偶破解了Jive.Forums.Enterprise.v3.0.9 (轉)
偶破解了Jive.Forums.Enterprise.v3.0.9 (轉)[@more@]這個老外的好東東,真是一個不錯的BBS,偶在0DAY中找到了3。08版的CCF,但是大家看看3。09改的問題吧:
Fixed OutOfMemoryError when viewing a watch summary page with forum watches. This problem only affected 3.0.8.
Fixed incorrect URLs on watch icons.
Fixed "null" display of the parent message body on the post fopage (replies only). This problem only affected 3.0.8.
Added a section about the optional custom-actions. file in the developer docs (default skin section). You can use the custom-actions.xml file to overr existing actions or define your own actions without editing the actions.xml file.
Fixed minor report engine s.
Introduced a change to "edited by" messages where the timestamp will never be displayed.
Fixed unnecessary heavy logging to the "warn" log by the ForumThreadAction class.
i18n Change Summary: (see i18n properties file for more info)
以上這些問題都是偶不得不找3。09的原因了,但是苦在於版本太新0DAY找不到,只有自己動手上了,可是偶的水平真的好爛,在查詢多方資料與借鑑3。08版本的破解後偶終於成功了,激動的晚上想失眠,可是太累只有做夢失眠一會吧!
下面就吧偶的破解過程告訴大家,由於3。08與3。09在功能上差別不大隻是因為3。09修正了幾個可怕的,所以偶想他們在LIC上應該也不會有差別,所以就開始比較他們的包的大小,結果發現3。08與3。09中的jive3-INFlibjivebase.jar檔案大小不一樣,而且還有幾個也不同,但是偶不管了只要找到LIC就可以了,把jivebase.jar展開後,在jivebasecomjivesoftwareaseLicenseManager.class應該是LIC的控制檔案,當然也有其他地方有相關的LIC檔案,但此檔案經過偶的推敲後認定就是他了。
偶就使用JAD反編譯工具把此LicenseManager.class檔案編譯成LicenseManager.JAVA後發現的確如此,此檔案內充滿了條件判斷,但其中只有兩個是決定LIC檔案在什麼地方與該LIC檔案確定的版本與功能限制,呵呵。。。只要把他們饒過就OK了,於是呼小弟就在此下了狠手,下面是這兩個函式的內容:
static boolean validate(License license)
throws Exception
{
String publicKey = "308201b73082012c06072a8648ce3804013082011f02818100fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c70215009760508f15230bccb292b982a2eb840bf0581cf502818100f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a038184000281800af088055b9304337d285bd946e095465b6d16472e8fc4c29ab735d46fed6140236a3227a2afce0ec54d0002cb95a4988a3e545b1c58c030515c24ecc3de6763fca3f09e05ca568a594d370b879a338043ee3c5a6fe26e95c2b749ce4a8150cd61dd0459e6d5d0862a1ca857c8efc55c73ef3e883ca89eb8358b7147d06d854a";
byte pub[] = StringUtils.decodeHex(publicKey);
X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(pub);
KeyFactory keyFactory = KeyFactory.getInstance("DSA");
java.security.PublicKey pubKey = keyFactory.generatePublic(pubKeySpec);
Signature sig = Signature.getInstance("DSA");
sig.initVerify(pubKey);
sig.update(license.getFingerprint());
return sig.verify(StringUtils.decodeHex(license.getSignature()));
}
此函式是進行公共鑰匙演算法的計算,偶可以不要了,看的偶頭都痛了,於是就把他改成了如下:
static boolean validate(License license)
throws Exception
{
return true;
}
嘿嘿。。。是不是好狠呀!當然因為小弟是抄人家的,哈哈。。。
弟二個函式如下:
private static synchronized void loadLicense()
{
if(license != null)
return;
File file = new File(JiveGlobals.getJiveHome(), "jive.license");
if(!file.exists())
{
error = true;
errorMsg = "The license file could not be found at " + file.getAbsolutePath() + ".";
return;
}
if(!file.canRead())
{
error = true;
errorMsg = "The license file was found at " + file.getAbsolutePath() + ", but Jive does not have pession to read it.";
return;
}
long now;
try
{
BufferedReader in = new BufferedReader(new FileReader(file));
StringBuffer text = new StringBuffer();
char buf[] = new char[1024];
int j;
while((j = in.read(buf)) >= 0)
{
for(int i = 0; i < j; i++)
{
char ch = buf[i];
if(Character.isLetter(ch) || Character.isDigit(ch) || ch == '+' || ch == '/' || ch == '=')
text.append(ch);
}
}
in.close();
String xml = StringUtils.decodeBase64(text.toString());
license = License.fromXML(xml);
if(license.getLicenseID() == 1L)
{
error = true;
