💾 Archived View for jacksonchen666.com › posts › 2023-08-04 › 20-43-23 › index.gmi captured on 2023-09-28 at 15:58:57. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-09-08)

➡️ Next capture (2023-11-04)

-=-=-=-=-=-=-

Bypassing a Paywall by Intercepting 1 HTTPS Request

2023-08-04T20:43:23Z (last updated 2023-08-12T10:51:48Z)

The title of this blog post

The title is correct, because there was only 1 HTTPS (with an S) request to check activation.

But what Application am I even talking about?

An auto clicker for macOS

(The website is alive, but I don't feel like you should be directed to the website.)

How did I get here?

It started as "hey I think I've used this weird auto clicker before, is there something in my emails?"

And to my surprise, yes, there are emails about the purchase of the auto clicker (yeah it was paid).

I checked the website today, and the application today is now pay for a limited amount of time on a limited amount of computers before it expires and you have to pay for it again. So basically, it's now a computer-locked (not new) subscription (new).

When I paid for it, it wasn't like on a subscription (I think). It was locked to computers, so I had to request for that to be fixed for my case.

About the app

The auto clicker app is basically an auto clicker. That's really it.

The more um, disgusting parts of it was how horrible it looked today. The prompt for payment was dimmed, making it hard to read. It's also very not dark theme by my standards.

And I think what's the worst part is the email address. That's all you need to "activate" this software.

And well, it's 2023 and I have way too much computer knowledge. So I decided to use some knowledge, understand some new stuff, and use [mitmproxy] to intercept and change 1 HTTPS request so that I don't have to pay again.

mitmproxy

mitmproxy is a piece of software that intercepts HTTP and HTTPS requests. It's done by... being a HTTP(S) proxy.

mitmproxy

The MITM part actually stands for "man-in-the-middle". Guess who's the man in the middle? Me!

After installing and setting up for mitmproxy, I setup certificates for mitmproxy to be able to read HTTPS requests (which are encrypted). After all that, I was able to intercept many HTTP and HTTPS.

mitmproxy Installation instructions

mitmproxy Setup instructions

mitmproxy Certificate setup

Messing with the app

The app would only ask you to pay after you opened and quit the app 10 times. (Yeah good idea.)

So I opened and quit the application 10 times, and promptly got a prompt to pay for the software.

So I didn't pay for it and instead looked at the request made.

After finding the request that confirms if I have paid or not, I went ahead and made those requests intercepted.

After attempting an activation, I modified the response so the "server" responds with a `StatusY` instead of a `StatusN`. And the software was now unlocked.

(Side note: I think there may have been requests to check the Mac Serial number (yeah it seems to use that) on the server side, which might explain the trial check. However, I haven't confirmed that, and I've lost all request and response data anyways, plus it doesn't seem like I can trigger activation prompt.)

The software

Is the software bad? No, I don't think so. I have paid for it (cringe) and used it, and it has served me quite well. Unfortunately, I no longer have the need to do auto clicking, so I don't use it anymore. Nor can I use it anyways because for some reason my email address doesn't work.

Conclusions

Don't trust your if statements.

Wait, that's wrong.

Don't even dare trusting your users with their own computers. Ever.

public inbox (comments and discussions)

public inbox archives

(mailing list etiquette for public inbox)