The way the ERAccess system works - they created a database on the system (think of a naughty list of users). Of course it is empty when they first update a dealership. ERAccess is written to watch for keystrokes that come in from a local keyboard. If the keystrokes come in from any other way, such as Remote Access or if someone wrote a program/script that sends keys to the ERAccess window it does not complain. What ERAccess does is writes that UserID into the "naughty" database. They are so clever... Then Reynolds has a nightly process run at every dealership that inspects the "naughty" database, if a user account is in the database like X number of times they lock the account. Next time the user goes to login it comes with a "Suspicious Account Detected". Very tricky indeed.
To defeat this system all you need to do is tell ERAccess software you are at the physical keyboard. Not a big deal... Google for keyboard functions, that allow you to hook into the low-level keyboard functions. You can tell any program that you are at the physical keyboard. That means ERAccess can not detect you are not standing right there, and you never get put into the "naughty" database.
Wow real exciting stuff... what is next? maybe encryption, captacha, font changes, DDE removal, etc. Stay tuned and I will explain how to defeat every Reynolds blockade.
No comments:
Post a Comment