BE000000 JE MSO_ORIG.3282D91F
3282D861 |. 3945 DC CMP DWORD PTR SS:[EBP-24],EAX
3282D864 |. 0F84 B5000000 JE MSO_ORIG.3282D91F
3282D86A |. 3945 D8 CMP DWORD PTR SS:[EBP-28],EAX
3282D86D |. 0F84 AC000000 JE MSO_ORIG.3282D91F
3282D873 |. 3945 E4 CMP DWORD PTR SS:[EBP-1C],EAX
3282D876 |. 0F84 A3000000 JE MSO_ORIG.3282D91F
3282D87C |. 8D7D EC LEA EDI,DWORD PTR SS:[EBP-14]
3282D87F |. AB STOS DWORD PTR ES:[EDI]
3282D880 |. AB STOS DWORD PTR ES:[EDI]
3282D881 |. AB STOS DWORD PTR ES:[EDI]
3282D882 |. 6A 23 PUSH 23
3282D884 |. 8D4D AC LEA ECX,DWORD PTR SS:[EBP-54]
3282D887 |. AB STOS DWORD PTR ES:[EDI]
3282D888 |. E8 BB82ECFF CALL MSO_ORIG.326F5B48
3282D88D |. 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
3282D890 |. 50 PUSH EAX
3282D891 |. 56 PUSH ESI
3282D892 |. 8D4D AC LEA ECX,DWORD PTR SS:[EBP-54]
3282D895 |. E8 1FC57600 CALL MSO_ORIG.32F99DB9
3282D89A |. 8BF0 MOV ESI,EAX ; 8B F0 (pattern start)
3282D89C |. 85F6 TEST ESI,ESI ; 85 F6
3282D89E |. 75 4C JNZ SHORT MSO_ORIG.3282D8EC ; 75 4C ; opcode JNZ -> JZ (75 -> 74) to bypass activation
3282D8A0 |. 3945 08 CMP DWORD PTR SS:[EBP+8],EAX ; 39 45 08 (pattern end)
Thank you for your contribution.
Virus Total Result:
https://www.virustotal.com/file/101968be.../analysis/
Untested by myself since I no longer use Office 2007.
(09-17-2017 01:06 AM)NewEraCracker Wrote: [ -> ] (09-17-2017 12:10 AM)anssik Wrote: [ -> ]MSO.DLL v12.0.6772.5000
Pattern: F0 85 F6 75 4C 39
Replace: 75 with 74 (JNZ with JZ)
Prepatched MSO.DLL v12.0.6772.5000 : https://www.sendspace.com/file/q3abou
Code:
3282D835 |. 68 3C215432 PUSH MSO_ORIG.3254213C ; /Arg1 = 3254213C
3282D83A |. 8D4D AC LEA ECX,DWORD PTR SS:[EBP-54] ; |
3282D83D |. AA STOS BYTE PTR ES:[EDI] ; |
3282D83E |. E8 9183ECFF CALL MSO_ORIG.326F5BD4 ; \MSO_ORIG.31B85BD4
3282D843 |. 33C0 XOR EAX,EAX
3282D845 |. 3BF0 CMP ESI,EAX
3282D847 |. 0F84 D2000000 JE MSO_ORIG.3282D91F
3282D84D |. 3945 E0 CMP DWORD PTR SS:[EBP-20],EAX
3282D850 |. 0F84 C9000000 JE MSO_ORIG.3282D91F
3282D856 |. 8B0B MOV ECX,DWORD PTR DS:[EBX]
3282D858 |. 0B4B 04 OR ECX,DWORD PTR DS:[EBX+4]
3282D85B |. 0F84 BE000000 JE MSO_ORIG.3282D91F
3282D861 |. 3945 DC CMP DWORD PTR SS:[EBP-24],EAX
3282D864 |. 0F84 B5000000 JE MSO_ORIG.3282D91F
3282D86A |. 3945 D8 CMP DWORD PTR SS:[EBP-28],EAX
3282D86D |. 0F84 AC000000 JE MSO_ORIG.3282D91F
3282D873 |. 3945 E4 CMP DWORD PTR SS:[EBP-1C],EAX
3282D876 |. 0F84 A3000000 JE MSO_ORIG.3282D91F
3282D87C |. 8D7D EC LEA EDI,DWORD PTR SS:[EBP-14]
3282D87F |. AB STOS DWORD PTR ES:[EDI]
3282D880 |. AB STOS DWORD PTR ES:[EDI]
3282D881 |. AB STOS DWORD PTR ES:[EDI]
3282D882 |. 6A 23 PUSH 23
3282D884 |. 8D4D AC LEA ECX,DWORD PTR SS:[EBP-54]
3282D887 |. AB STOS DWORD PTR ES:[EDI]
3282D888 |. E8 BB82ECFF CALL MSO_ORIG.326F5B48
3282D88D |. 8D45 E8 LEA EAX,DWORD PTR SS:[EBP-18]
3282D890 |. 50 PUSH EAX
3282D891 |. 56 PUSH ESI
3282D892 |. 8D4D AC LEA ECX,DWORD PTR SS:[EBP-54]
3282D895 |. E8 1FC57600 CALL MSO_ORIG.32F99DB9
3282D89A |. 8BF0 MOV ESI,EAX ; 8B F0 (pattern start)
3282D89C |. 85F6 TEST ESI,ESI ; 85 F6
3282D89E |. 75 4C JNZ SHORT MSO_ORIG.3282D8EC ; 75 4C ; opcode JNZ -> JZ (75 -> 74) to bypass activation
3282D8A0 |. 3945 08 CMP DWORD PTR SS:[EBP+8],EAX ; 39 45 08 (pattern end)
Thank you for your contribution.
Virus Total Result:
https://www.virustotal.com/file/101968be.../analysis/
Untested by myself since I no longer use Office 2007.
Thanks.
Are you able to update your tool?
Well, I carved up a patch for Office2007 activation for all versions from 12.0.4518.1014 (unpatched retail version) to 12.0.6777.5000 (current September 2017 patch).
Not every version in between has been tested, but should work.
EDIT: September 2017 security update was released for Office 2007. The patcher version 1.2 still works for the newest patch.
Tested versions:
12.0.4518.1014
12.0.6683.5000
12.0.6721.5000
12.0.6755.5000
12.0.6768.5000
12.0.6772.5000
12.0.6777.5000
(09-21-2017 09:47 PM)anssik Wrote: [ -> ]Well, I carved up a patch for Office2007 activation for all versions from 12.0.4518.1014 (unpatched retail version) to 12.0.6777.5000 (current September 2017 patch).
Not every version in between has been tested, but should work.
EDIT: September 2017 security update was released for Office 2007. The patcher version 1.2 still works for the newest patch.
Tested versions:
12.0.4518.1014
12.0.6683.5000
12.0.6721.5000
12.0.6755.5000
12.0.6768.5000
12.0.6772.5000
12.0.6777.5000
i used the activation patch but i can t write in word... why?