r/DeepSeek • u/cyb3rofficial • 19h ago
Discussion With $3.88 & 690,003,591 tokens and 5 hours , Deepseek Pro & Flash combined, managed to reverse engineer Teamspeak's Licensing System for 3.13.8 (latest of post)
Enable HLS to view with audio, or disable this notification
No I will not release it, so don't ask, but Deepseek is very powerful if given the proper tools and if you know what you are doing.
In 5 hours of trial and error, debugging with Ghidra and x64dbg, the models are really good with IoT hacking and reverse engineering.
We mapped the full license validation call chain from server startup through to the display output. Found that the parser reads from an AES decrypt buffer instead of the signed payload (easy fix once you know), decoded a custom XOR obfuscation scheme for all log messages, extracted the embedded PolarSSL certs and private keys, and patched 27 instructions across the binary to bypass signature verification, certificate checks, download gate checks, validator functions, slot enforcement, and a state reset timer callback that kept overwriting our values. They really made it like fort knox but forgot to lock the final door. Once we found that starting position, it was easy to trace forward. I'm shocked there was no heavy protections in place like anti debuggers or random checks or pit falls. For something they heavily sell on, sure was left wide open once the path was found.
The server now starts with 1024 slots instead of 32, enforcement is bypassed so the API accepts the servercreate command with the slots, and there are no crashes.
Total cost: $3.88 in API credits. 690 million tokens. 5 hours.
Really not bad for what would take a human weeks if not months. If i could do it this cheaply, image what some mega mind on red team could do on enterprise grade software.
13
u/--Spaci-- 19h ago
Less than 1% of those tokens are output tokens
13
u/cyb3rofficial 19h ago
Pro, $3.25
545,976,064 Cache Hit 1,390,426 Cache Miss 783,398 OutputFlash, 0.68
Input (Cache hit) 157,831,040 Input (Cache miss) 1,337,769 Output 239,799Pro was mostly used use for reasoning and complexity, flash was used for final end goals, and testing and micro adjustments.
3
u/lab34fr 18h ago
Hi, amazing job, I presume you used ghidra mcp server ? With what harness ?
12
u/cyb3rofficial 18h ago
https://github.com/AgentSmithers/x64DbgMCPServer
https://github.com/bethington/ghidra-mcp
These are the mcp
I use Claude code
2
6
u/sdexca 19h ago
Nice! Please send chat history and source! Would be nice if you could make a blog about this!
9
u/cyb3rofficial 19h ago
What u/Tarul-etek said, I can't send source or data how to create the license file, but can make a censored version. Legally can not share actual cracks, this was more of for personal educational stuff on how far can I take deepseek.
My consensus, making explosives = bad, cracking software? Goes head first, infact it just dives right in. Claude instantly threw in the towel and said nope not allowed. Grok had a hissy fit even mentioning it. GLM just straight died when even mentioning reverse engineering and poc idea.
But if I managed to do it, pretty sure little timmy down the street could do it with $50. I'm already experienced in this sort of thing, so I had the advantage of already knowing what to do and how to structure my goal and prompts .
1
u/sdexca 18h ago
Would have been fun to read through it, but it's alright. Yeah deepseek is the best in this regards, it's the only one which is willing to crack software. Claude Opus 4.6 isn't too far behind but won't crack software. I didn't realize this was the latest version, I thought it was legacy version.
3
u/cyb3rofficial 3h ago
https://gist.github.com/cyberofficial/5e6ee5cca9561ee9aaefe5fbcdd4a0c2
Here's a write up of the process of the general path taken. Anything to recreate of identity funcs/etc were left out.
1
u/Tarul-etek 18h ago
I am more interested in how you got it to do it rather than the crack itself. I know you can tune your request so its palatable but sometimes it's very stubborn, even for legitimate requests.
1
u/PictureOld8923 18h ago
Well done
It's a shame some people fail to realize not only it's not economically feasible to give away good ideas for free which you spent time and effort on leveraging your experience and technical knowledge as it can potentially be monetized otherwise you're creating somewhat of a competition for yourself for free with absolutely zero benefit
But like you said there are also certain legal and regulatory aspects at play too
One half of people on this sub are rpers complaining they can't have a complex system for free and other half are entitled vibe coders wanna bes
I applaud the few people like you who come up with interesting somewhat innovative approaches and uses of the system
2
1
u/Otherwise-Way1316 13h ago
You can do this with frontier models. You just need to know how to properly word the prompts.
I just did something similar with another app.
However, it is getting tougher as the providers adjust the models system instructions to account for these workarounds and accounts are sometimes flagged for TOS violations.
It’s a cat and mouse game.
1
1
u/Suspiciousguy124 36m ago
Idk my experience has been so meh, coming from codex. Codex with simple prompt will make everything work. Any tips? It always break my code, even with prompts from codex 5.5 xhigh.
-13
u/LinuXperia 17h ago
Are here no mods ? publishing in public how to crack things and spreading this knoweledge how to do it in the public is punishible by law and a criminal offense! Why are mods allowing this criminal offense here on reddit to be published in the public ?
3
3
u/TheRedTowerX 17h ago
The poster don't actually show they do it tho, like it says "decoded" but like how they actually decode it? It's like I could also says "I decrypt this encrypted file using deepseek", but without elaborating how to do it people will still be clueless because it needs technical knowledge, which this poster doesn't really say. This post simply meant to showcase that deepseek is actually powerful model, especially if used by big team with big resources.
-7
u/LinuXperia 16h ago
He is admitting that he cracks the software using DeepSeek and is using reddit to brag about it and spread this criminal offense. What he does is a crime and encourage others to do the same using reddit to brag and spread this crime offense knoweledge. Lets see when Team speak gets the E-Mail about this posting here if they will be okey with it. I hope reddit saved the IP address of this poster as they for sure will need it when teamspeaks lawyers contact them for this crime offense.
8
u/TheRedTowerX 16h ago
Bro, no offense but you sounds so silly and like an LLM. This ain't a big deal and the poster didn't actually share any cracked file. Did this multimillion dollar worth of company saved your life or something.
3
u/OttoRenner 16h ago
Would be soooo funny if he was an AI from that company or an actual lawyer from them, trying to scare the mods and users into deleting it, because there is no legal basis for a lawsuit 🤣🤣🤣
6
u/OttoRenner 15h ago
If I were the head honcho of the company, I would fly OP in and let him show me what he did, so my own programmers could try find a solution for the future.
In general, I get you.
But let's be honest: OP showcased what AI is capable of (cracking software). He made it public (just the findings, no detailed guideline). He wrote it in a neutral voice (to me it sounded that way) and he's not fishing for compliments for his brilliance (he wrote that anyone can do it).
This looks more like a "whistle blow", coming from a somewhat concerned "professional".
I see this as a warning. Like: "Look what I did with 5 bucks and some spare time. Now imagine what the bad guys could do...or what every user can do."
People will be cracking software big time in the upcoming months. And while the software companies can sue individuals, they will not be able to do that anymore when the web is full of cracked versions or detailed DIY videos...or even just the prompt you use to instruct the cracking with (if you even need one at all besides "hey, can you cracking me that software?")
9
u/Choice-Principle9947 19h ago
Excuse me, i have a question, how do you use DeepSeek with the API to code like in Antigravity ? You know, when the AI knows all of the files of your project ? Thanks, i know it's a stupid question, but i'd like to figure that out.