errorMsg = "Your license file is out of date and is no longer valid. Please use a new license file";
return;
}
}
catch(Exception e)
{
Log.error(e);
error = true;
if(e instanceof JException)
errorMsg = "Your license file is corrupt (" + file.getAbsolutePath() + ").";
else
errorMsg = "There was an error reading the license file at " + file.getAbsolutePath() + ": " + e.getMessage();
return;
}
if(license.getExpiresDate() != null)
{
now = System.currentTimeMillis();
if(license.getExpiresDate().getTime() < now)
{
error = true;
errorMsg = "Your license expired (" + file.getAbsolutePath() + ").";
return;
}
}
if(!validate(license))
{
error = true;
errorMsg = "Your license file does not appear to be valid (" + file.getAbsolutePath() + ").";
return;
}
error = false;
return;
}
在這個函式里就是找LIC檔案,同時對裡面的金鑰進行,只要來個更狠的就把他搞定,看看偶的修改後函式:
private static synchronized void loadLicense()
{
if(license != null)
{
return;
} else
{
license = new License(0xbc614eL, "Jive Forums Enterprise", "3.0.9", License.LicenseType.COMMERCIAL);
license.setCompany("Gold");
license.setCreationDate(new Date());
license.setName("Gold");
license.setNumClusterMembers(999);
license.setNumCopies(999);
license.setURL("");
error = false;
return;
}
}
相信大家都知道是什麼意思了吧!嘿嘿。。。這個函式的廢話太多了,偶給去掉一點點而已,就OK了。
最後把修改過的LicenseManager.java編譯一下,偶用的是JBUILDER8,別的不會用。
然後把LicenseManager.CLASS檔案覆蓋以前的LicenseManager.CLASS,從新用JAR打包成jivebase.jar檔案覆蓋以前,然後從啟動從新進入該,順利透過驗收。
Fixed OutOfMemoryError when viewing a watch summary page with forum watches. This problem only affected 3.0.8.
Fixed incorrect URLs on watch icons.
Fixed "null" display of the parent message body on the post fopage (replies only). This problem only affected 3.0.8.
Added a section about the optional custom-actions. file in the developer docs (default skin section). You can use the custom-actions.xml file to overr existing actions or define your own actions without editing the actions.xml file.
Fixed minor report engine s.
Introduced a change to "edited by" messages where the timestamp will never be displayed.
Fixed unnecessary heavy logging to the "warn" log by the ForumThreadAction class.
i18n Change Summary: (see i18n properties file for more info)
以上這些問題都是偶不得不找3。09的原因了,但是苦在於版本太新0DAY找不到,只有自己動手上了,可是偶的水平真的好爛,在查詢多方資料與借鑑3。08版本的破解後偶終於成功了,激動的晚上想失眠,可是太累只有做夢失眠一會吧!
下面就吧偶的破解過程告訴大家,由於3。08與3。09在功能上差別不大隻是因為3。09修正了幾個可怕的,所以偶想他們在LIC上應該也不會有差別,所以就開始比較他們的包的大小,結果發現3。08與3。09中的jive3-INFlibjivebase.jar檔案大小不一樣,而且還有幾個也不同,但是偶不管了只要找到LIC就可以了,把jivebase.jar展開後,在jivebasecomjivesoftwareaseLicenseManager.class應該是LIC的控制檔案,當然也有其他地方有相關的LIC檔案,但此檔案經過偶的推敲後認定就是他了。
偶就使用JAD反編譯工具把此LicenseManager.class檔案編譯成LicenseManager.JAVA後發現的確如此,此檔案內充滿了條件判斷,但其中只有兩個是決定LIC檔案在什麼地方與該LIC檔案確定的版本與功能限制,呵呵。。。只要把他們饒過就OK了,於是呼小弟就在此下了狠手,下面是這兩個函式的內容:
static boolean validate(License license)
throws Exception
{
String publicKey = "308201b73082012c06072a8648ce3804013082011f02818100fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c70215009760508f15230bccb292b982a2eb840bf0581cf502818100f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a038184000281800af088055b9304337d285bd946e095465b6d16472e8fc4c29ab735d46fed6140236a3227a2afce0ec54d0002cb95a4988a3e545b1c58c030515c24ecc3de6763fca3f09e05ca568a594d370b879a338043ee3c5a6fe26e95c2b749ce4a8150cd61dd0459e6d5d0862a1ca857c8efc55c73ef3e883ca89eb8358b7147d06d854a";
byte pub[] = StringUtils.decodeHex(publicKey);
X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(pub);
KeyFactory keyFactory = KeyFactory.getInstance("DSA");
java.security.PublicKey pubKey = keyFactory.generatePublic(pubKeySpec);
Signature sig = Signature.getInstance("DSA");
sig.initVerify(pubKey);
