help me make sense of this

[vincevega]

Hi I tried using both Brahmms and Shauns (latest)exe for the lockdown browser and both give me the same error.

which is "LockDown.exe - Entry Point Not Found. The procedure entry point ?DisableTaskKeys@@YAHHH@Z could not be located in the dynamic link library TaskKeyHook.dll"

All I need the program to do is display the address bar, so I can get off of that Minnesota college testing page w/ the password box.

I just need to be able to use the program with My school's WebCT page, but I can't redirect the browsers to that site.

Has this feat been accomplished with any of the hacked respondus lockdown exe's?

[1neat67]

Hello,

Did anyone ever figure out how to enable copy & paste while running LockDown Browser.

Thanks

1neat67

[razorlala]

Thank you all so very much for working on this lockdown thing.

I am also in the same boat of needing to get work done.

I found that this browser returns to its original (locked) state when a new browser window is opened.

ie-when you are doing assessements or quizzes, it resizes and then disallows the initialization of any apps through task mgr.

anyone run into this?

i got a problem with that. and i still cant seem to get it to work after trying everything on this thread =/

[Hyperant]

i would assume the system is using a one time password, that way it doesnt need to actually store the password anywhere, either that or the password that is sent to the system is your password (which kind of makes sense when you think about it, and it also explains why you captured your own password in the packets)

http://en.wikipedia.org/wiki/One-time_password

[devroute]

I was wondering does anyone happen to have a updated version of this cracked if so it would be much appreciated all 4 of my online classes are using this and I was unable to run it in vmware :/

[javh]

I'm in the same situation as devroute, I have a couple of courses where they're making us use respondus even for simple task and writing essays, I can't stand it, maybe we could send a PM, maybe some of them remember what was the part they removed from the exe to avoid the VM check. I already tried comparing the exe vs the new one but got no clue..

I believe the problem is that the program automatically checks for updates, but I'm not sure who's making the request, Blackboard or Respondus?

[devroute]

Well our campus isn't even using blackboard anymore they switched over to "learn" during the summer. Which by the looks of things doesn't work with the old respondus versions only the new heck i'm at the point now where class is starting on the 27th that i'd even pay someone to patch the latest respondus for me just so i can run it in a vmware machine without issues.

[digip]

If its that important to be able to use the web while respondus is in use, use a second device to access the web? Or, if it takes over the whole workstations ability to use the web normally even when just trying to surf the web, create a new user on the system, and only install respondus on the second user account.

I also found when testing it way back in the day, ZoneAlarm, would allow you to prevent it from locking the screen and keyboard, but still allowed respondus to work while you could access the OS, google, ctrl+del, etc, when respondus was running. I haven't seen, looked at or worked on this years since the original posts we're up, and don't even have copies of the nopped out version I created, but if you want to try, get something like Ollydebug, and make your own version by nopping out functions of the program to allow you full access to the workstation while still have a working copy on the Respondus browser without denying you access to anything you need.

[javh]

The thing is sometimes we must use it in our Laptops in class so it would be kinda awkward to bring 2 laptops. I have been looking around using IDA, this is what i just found using old info as a reference:

Main

.data:004AC2CC 00000060 C The browser can't be used in virtual machine software such as Virtual PC, VMWare and Parallels.

Subroutine

.data:004AC2CC ; char aTheBrowserCanT[]

.data:004AC2CC aTheBrowserCanT db 'The browser can',27h,'t be used in virtual machine software such as '

.data:004AC2CC ; DATA XREF: sub_40A965+28Bo

.data:004AC2CC db 'Virtual PC, VMWare and Parallels.',0

.data:004A8C80 00000017 C Parallels Video Driver

.data:004A8C98 0000001A C Parallels Network Adapter

.data:004A8CB4 00000025 C Parallels Mouse Synchronization Tool

.data:004A8CDC 00000013 C PRL Virtual CD-ROM

.data:004A8CF0 0000000F C VMWare SVGA II

.data:004A8D00 0000000C C VMWare SVGA

.data:004A8D0C 00000017 C VMWare Pointing Device

.data:004A8D24 00000025 C VMWare Accelerated AMD PCNet Adapter

.data:004A8D4C 00000017 C VMWare SCSI Controller

.data:004A8D64 0000001E C VMWare Virtual IDE Hard Drive

.data:004A8D84 0000001A C VM Additions S3 Trio32/64

.data:004A8DA0 0000001D C VM Additions PS/2 Port Mouse

.data:004A8DC0 0000002A C VM Additions PC/AT Enhanced PS/2 Keyboard

I'd just be fine being able to run it in a virtual machine since that way I can use my regular software so i actually see no need in allowing responds to let me use google , ctrl*del, etc.

P.S. I already tried using Zone Alarm Pro but the only action it asked was to let Respondus connect to the server, maybe i didn't configured something properly...

[digip]

If you can find the words VMware in HEX in the code, and if thats all it looks for is those names, you might even be able to globally just hex edit and change "vmware" to "foobar" and it would never detect it. That is, if hats how it does its lookups to match by the descriptions. Probably not as simple as that, but hey, never know. Just make a copy of the program before messing with it or back it up or whatever. The program might also now check a hash of itself to see if its been tampered with. Some programs can tell if you've edited one hex bit difference, like windows System File Checker can do and would replace files if needed, but hey, give it a shot.

[javh]

Thanks for the tip digit, i will try during the weekend, its a great idea to change the lookups.!! Hopefully the program does not check if it's been hexedited or tampered, what i was trying to do replicate was even if any of those names was found instead of closing the app replace it to continue... May be another option..!

[digip]

Yeah, when I initially ran this through a few years back now?? all I did was check and toggle dialogs and when I got a prompt for something along the lines of not being able to do something, I just nopped those parts out one at a time, saved to new file, reran new file in olly, until all of the blocking parts were gone. Once I did that, it still ran and I could do CTRL+ALT+DEL, access the desktop, other programs, etc. I was not a student at the school who used the program though, so I never knew if it even worked once logged in or if it updated itself or such, but from what people had said, it worked, so I figured just try the same thing. The hex editing part came to me yesterday though, when I save what you posted with he names, I figured if the signatures used actual like form title names, change vmware to foobar, its the same length in characters, and would make anything for vmware look like foobar and should get ignored, but thats only if that is how they do the blocking. You could replace all blocks this way I imagine by hexing the value to something benign, if it didn't change the file size or structure. I actually did this with my touchpad browser to change it from WebOS Touchpad/1,0 to now show up as Windows NT 6.1 Chrome/Safari Webkit, so google stops putting me on mobile mode, and hulu works a treat(can't take all credit for it, found a shell script that did basically same thing, I just changed the OS and Browser to one I felt more universal and as such, worked much better for me with flash and sites that blocked mobile devices all together).

[devroute]

Well i've been looking thru this in ollydbg for 2 days now and haven't figured it out looks like it's hidden in a dll file now but that's all i can gather from it couldn't find anything mentioned about vmware so digip if you could take a look at it i'd appreciate it.

[digip]

I'd need an actual link to download the latest version, but to be honest don't have a whole lot of time. you can try opening in PEiD and looking up the strings, see if they are there. It might be obfuscated if its created with a packer that creates multiple layers, or like you said, in a DLL file of the program, which you should be able to edit in a hex editor as well, for both the main exe and any dll files or binaries it includes.

[digip]

I didn't see ANY strings for VMware in there at all, but it could also be encrypted. I installed it in a sandbox, and exported all the files out of it, and am now about to copy them over to an XP vm. Not sure if it still runs in XP or not. I did notice it looks like a nasty ass piece of software, and one of the resources looks like it hooks into the boot loader somehow, or it just examines the bootloader, and thats how it recognizes if its in a VM or not. That part I am not sure of, but once installed if you look at the main exe file in a resource editor, the first resource name is bootloader and looks for a fat partition. Maybe looks for thumbdrives, who knows. I hate software like this though, that takes over your entire machine.

