AfterLogic Webmail Pro + Aurora Keygen

gistfile1.php

<?php

Class Keygen {

	private $serial;

	private function randChar($length = 8) {
	     $characters = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ';
	     $string = '';
	     for ($p = 0; $p < $length; $p++) {
	         $string .= $characters[mt_rand(0, strlen($characters)-1)];
	     }
	     return $string;
 	}

 	public function getHashKey($version)
    {
        $return = base64_decode('NEpVVjNIU1dJVDU1R1I2UjJGUVhaQkxaRVA3NzFETllDTThNQUs5OQ==');
        if (2 === $version) { // Webmail Pro
            $return = base64_decode('MkZRWDNIU1c0SlVWSVQ1NUdSNlJBSzk5WkJMWkVQNzcxRE5ZQ004TQ==');
        } else if (3 === $version) { // Aurora
            $return = base64_decode('M0hTVzJGUVhaQkxaQ004TUFLOTlJVDU1RVA3NzFETllHUjZSNEpVVg==');
        }
        return $return;
    }

 	public function divideByFour($version, $char)
    {
        $result = strpos($this->getHashKey($version), $char);
        return (false !== $result) ? (int) floor($result / 4) : false;
    }

	public function generate($version = 2) {

		if ($version == 2) {
			$this->serial .= "WM700-";
		} elseif ($version == 3) {
			$this->serial .= "AU700-";
		} else {
			return "Error version not found";
		}
		
		$var = rand(0,9);

		$var4 = $this->randChar(1);
		while($this->divideByFour($version,$var4) % 2 == 0)
		{
			$var4 = $this->randChar(1);
		}

		$this->serial .= $this->randChar(27).$var4.'-'.$var;

		$var2 = ($var * 7 + 7) % 10;
		$this->serial .= $var2.rand(0,9).rand(0,9);

		$var3 = $this->randChar(1);

		while($this->divideByFour($version,$var3) != 0)
		{
			$var3 = $this->randChar(1);
		}

		$this->serial .= $var3.$this->randChar(4);
		return $this->serial;
	}
}

$obj = new Keygen();

// 2 for webmailpro and 3 for aurora
print_r($obj->generate(3));

Edit file modules/Licensing/Module.php

In protected function getKeyInfo(), after $this->keyInfo = $oKI->GKI($sKey); add var_export($this->keyInfo); exit;

Add a trial key to data/settings/config.json

Add $this->keyInfo = [...]; in place of your var_export & exit with fixed content.

Enjoy ;)

ps : I wouldn't have bothered to post that if afterlogic had allowed a single or two user with full features by default

Maybe a replay attack can be done by replacing KI.php and license file with an old one from :
afterlogic/aurora-module-licensing@e30a52f#diff-a8b460e8fea5607a2b05effa9f6512e5271f1e26ca6ab7890c7eab58cfc1e54c

Or someone may develop a replacement from unobfuscated KI.php https://www.unphp.net/

Or create a new generator with a self-generated public/private key pair and replace modules/Licensing/classes/AU80.key

Wasted 2 hours on that, so better save all vectors

ps : If you like their product please send them some money if you are not poor like me :)

If there is more modules to activate than System, Calendar, CoreMobileWebclient and MailMultiAccountsPlugin tell me.

Edit file modules/Licensing/Module.php

In protected function getKeyInfo(), after $this->keyInfo = $oKI->GKI($sKey); add var_export($this->keyInfo); exit;

Add a trial key to data/settings/config.json

Add $this->keyInfo = [...]; in place of your var_export & exit with fixed content.

Enjoy ;)

ps : I wouldn't have bothered to post that if afterlogic had allowed a single or two user with full features by default

I think this is not working anymore in 9.7.1

Maybe a replay attack can be done by replacing KI.php and license file with an old one from : afterlogic/aurora-module-licensing@e30a52f#diff-a8b460e8fea5607a2b05effa9f6512e5271f1e26ca6ab7890c7eab58cfc1e54c

Or someone may develop a replacement from unobfuscated KI.php https://www.unphp.net/

Or create a new generator with a self-generated public/private key pair and replace modules/Licensing/classes/AU80.key

Wasted 2 hours on that, so better save all vectors

ps : If you like their product please send them some money if you are not poor like me :)

Unobfuscate is really just rename variable using hex editor, format the code and debug using xdebug. you just return correct array from KI.php