Thread: How to "crack" wayfinder 7 days trial
View Single Post
Jaffa's Avatar
Jaffa is offline Jaffa
2011-07-16 , 19:48
Posts: 2,535 | Thanked: 6,681 times | Joined on Mar 2008 @ UK
#539
Originally Posted by burmashave View Post
That said, I've hinted at a potential solution; however, I have not heard from any devs. We know how to spoof a MAC address, why not spoof the satellite time data provided to Wayfinder. It seems that if we could subtract 3 years from all of the satellite data, Wayfinder would continue to work, provided that the system time was manually or automatically altered as well.
A better alternative is just to reverse engineer the binary and hardcode the condition which decides whether or not the user is licenced.

In initial versions this was trivial (it took me an hour or so to find) and meant changing a single 32-bit word (i.e. 4 bytes/1 instruction) in the binary. Later versions seem to have some kind of self-referential check which made this much harder the last time I looked at it; but by then licences were cheap and affordable.

Mine doesn't run out until October 2011, if the mapping solution on my primary device at that point (probably an N9) doesn't meet my requirements I'll have two options:
  • Reinvestigate cracking Wayfinder.
  • Buy a standalone unit like the Garmin 1340

If anyone wanted to properly get started on the first one, there are reverse engineering tools for ARM which work on lots of platforms, complete with visual segregation of functions and code paths.
__________________
Andrew Flegg -- mailto:andrew@bleb.org | http://www.bleb.org
 

The Following User Says Thank You to Jaffa For This Useful Post: