PostSharp 4.0注册机实现过程
PostSharp是基于.NET平台设计的比较强调易学易用的AOP框架。
什么是AOP? http://wayfarer.cnblogs.com/articles/241024.html
新版的已失效,注册码验证能过,但不能使用
准备工作
- 安装.Net Reflector或者类似的工具
- 给.Net Reflector 装上Reflector.BamlViewer插件,它可以查看xaml。下载地址:http://reflectoraddins.codeplex.com/releases
- 到PostSharp官网下载最新版(4.0.29),并安装 下载地址:http://www.postsharp.net/download
开始干活
找到安装目录,我用的是win8,vs2012,安装目录是C:\Users\【用户名】\AppData\Local\Microsoft\VisualStudio\10.0\Extensions\*
vs2012 C:\Users\【用户名】\AppData\Local\Microsoft\VisualStudio\12.0\Extensions\*
最后的*是随机的,一个个点开看吧,或者搜文件PostSharp.dll,一看结果就知道了
先看看注册界面是怎么样的,再通过.Net Reflector反编译PostSharp.HQ.v3.0.exe找到对应界面。注册界面如下,它是一个WPF窗口
经过一番查找后发现是enterlicensekeypage
转到这这个界面对应是代码上PostSharp.HQ.Licensing.EnterLicenseKeyPage,得到以下代码
public override void OnNext() { this.__PS___z_aspect29.OnMethodEntry(null); try { string str; License license = License.Deserialize(this.licenseKeyTextBox.Text); .....
跟过去,基本确定注册吗验证代码都在PostSharp.Sdk.Extensibility.Licensing.License这个类中(这个类在PostSharp.Settings.dll这个dll中)
从类中的几个方法看出,此类包含生成注册码和验证注册吗功能。采用DSA加密方式
public class License { public static License Create(LicensedProduct product); public static License Deserialize(string licenseString); public string Serialize(); public void Sign(byte signatureKeyId, string privateKey); public virtual bool Validate(byte[] publicKeyToken, out string errorDescription); public bool VerifySignature(); public bool VerifySignature(DSA publicKey); ... }
可以通过以下代码生成一个注册码
License lic = License.Create(LicensedProduct.PostSharp30); lic.LicenseGuid = Guid.NewGuid(); lic.LicenseType = (byte)LicenseType.Commercial; lic.Product = LicensedProduct.PostSharp30; lic.Sign(1, privateKey); string sn = lic.Serialize(); //最终注册码
你以为到这里就完了吗?错了,请问你弄到privateKey(私钥)了吗
当然你有本事弄到私钥,到这步就完成了。可是我弄不到,只能想别的办法了。
再往下研究,发现PostSharp.Sdk.Extensibility.Licensing.CryptoUtilities类中提供了公钥
public static class CryptoUtilities { // Fields private static readonly DSA productionPublicKey0 = DSA.Create(); private static readonly DSA productionPublicKey1 = DSA.Create(); // Methods static CryptoUtilities() { productionPublicKey0.FromXmlString("<DSAKeyValue><P>9cMyBYBokidciAghqE1POnEbcxpBui3PfazddrQjndkDtPskGvBcjS8LIStB/jR0SICKmLMwl7WoocpdXgYTOopgKJ33E4NOIhc1vbQR6vCCidGWlN88hUKCQJ8cGzme/LDmUT5zfK3TfM6LkMU1fYTNARrefIZkSlg4GGIjZ38=</P><Q>m9h5p2kl1vlwuw12AOQbem3yDXU=</Q><G>pBkhekdI1vk084zMbubnu7qtDyTid6x01crQJiERfmk2HgFt13dXHwei/1kgrRJPWrtZVRKMmO8w+p4jfle82n2/BaFNBLouUoQ/fBYPPdDZBocd/tXqBduF5zq1S12tDv8TIIarMTRtj18F5e68cxBPbweVs4n8meqLEQL5AwA=</G><Y>e2otaOKaVFxnEoHI4g1f7BCcrOaAwd1/GTMkEXGaNw3CYucIuOJdvlZEWa/pa4DTUeK4McHOXRJsZMQdHaoh+dK17NdmMxTa2UMokyoIdayu9kw9TbWUy2zXovJ8CHJVP4RU8wlJk1RKjeMuSK3lYPgo2RTbV9UbU2qK1gmVwg4=</Y><J>AAAAAZOzu4FkAIr0MjlqqHtPNWrFTfjw4/qDWuFvHEf7ioaj8vqRao8mbqsLueqvYIYQ8g8w2WNWFAOG6e8waiQhX2O/DRSZNbc/JfdjQqlPli5be6FqNsGnjKXdEt2boONKU/fpGx/m69V+a/4jxg==</J><Seed>1B0yRR/A/kmE1zMUIFiEMmJ328M=</Seed><PgenCounter>Xg==</PgenCounter></DSAKeyValue>"); productionPublicKey1.FromXmlString("<DSAKeyValue><P>vAmBC+eZJaZa7HdlTDAgsfcT0QSjqN8d8fEeZ9E1kxfIAYGerlHFHW/A5muBYy8FyO7W8r4mqxpxcvFQEeEqVe89BUXecHjh6FkTEsT25r/nbV4jnZBxNz16qb7A6t8MCr0jzuzrIGFVP5VG/ad0s/1078WqpwQqJQXHmH/lXX0=</P><Q>+RdtGnwCJw4u2H/goSLtaAGr1U0=</Q><G>sxQQgHIuRgYOMtB+r7EGRO/OTRGXhUrFyZ1R9nVerGGC2juEVWSoydr2JquILOwIO7+1kIOwbkhCjNlZIAdvWRlN5COF7gHfPi1dSX7LzDcNbZDADvrOUmk1KG3hZ3Vf67XIbug2/nq8aij7gbEs4eA26EWWpObO0a+e2QmsQII=</G><Y>dP073SH4QG5KiV5BbZEDLiV3/D2eD18D9jsMVD1p+eMZsffU88/Pxfen1Pe5cyulw8gQkEvlAa3GEmGsaGaa7Qp245NPD8fbEOLFu3tdwMhw/ylRHpjTS7BDRjvGeyGwSS0WTWQCwCyI8LN6Rvg7p4RfhHIaAWWkTJNVAG7AN7g=</Y><J>wUCV+9KzxPW+J3/DIm3sIfVf29Z8u5zPXnEZbMTrkWwdgOTSPuXimtiQku8knyWD3iC+GqyhtoFqdgXqQS6WcadAABb2U5mMTL0V1o6Jy6c0cyPb9blmf5wdZxMKVlXe9lcAO8rP16XhQGVs</J><Seed>h7zytTPqA9Ue3F7c/j+9iXW4Ebw=</Seed><PgenCounter>Aag=</PgenCounter></DSAKeyValue>"); } }
验证注册吗就用上述的公钥去验证。
那么能不能自己生成公钥私钥去PostSharp.Sdk.Extensibility.Licensing.CryptoUtilities类的的公钥替换掉呢,答案是肯定的。
先看看怎么生成公钥私钥
DSACryptoServiceProvider dsac = new DSACryptoServiceProvider(); string strPublic = dsac.ToXmlString(false); //公钥 string strPrivate = dsac.ToXmlString(true); //私钥
结果如:
公钥
