RE: Programmer claims MS eBook Reader Cracked

From: Рягин Михаил Юрьевич (ryaginat_private)
Date: Sun Sep 02 2001 - 22:04:17 PDT

Next message: Crispin Cowan: "Re: Vulnerability in credit union's E-statement feature"

Previous message: snsadvat_private: "[SNS Advisory No.41] iPlanet Messaging Server 5.1(evaluation copy) Buffer Overflow Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There is also another technique to crack Microsoft eBook Reader, not related to any cryptographic issues.

At least with text of e-book, everything is easy. When reader displays current book page, this 
page is stored in memory as decrypted string of text. In case of Microsoft eBook Reader, this is Unicode string.

The only thing you have to do is to scroll via all pages of the ebook and catch all the text.
Reader's memory is readable by convenient Win32 Debug APIs.

There will be relatively hard to find the text in heap memory, but this can be achieved, for example, by injecting
heap monitor dll (well-known DLL injecting method) and catching all memory allocations of sizes comparable with common
text page sizes.

I had no time to check it. Moreover, this can be not true. This information is only checked on one free-downloadable ebook file. On highly-protected book titles page could be protected by more encryption, I guess.

So, I ask someone to check this.

Mikhail Ryagin,
Extrim pro
Russia

Next message: Crispin Cowan: "Re: Vulnerability in credit union's E-statement feature"
Previous message: snsadvat_private: "[SNS Advisory No.41] iPlanet Messaging Server 5.1(evaluation copy) Buffer Overflow Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Sep 02 2001 - 22:35:19 PDT