[digip]

Ok, I was able to run this in VMware without ANY problems. The installer is an InstallShield packed file, and that is what probably checks for VMware to kill it off and not let you install it to a VM, but once unpacked locally to my sandbox, I had all the files and could see where it installed everything. I just moved everything out of c:\Windows\SysWOW64\ that were created by respondus, and put them in the actual respondus folder. This is one of those old hacks, that if you want to make portable files, you find all the install files and DLL's and move them to one single folder to make a program run, which in this case, worked.

got this to run in an XP VM with no problem via VMware!!

http://dropmysh.it/files/Respondus4-Files-2012.zip <-- Download it from here, I zipped all files together in one folder. Unzip to your VM desktop, and run the main exe.

Now, when I first launched it, it gave an error about not being in c:\program files. Ignored it, gave me a key for 30 day trial or add registered product keys, I went to the respondus site, registered with fake info for the 30 day trial, it emailed me a key, and then I put it in and it ran for the 30 day trial. It then asked me what platform I use, I just chose blackboard, but whatever. After that, it loaded the respondsus program GUI and all seems to be working. At least, from what I could tell, it works 100%, and does not seem to block anything. Doing this in a SandBox, I also bypassed all teh changes it made to the registry, but I would still not run this thing natively from my real desktop.

Not sure what else you need, but I didn't have to edit or debug anything, it just ran in an XP SP3 VM by unzipping it and running from the desktop and walking through the steps to get the 30 day trial key, for which I assume you would just use your full key for, or try with the 30 day to make sure it does what you need.

Cheers.

[devroute]

so i registered fo a trial entered the password it gave me in the email and its saying the password is wrong :/

[digip]

make sure you entered the right key generated by the program to get the 30 day trial key from the email. Then the email key goes in the 30 day trial box, not the fuil reg one. If you did this in a vm, delete the files and start over, recopy the zip to the VM, unzip and run, get the code,reregister, and then give it the key from the email. Thats all I did and it worked for me.

[javh]

I'm impressed digip, experience do talk, buy i'm eager to lear, how did you unpacked it and learned where did it installed the files?, Maybe we where talking about a diferent program, the one i was working on is "Respondus Lockdown Browser", ( Sadly using it everyday). I tried to nop some parts of the program but i cant get it, must admit im a noob at this but i was wondering if you could give it a look, if it's not too much to ask, or maybe point me for a tutorial or something to get me in the right direction!

Lockdown

[digip]

I'm impressed digip, experience do talk, buy i'm eager to lear, how did you unpacked it and learned where did it installed the files?, Maybe we where talking about a diferent program, the one i was working on is "Respondus Lockdown Browser", ( Sadly using it everyday). I tried to nop some parts of the program but i cant get it, must admit im a noob at this but i was wondering if you could give it a look, if it's not too much to ask, or maybe point me for a tutorial or something to get me in the right direction!

Lockdown

You could do the same thing I did. Install it locally in a sandbox, like Sandboxie. Then export all files it creates from the sandbox, and all paths to files, put them in a single folder, then copy that to a VM and try running it. Thats all I did from the link the gentleman above gave me before for Respondus4 or whatever it was called. I'm assuming the same thing would work with the link you gave. Try it yourself, I'm done doing the work for others, you should be able to figure it out from what I described here.

[javh]

Thank you very much Digip I'll try that later at home!! You're right its not up to you but thank's for the help you've gave us so far.!!

[digip]

Thank you very much Digip I'll try that later at home!! You're right its not up to you but thank's for the help you've gave us so far.!!

You're welcome. Just sometimes people need to try stuff on their own too. I just try to point people in the right direction, but try not to do all the work for everyone, or they won't learn how to do it themselves. This is something that once you do it and figure it out, can apply to many other things, such as making portable apps to run from thumb-drives for example, so I'd rather people try a few times then come back with questions vs always just handing them finished products.

[Mr. Anderson]

I was wondering if you could help me, when I try to run this, is says that the lisence has expired! Anyway to bypass this stupid check?