InstallSHIELD Cracking (NaTzGUL, BigJohnson)
_SETUP.LIB is a compressed Data-Base from InstallSHIELD. It can contain EXEs and DLLs
supporting the Installation. Sometimes these Support Files are in the same dir like
SETUP.EXE (unlikely), but in our case they are compressed into _SETUP.LIB
(you will see later). I didn't had the compressed Data-Base Files
(xxx.1-x,xxx.z) containing the Program Files and so they can be very big ;)
Don't mind it, because we don't need them anyway for cracking.
A compressed Data-Base File allways begins with "13 5D 65 8C 3A 01 02 00", so
if you cant find any xxx.z or xxx.1-x then just look for these bytes. At the end of
every compressed Data-Base File you can see all the File Names by the way.
SETUP.PKG contains all the File-Names in the Program Data-Base which we don't need and
so we don't need SETUP.PKG either. InstallSHIELD uses SETUP.PKG to refer the Files in
the Program Data-Base in the copying process I believe. Anyway, we don't need it, so
lets go on.
_SETUP.DLL is a InstallSHIELD Resource DLL and it's not important for us, because it's
only a Support File which is supplied with any InstallSHIELD Installation. SETUP.INS
is the compiled Installation Script and its the most important part in a InstallSHIELD
Installation Process!!!. In Win95 it has got a globe connected to a phone as icon. This File
Controls any Action and has got most of the messages of the Installation and it will play
a major Role in our SECOND APPRAOCH.
SETUP.EXE is the head of all, its the Installation Engine and executes the Script and does
all CALLs to DLLs and Disk-Access (32 Bit !!!). So far so good, now we know much
more about InstallSHIELD =)
As you know, quite a few software tools are being packaged now with InstallShield 5.0 - and
many of those installations contain scripts that ask for serial numbers in order to decompress
their contents. It used to be that you could simply run InstallShield's ICOMP.EXE utility to
decompress the data.z file(s) and bypass setup altogether; however, the new InstallShield is
more clever - but not much more so.
In the new InstallShield 5 config, the SETUP.INS file contains compiled script. Since many
installations require Serial Numbers inside the script, I reasoned ... why not simply replace
the InstallShield compiled script with a default one produced by an empty InstallShield
config?
Here's what you do:
|
1.
|
Run InstallShield Pro 5 (see http://www.dejanews.com
and search for "InstallShield" for details on how to get that package from the
InstallShield FTP Site ... stupid mortals).
|
|
2.
|
Create a new installation with 1 file in it. Doesn't matter what the file is
|
|
3.
|
Compile the installation. It will produce a bunch of files in
"c:\myinstallations\ProjectX\media\disk1\..."
|
|
4.
|
Copy SETUP.INS to somewhere safe. You will need it later.
|
|
5.
|
When you come across an InstallShield5-based setup program that requires a serial
number/password, simply make a copy of the existing SETUP.INS to SETUP.IN$, and copy
replace SETUP.INS with the one that you produced in step 4.
|
Now, of course, if the compiled script contains very explicit installation procedures,
this technique may not work ... however, it does work in the vast majority of cases
since the location of files and registry keys seems to be encoded into DATA1.CAB - not
the SETUP.INS script.
|
|
00. INDEX
06. Tips & Tricks for Cracking
4 InstallSHIELD Setups