PDF Studio Pro 12 (12.0.6) [x86, amd64] [Multi] [Java]

1 background
PDF Studio is a very easy to use cross-platform PDF editing software, but it is not open source and requires registration. Without registering the software, there will be a watermark when saving: "PDF Studio-PDF Editor for Mac, Windows, Linux. For Evaluation. http://www.qoppa.com/pdfstudio "
This article provides ideas for cracking PDF Studio 7.4.0.
Special note: This article is only for technical exchanges, I am against pirated software. Please support genuine software.
2 Cracking ideas and steps
Initial idea: modify the relevant code of software registration to bypass registration.
2.1 Tools used
Tools 1.
JD-GUI
official website: http://java.decompiler.free.fr/ is
used to decompile Java code and get the source code directly (the source code cannot be directly compiled into a jar package, because the project is large and there are many trust issues , Here only use jd-gui to view the source code and analyze the internal logic of the software).
JD-GUI is the best Java decompiler tool I have seen so far, implemented in C++, small and exquisite, very practical! But there are two shortcomings: one is that it is not open source, and the other is that it does not provide a command line interface, so it is not competent for batch work.
In addition to JD-GUI, the website also provides another product: JD-Eclipse, which is an Eclipse plug-in with similar functions. Since JD-GUI satisfies my requirements very well, I did not try this one.
(Update: Good news! JD-GUI has been open sourced https://github.com/java-decompiler/jd-gui and changed to Java implementation.)
Tool 2.
JBE-Java Bytecode Editor
download site: http://set.ee/jbe/
Use JBE to directly modify class files.
2.2 Crack 7.4.0
Let's try to crack with PDF Studio 7.4.0 as a sample.
The first step is to install the software and find the starting jar package.
After installation, I found many third-party jar packages in the lib subdirectory of the installation directory, but pdfstudio.jar caught my attention and guessed that it is a core module by the file name.
Step 2, try to find the key category (that is, the category most likely to be related to the cracking).
Just enter a license key and find the error "The key you have entered is invalid, please try again."
Unzip the jar file, unzip pdfstudio.jar, and you will get a lot of class files.
Try to search with different keywords:
find. |xargs grep "invalid"
find. |xargs grep "PDF Studio-PDF Editor for Mac, Windows, Linux. For Evaluation. http://www.qoppa.com/pdfstudio"
Too many first search result, the second search matches to two files:
Binary File ./com/qoppa/p/i/m.class The matches
Binary File ./com/qoppa/b/h.class The matches
focus These two files.
The third step is to use jd-gui to view the source code and locate the relevant Java classes.
After opening pdfstudio.jar with jd-gui, you can find that the variable names and class names of the source code are basically unreadable, because PDF Studio has used the yGuard Bytecode Obfuscator to process them.
Locate the class. /com/qoppa/p/i/m.class
"PDF Studio-PDF Editor for Mac, Windows, Linux. For Evaluation. http://www.qoppa.com/pdfstudio "
protected void b ( Vector paramVector )
{
double d1 = this .b.getWidth() / 612.0D;
double d2 = this .b.getHeight() / 792.0D;
double d3 = 72.0D * Math.max(d1, d2);
com.qoppa.pc d locald = ecb(( float )d3);
Rectangle2D localRectangle2D = locald.getStringBounds( "Qoppa Software" , null );
double d4 = Math.sqrt(localRectangle2D.getWidth() * localRectangle2D.getWidth() / 2.0D) + Math.sqrt(localRectangle2D.getHeight() * localRectangle2D.getHeight() / 2.0D);
double d5 = ( this .b.getWidth()-d4) / 2.0D + Math.sqrt(localRectangle2D.getHeight( ) * localRectangle2D.getHeight() / 2.0D)-10.0D * d1 + this .b.getX();
double d6 = ( this.b.getHeight()-d4) / 2.0D + 10.0D * d2 + this .b.getY();
Color localColor = new Color (0.85F, 0.85F, 0.85F);
com.qoppa.pdf.lc z localz = new com.qoppa.pdf.lc z ( "Qoppa Software" , d5, d6, lb(( float )d3), localColor);
localz.c(-45);
paramVector.add(localz);
d3 = 12.0D * Math.max(d1, d2);
locald = ecb(( float )d3);
localRectangle2D = locald.getStringBounds( "PDF Studio-PDF Editor for Mac, Windows, Linux. For Evaluation. http://www.qoppa.com/pdfstudio" , null );
d5 = ( this .b.getWidth()-localRectangle2D.getWidth()) / 2.0D + this .b.getX();
d6 = this .b.getHeight()-20.0D * d2 + this .b.getY();
localz = new com.qoppa.pdf.lc z ( "PDF Studio-PDF Editor for Mac, Windows, Linux. For Evaluation. http://www.qoppa.com/pdfstudio" , d5, d6, lb(( float ) d3), new Color (0.0F, 0.17F, 0.65F));
paramVector.add(localz);
}
This class seems to be related to watermarking. In the current file (./com/qoppa/p/i/m.class), there is a t() method that calls b(Vector paramVector). The relevant code is as follows :
if (com.qoppa.wbe())
{
localVector = locald.h();
localVector.insertElementAt( new wb (), 0);
localVector.add( new kb ());
b(localVector); // b() is called
}
The condition of if is very critical (boldly guess the meaning "only add watermark when com.qoppa.wbe() returns true"), use jd-gui to locate and view com.qoppa.wbe():
public static boolean e ()
{
if (m != 0)
return (e != 0) && (e <Runtime. getRuntime ().availableProcessors());
if (!b)
return !c();
return true ;
}
This method is relatively simple. Guess boldly: if you let com.qoppa.wbe() return false, the previous watermark may not be added.
Step 4, unzip pdfstudio.jar, open the corresponding class file with JBE, and modify the bytecode of com.qoppa.wbe().
Delete the bytecode corresponding to e() and write the following two lines (bytecode with return false)
iconst_0
ireturn
Step 5, repack and test.
zip -r pdfstudio.jar *
Replace the original version with this cracked pdfstudio.jar (be sure to delete the original pdfstudio.jar, not renamed pdfstudio1.jar, etc., because the java class is not loaded by the file name), start PDF Studio, the prompt registration box disappears, edit the file, No more watermarks! Has been successfully cracked!
2.3 Crack 8/9/10
When trying to crack PDF Studio 8.0.3, I wanted to crack it step by step according to the cracking experience of 7.4.0, but when I tried it, I found that it couldn't go on! It can only be tricked-look for keywords when cracking 7.4.0.
Step 1: Decompile with jd-gui-0.3.5 to get the source code of pdfstudio.jar.
After opening pdfstudio.jar with jd-gui-0.3.5, File->Sava All Sources will get the source file pdfstudio.src.zip.
Note: The purpose of obtaining the source code is not to modify the source code, but to search for keywords in the source code (searching for keywords in the source code is more informative than searching in the class file).
Step 2: Unzip the obtained source code and search for the keyword availableProcessors (why you want to find the keyword availableProcessors, please refer to the cracking process of 7.4.0).
unzip pdfstudio.src.zip
find. -type f|xargs grep -A3 -B3 -n "availableProcessors"
Several results can be found, but one result is consistent with the "feature code" when cracking 7.4.0!
./com/qoppa/v/f.java-57- public static boolean e()
./com/qoppa/v/f.java-58- {
./com/qoppa/v/f.java-59- if (m != 0)
./com/qoppa/v/f.java:60: return (e != 0) && (e <Runtime.getRuntime().availableProcessors());
./com/qoppa/v/f.java-61- if (!b)
./com/qoppa/v/f.java-62- return !c();
./com/qoppa/v/f.java-63- return true;
Step 3 (this step is similar to the following steps and 7.4.0): Use JBE to modify the bytecode of the function (com.qoppa.vfe()) found in the previous step.
Step 4: Repackage and replace the original pdfstudio.jar
Note 1: The key to the successful cracking of PDF Studio 8.0.3 is entirely from the experience of cracking 7.4.0! The cracking process of the higher version of PDF Studio is similar to cracking 8.0.3.
Note 2: Use similar ideas to crack PDF Studio 9 and PDF Studio 10 (PDF Studio 11 is not tested).
2.4 Crack 12.0.6+
When trying to crack PDF Studio 12.0.6, I found that the previous ideas didn't work.
Here is another way of thinking: remove the watermark displayed when the file is opened and when the file is saved.
Step 1, decompile with jd-gui to get the source code of pdfstudio.jar. Search for watermark related keywords in the source code, such as:
$ find com -type f | xargs grep "PDF Studio-PDF Editor for Mac, Windows, Linux."
com/qoppa/gb/k/o.java: o = "PDF Studio-PDF Editor for Mac, Windows, Linux. For Evaluation. https://www.qoppa.com/pdfstudio";
com/qoppa/z/d/l.java: d = "PDF Studio-PDF Editor for Mac, Windows, Linux. For Evaluation. https://www.qoppa.com/pdfstudio";
Two results were found (field o and field d). By looking at the source code, we can see that there are a total of three methods that reference field o and field d. .ko, and the method dg in the class com.qoppa.zh directly uses the field o):
com/qoppa/z/d/l.java
public void b(com.qoppa.zh paramh)
com/qoppa/gb/k/o.java
private final void eb(Vector<com.qoppa.pdf.odn> paramVector)
com/qoppa/z/h.java
final void dg(com.qoppa.pdf.sr paramr)
Step 2, use JBE to delete all the bytecodes of the above three functions (their return values are all void), and write the following line (that is, the bytecode of return):
return
Up to now, PDF Studio has not displayed and added watermarks. However, there are two shortcomings:
1. When opening the pdf file, a dialog box prompting registration will pop up, as shown in Figure 1 .
2. After modifying the file, when you click the "Save" button, a dialog box will pop up, prompting "In evaluation mode, a watermark is added to each page\nwhen saving a document. Are you sure you want to continue?".
The first point is rather annoying, because every time you open a file, you have to click more to close the dialog box. The following will introduce the removal of the pop-up dialog box when opening the pdf file.
crack_pdfstudio.png
Figure 1: The dialog box displayed when opening a file
Step 3 (removing the pop-up dialog box when opening the pdf file), when the dialog box appears, do not close it, find the PDF Studio process number, use jstackthe analysis to see if I could find clues, such as:
$ jstack 1530 | grep -A5 -B5 com.qoppa # Note: Your PDF Studio process ID is probably not 1530
at java.awt.Dialog.show(Dialog.java:1084)
at java.awt.Component.show(Component.java:1671)
at java.awt.Component.setVisible(Component.java:1623)
at java.awt.Window.setVisible(Window.java:1014)
at java.awt.Dialog.setVisible(Dialog.java:1005)
at com.qoppa.pdfStudio.l.nd.lee(Unknown Source)
at com.qoppa.pdfStudio.l.th$7.windowOpened(Unknown Source)
at java.awt.AWTEventMulticaster.windowOpened(AWTEventMulticaster.java:340)
at java.awt.AWTEventMulticaster.windowOpened(AWTEventMulticaster.java:339)
at java.awt.Window.processWindowEvent(Window.java:2051)
at javax.swing.JFrame.processWindowEvent(JFrame.java:305)
at java.awt.Window.processEvent(Window.java:2013)
Through this stack information, boldly guess that the pop-up dialog box when opening the pdf file is started by com.qoppa.pdfStudio.l.nd.lee/com.qoppa.pdfStudio.l.th.
Analyze "com/qoppa/pdfStudio/l/th.java" and find the following code:
if (th.hrb())
{
if ((th.dsb(th. this ).ri() != null ) && (th.dsb(th. this ).mj() != null ))
{
localObject = new yc (th. this , localObject.myd(), th.dsb(th. this ).mj());
(( yc )localObject).zde();
if (th.hrb())
{
nd localnd = new nd (th. this , localObject);
int j = localnd.lee();
if (j != nd.qed) {
System.exit(0);
}
}
}
else
{
localObject = new nd (th. this , localObject);
int i = (( nd )localObject).lee();
if (i != nd.qed) {
System.exit(0);
}
}
localObject.yyd();
th. this .hob();
}
else
{
new k (th.dsb(th. this ), th.oqb(th. this ), localObject.bvc);
}
The conclusion can be drawn: com.qoppa.pdfStudio.l.nd.lee() will be executed only when the method hrb() returns true.
In order not to execute com.qoppa.pdfStudio.l.nd.lee(), we use the tool JBE to modify the bytecode of the function hrb() in the class com.qoppa.pdfStudio.l.th to (that is, return false; the corresponding bytecode):
iconst_0
ireturn
Step 4: Repackage the class file as pdfstudio.jar, replacing the original pdfstudio.jar.
The test found that the dialog box shown in Figure 1 no longer appears. However, the "PDF Studio Professional" version is used by default. The dialog box is removed and there is no chance to click "Try PDF Studio Professional". If you only use some basic functions, you can ignore this limitation. If you want to use the "PDF Studio Professional" version, please refer to the next section.