<DSAKeyValue><P>gSFAXq2fbk0P+6y1G6aYXlUPdESfs42kaF/v4pfkt9sNx1bx8Ni4IVzXdgtDLKhIpL9cv6Ho0pEM5qCVZ0oY8QZJpt8PC4ZEiCEgWFGLLLooriZmJPwsEQtcjB/sz4lvvO9oFrLnrYS16e3FCriImDTBVtv3TVptjTjzwWuLDsM=</P><Q>0jat9uBZUDVQJOz8wSD4n0YffmU=</Q><G>epyQJV9QGsh845z+QD8v1GpipREXn+UXmkiW9vPs3BVGGM0ghZFDduArfMn8wZYX4ByIOU1t0tLsZ00Aac1Wu3ZB+X1ccY6E5AVeRLDialis4YyYPjO0wdmZezm9feOSg866450wknur/k9Jz3VnnOC/lrd1tAsIYRajmYCDMZs=</G><Y>MfdvjimBnuxe3s0+xRMcF2BRokqDANzwrMxMJCfmr9Y/Xn+a+uii4/S56169uUryU6hKcuWVoYdSFo7upLDSl8mVn37gg/N78m942PBh2qFRBCLLaGtkV81dRxSxsqln54AlBx5XrfHbAmAGkfAuIA11EeQcJSCt75qkliJNbGw=</Y><Seed>8DxESgmqPh6mI5OkwmQBDiiIrHc=</Seed><PgenCounter>A9M=</PgenCounter></DSAKeyValue>
私钥
<DSAKeyValue><P>gSFAXq2fbk0P+6y1G6aYXlUPdESfs42kaF/v4pfkt9sNx1bx8Ni4IVzXdgtDLKhIpL9cv6Ho0pEM5qCVZ0oY8QZJpt8PC4ZEiCEgWFGLLLooriZmJPwsEQtcjB/sz4lvvO9oFrLnrYS16e3FCriImDTBVtv3TVptjTjzwWuLDsM=</P><Q>0jat9uBZUDVQJOz8wSD4n0YffmU=</Q><G>epyQJV9QGsh845z+QD8v1GpipREXn+UXmkiW9vPs3BVGGM0ghZFDduArfMn8wZYX4ByIOU1t0tLsZ00Aac1Wu3ZB+X1ccY6E5AVeRLDialis4YyYPjO0wdmZezm9feOSg866450wknur/k9Jz3VnnOC/lrd1tAsIYRajmYCDMZs=</G><Y>MfdvjimBnuxe3s0+xRMcF2BRokqDANzwrMxMJCfmr9Y/Xn+a+uii4/S56169uUryU6hKcuWVoYdSFo7upLDSl8mVn37gg/N78m942PBh2qFRBCLLaGtkV81dRxSxsqln54AlBx5XrfHbAmAGkfAuIA11EeQcJSCt75qkliJNbGw=</Y><Seed>8DxESgmqPh6mI5OkwmQBDiiIrHc=</Seed><PgenCounter>A9M=</PgenCounter><X>ZN67VkaNCRolYpQDVKCOeNYK88M=</X></DSAKeyValue>
ok公钥私钥准备好了,怎么改PostSharp.Sdk.Extensibility.Licensing.CryptoUtilities里的公钥呢
把PostSharp.Settings.dll复制出,打开vs命令行,用ildasm来反编译成il代码
ildasm PostSharp.Settings.dll /output= PostSharp.Settings.il
在生成的il代码中找到设置公钥的代码(搜 .class public abstract auto ansi sealed PostSharp.Sdk.Extensibility.Licensing.CryptoUtilities),把公钥(两个都)改成刚才生成的公钥保存il
再用ilasm 生成dll文件
ilasm PostSharp.Settings.il /dll
到此,已经把新的公钥写到PostSharp.Settings.dll中了
把新的PostSharp.Settings.dll复制到PostSharp安装目录中,覆盖原有的。打开PostSharp注册,输入上面生成的注册码。下一步,惊喜出现了
大功告成!
下载就不提供了,原因你懂的
后:
发现PostSharp注册成功后,下次启动不再对已注册的key进行合法性判断。根据此bug,另外制作了一个不用修改dll的注册机,原理是注册的时候,注入dll到注册程序,用反射的原理修改注册程序的公钥,即能达到目的。
如果被杀毒软件拦截注入,必须点允许才可以注册成功
