Approach to cracking Aurora theme v1.4.0


Network-wide hanging dogs#
Although cracking itself is unethical,
But this dog took my cracking results and posted them on GitHub as his own,
And even tagged me in it,
Damn, this guy has thick skin.
Both the muse and dream themes of this dog are from the author's demo site, and the JavaScript of the demo site is not encrypted.
So this dog stole the code from the demo site and boasted about cracking these two themes.
Really hilarious.
3. If you have the ability, use Aurora, I have used it, what about you? Keep barking!


Due to the cracking and reminders from the author last time, the author gave up using wasm to verify authorization. However, the new version still uses a relatively weak authorization verification method, and the degree of JavaScript obfuscation does not affect the difficulty of cracking.
Respect genuine products, resist piracy, everyone has a responsibility
Hope certain people can be more honest

Authorization verification approach#

The authorization verification logic is shown in the following code. As for how to find the code below, I have an answer: use your hands.

try {
  !(__globalObject.A8wd5T = Kx00jWJ.a[JDC54AY(__globalObject[eisPIs(0x6f)] + eisPIs(0x67))][JDC54AY(0x94)](KqoxCbV),
  __globalObject[__globalObject[__globalObject[0xd4] + 0xaf] - 0x23] = ybIW9h(-0x132).parse(ybIW9h(0x20d)(__globalObject.A8wd5T.decrypt(Kx00jWJ.a.util.decode64(XM764mx[eisPIs(0x53)])))),
  __globalObject[eisPIs(0x3c)][JDC54AY(eisPIs(0x70))] == XM764mx.c ? this[eisPIs(0x71)]() : (window[JDC54AY(Hq5Bu8(0x78))].u(),
} catch (yOpTrJ) {

If the verification fails or an error occurs during the decryption process, it will redirect to the unauthorized page and display the message "Authorization code is incorrect, please contact the author."

The idea of authorization verification is as follows:

First, decrypt the license key, which results in a JSON string, and then convert it to a JSON object.
The format of the JSON object is as follows:

{"name": "Site Name","orderId": "666666","price": "9999"}

Then compare the name property of the JSON object with the site name provided by v2board. If it is false, it will redirect to the unauthorized page.

Cracking approach#

After understanding the above authorization verification process, cracking becomes very simple. Anyone can do it. Below are two cracking methods.

  1. First, steal an authorization code from the genuine site and fill it in your own site. Then remove the "!" after "try" or change "!== XM764mx.c" to "== XM764mx.c". This reverses the logic, making it check for verification failure before allowing usage.
  2. Construct a fake JSON object to replace the decrypted JSON object. The replacement code is as follows.
__globalObject[__globalObject[__globalObject[0xd4] + 0xaf] - 0x23] = ybIW9h(-0x132).parse('{"name": "Aurora Crack","orderId": "666666","price": "9999"}'),

Discussion Group#
The theme package is in the group above according to the above tutorial use the registration generator in the group to generate a key

If you have any questions that need to be answered, please pay first. Please transfer to the following address.

Questions include how to crack, why the above method doesn't work, can you provide the theme files, how to operate at xx, can you send the cracked version, etc.

Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.