Now the remaining shortcoming is that after modifying the file, after clicking the "Save" button, a dialog box will pop up prompting to add a watermark (does not affect the use, because it does not add a watermark, this article does not introduce how to remove this dialog box).
2.4.1 Upgrade to Pro version
After cracking through the previous steps, you will get the "PDF Studio Standard" version. If you want the functions of the "PDF Studio Professional" version (such as editing files and pictures in pdf), please see the next steps.
We know that when the pdf file is not cracked, a dialog box prompting registration will pop up when opening the pdf file, as shown in Figure 1 . We start with the string "Try PDF Studio Professional". Since PDF Studio supports multiple languages, it is not used directly in java, but saved in a properties file:
$ grep -r'Try PDF Studio Professional'.
./java/app/.install4j/i4j_extf_1_1qhiycz.properties:TryPDFStudioPro=Try PDF Studio Professional
./java/app/labels/StudioLabels.properties:TryPDFStudioPro=Try PDF Studio Professional
./Resources/app/.install4j/i4j_extf_1_1qhiycz.properties:TryPDFStudioPro=Try PDF Studio Professional
./Resources/app/labels/StudioLabels.properties:TryPDFStudioPro=Try PDF Studio Professional
Next, search for the keyword "TryPDFStudioPro":
$ grep -rwn'TryPDFStudioPro'.
./com/qoppa/pdfStudio/l/nd.java:17: private static String zed = "TryPDFStudioPro";
./com/qoppa/pdfStudio/l/yf.java:59: this.g = new JButton(nb.bb("TryPDFStudioPro"));
We focus on the field zed of the class "com.qoppa.pdfStudio.l.nd", which is referenced in the following method:
public void actionPerformed ( ActionEvent paramActionEvent )
{
if (paramActionEvent.getActionCommand() == zed) { // The field zed
iee( true );
} else if (paramActionEvent.getActionCommand() == sed) {
iee( false );
} else if (paramActionEvent.getActionCommand() == ted) {
jee();
} else if (paramActionEvent.getActionCommand() == ved) {
try
{
fc.b(wed);
}
catch ( Exception localException )
{
oc.en( this .xed, "Opening URL" , localException.getMessage(), localException);
}
} else if (paramActionEvent.getActionCommand() == red) {
kee();
} else if (paramActionEvent.getActionCommand() == ued) {
mee();
}
}
From the above code, it can be inferred that after the user clicks the button "Try PDF Studio Professional", it will execute iee(true);(not iee(false);). The implementation of this method is as follows:
public void iee ( boolean paramBoolean )
{
this .ped.dnb().xm(paramBoolean);
afd = qed;
this .xed.dispose();
}
The parameters of the iee method are passed to a method named xm. We search for methods whose parameter type is boolean and named xm:
$ fgrep -rwn'xm(boolean'.
./com/qoppa/pdfStudio/p/f.java:509: public void xm(boolean paramBoolean)
The definition of the method xm (boolean paramBoolean) in the class "com.qoppa.pdfStudio.pf" is as follows:
509: public void xm ( boolean paramBoolean )
510: {
511: if (th.hrb())
512: {
513: this .bl = paramBoolean;
514: if (paramBoolean) {
515: tb.q( "Professional Version" );
516: }
517: }
518: }
The parameter paramBoolean of the method xm is set this.bl, and then the reference of the search field bl:
$ grep -wn bl ./com/qoppa/pdfStudio/p/f.java
55: private boolean bl = false;
491: return this.bl;
496: this.bl = ((com.qoppa.pcu() & 0x4) == 4);
513: this.bl = paramBoolean;
865: bl((com.qoppa.gd)localObject1);
945: public void bl(com.qoppa.gd paramd)
Focus on it return this.bl;, this is the only place to read the value of the field bl in the above results. Line 491 is used by the following methods:
489: public boolean xi ()
490: {
491: return this .bl;
492: }
We venture to guess, if you modify the contents of the above method is return true;you can set to "PDF Studio Professional" version.
Use the tool JBE to modify the bytecode of the function xi() in the class com.qoppa.pdfStudio.pf to (that is, return true; the corresponding bytecode):
iconst_1
ireturn
Repackage the class file as pdfstudio.jar, replacing the original pdfstudio.jar. The test found that it is now displayed as the "PDF Studio Professional" version, and the cracking is successful.
Author: cig01
Created: <2012-07-08 Sun>
Last updated: <2018-03-07 Wed>
Creator: Emacs 25.3.1 ( Org mode 9.3.6)