sig.update(license.getFingerprint());
return sig.verify(StringUtils.decodeHex(license.getSignature()));
}
此函式是進行公共鑰匙演算法的計算,偶可以不要了,看的偶頭都痛了,於是就把他改成了如下:
static boolean validate(License license)
throws Exception
{
return true;
}
嘿嘿。。。是不是好狠呀!當然因為小弟是抄人家的,哈哈。。。
弟二個函式如下:
private static synchronized void loadLicense()
{
if(license != null)
return;
File file = new File(JiveGlobals.getJiveHome(), "jive.license");
if(!file.exists())
{
error = true;
errorMsg = "The license file could not be found at " + file.getAbsolutePath() + ".";
return;
}
if(!file.canRead())
{
error = true;
errorMsg = "The license file was found at " + file.getAbsolutePath() + ", but Jive does not have pession to read it.";
return;
}
long now;
try
{
BufferedReader in = new BufferedReader(new FileReader(file));
StringBuffer text = new StringBuffer();
char buf[] = new char[1024];
int j;
while((j = in.read(buf)) >= 0)
{
for(int i = 0; i < j; i++)
{
char ch = buf[i];
if(Character.isLetter(ch) || Character.isDigit(ch) || ch == '+' || ch == '/' || ch == '=')
text.append(ch);
}
}
in.close();
String xml = StringUtils.decodeBase64(text.toString());
license = License.fromXML(xml);
if(license.getLicenseID() == 1L)
{
error = true;
errorMsg = "Your license file is out of date and is no longer valid. Please use a new license file";
return;
}
}
catch(Exception e)
{
Log.error(e);
error = true;
if(e instanceof JException)
errorMsg = "Your license file is corrupt (" + file.getAbsolutePath() + ").";
else
errorMsg = "There was an error reading the license file at " + file.getAbsolutePath() + ": " + e.getMessage();
return;
}
if(license.getExpiresDate() != null)
{
now = System.currentTimeMillis();
if(license.getExpiresDate().getTime() < now)
{
error = true;
errorMsg = "Your license expired (" + file.getAbsolutePath() + ").";
return;
}
}
if(!validate(license))
{
error = true;
errorMsg = "Your license file does not appear to be valid (" + file.getAbsolutePath() + ").";
return;
}
error = false;
return;
}
在這個函式里就是找LIC檔案,同時對裡面的金鑰進行,只要來個更狠的就把他搞定,看看偶的修改後函式:
private static synchronized void loadLicense()
{
if(license != null)
{
return;
} else
{
license = new License(0xbc614eL, "Jive Forums Enterprise", "3.0.9", License.LicenseType.COMMERCIAL);
license.setCompany("Gold");
license.setCreationDate(new Date());
license.setName("Gold");
license.setNumClusterMembers(999);
license.setNumCopies(999);
license.setURL("");
error = false;
return;
}
}
相信大家都知道是什麼意思了吧!嘿嘿。。。這個函式的廢話太多了,偶給去掉一點點而已,就OK了。
最後把修改過的LicenseManager.java編譯一下,偶用的是JBUILDER8,別的不會用。
然後把LicenseManager.CLASS檔案覆蓋以前的LicenseManager.CLASS,從新用JAR打包成jivebase.jar檔案覆蓋以前,然後從啟動從新進入該,順利透過驗收。
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/10752019/viewspace-956462/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- 偶得新玩具——通用文件轉換器Pandoc
- 初步理解了perl
- 人們誤解了OOPOOP
- 解析對偶理論與對偶單純性法
- 偶的Java之路Java
- 奇升偶降
- 偶用tput編的一個選擇式選單(轉)
- HTTPS 你瞭解了嗎?HTTP
- 關於原始對偶演算法(拉格朗日對偶)演算法
- java 反轉單連結串列,偶爾會遇到的面試題Java面試題
- 偶爾轉帖:AI會議的總結(by南大周志華)AI
- 偶滴工作環境
- 偶翻譯的小說
- Object物件你真理解了嗎?Object物件
- 三層,你真的理解了嗎?
- ERP軟體——期待破繭化蝶(轉)
- 對偶理論和對偶單純形法——Python實現Python
- 破破的JSFJS
- IT核心 建立牢不可破的IT安全策略(轉)
- 從朋友簽名偶得
- MapStruct 解了物件對映的毒Struct物件
- buffer busy waits你誤解了嗎?AI
- 調整陣列順序使奇數位於偶數前面,偶數和偶數之間的相對位置不變陣列
- ava String 物件,你真的瞭解了嗎?物件
- 谷歌官方元件Navigation你瞭解了嗎?谷歌元件Navigation
- Chrome 的小恐龍遊戲,被我破解了...Chrome遊戲
- eval()不是魔鬼,只是被誤解了(翻譯)
- 測試:你自認為理解了JavaScript?JavaScript
- 線性規劃對偶原理
- 偶的伺服器:nio,困惑!伺服器
- 貨代行業數字化轉型:如何破局前行?行業
- 數字化轉型報告:破譯人工智慧人工智慧
- 不破壞原加密儲存的儲存解密(轉)加密解密
- BIOS被病毒破壞了的解決方法(轉)iOS
- 線性規劃的對偶問題——由拉格朗日對偶問題匯出
- 艾,破破的Oracle901Oracle
- 王小云院士真地破解了MD5嗎
- Javascript建立陣列的方式你瞭解了嗎JavaScript陣列