So, there’s this app that I wanted to use, but the free version is super limited, and I’m a cheap bastard. It looks like the unlimited version requires an unlock key, so I hunted around on the web for one- easy enough, except it appears this key is on some kind of hard-coded deny list inside the application itself. Yikes. No way around that, right? Enter Ghidra.
Ghidra is a reverse engineering framework open-sourced by none other than the NSA. It provides everything an aspiring reverse engineer could ask for- Decompiling, disassembling, patching, and even step-through debugging. So let’s load our binary in and see what’s going on here.
Load the executable file into Ghidra by either dragging and dropping the file into the Ghidra project window or using the File -> Import function. Then, analyze the executable; you’ll probably be prompted after you import. The analysis process will take some time, so grab a coffee.
Finding and patching data
This super-old guide helped me understand what I needed to do to patch my executable. YMMV, but I need to look for a string in my binary. After the analysis, a list of strings under search > strings exists. Navigate to the one we’re interested in, right-click, and Patch Data. We can erase the whole value and see if that works (pro-tip, it does)
Finally, we want to use the Export Program feature of Ghidra, which will take our modifications and re-package the binary nicely.