The Mac App Store opened yesterday and a few hours after the web is already full of news about the hacking/cracking/defeat/whatever of the store. When I heard about the Mac App Store, I became curious about how it would handle the serial and other protections of normal applications. I had read an article/news that talked about no more serials since the App Store would handle that – this is logical since you pay first to download the application, so the payment problem is solved....

The original method to hijack sysent table was described by Landon Fuller and then Braden Thomas updated it to Snow Leopard due to new location and lack of nsysent symbol. Charlie Miller and Dino Dai Zovi at The Mac Hacker’s Handbook, have some code to try to automate this search for sysent. I never tried it before and today I decided to hack around it. It suffers from the problem of no nsysent symbol (is there a way to fix it?...

Hi, There is a new GDB Cocoa frontend in town courtesy of Kurt. It’s still in early stages but it’s always interesting to have people developing tools for OS X. Congrats to Kurt. You can contact him at kurt@osxdbg.co.cc for bug reporting! I also bring you two pics from an old HardLock dongle that I found while tidying up some drawers. It’s a parallel port HardLock Eye v4.1b, and it has like 8 years or more (can’t really remember heheh)....

Today I decided to give a look at Challenge #3 since it promised nasty tricks. Now that looks like a challenge and I love challenges! If you think this is a spoiler then stop reading and come back in a week or so. There is no solution for the challenge; I’m more interested in the “nasty” trick used and why the tools are failing. And I don’t need the Challenge itself to analyse this behavior since I can reproduce it with own code....

The MBA is over and I’m enjoying my vacations to clear stuff from the Todo list, to read books, to play some games and to do other stuff. Today the MacSerialJunkies contest started and I decided to give it a go. It’s a very simple crackme with a small twist where you have to bruteforce a MD5 string. I had reversed the serial routine and was starting the bruteforce without thinking much about it (first attempts were by searching online MD5 hashes databases for the correspondent plaintext but no such luck)....