Fix client Last.FM or how to get a free radio

First, a brief educational program:

Last.fm is an online music project, the main service of which is the collection of information about the music that a user listens to and its cataloging in individual and general charts. (c) Wikipedia

Once upon a time, when the grass was greener, and interested individuals in the IT community did not yet know what Instagram is - Last.FM project was generally free and made it possible to listen to the “radio” made up of songs from favorite and similar performers without any or restrictions. Then the commercial component began to take their own, free radio left only for some countries, which forced the inhabitants of the CIS countries to search for a proxy or pay $ 3 a month for the possibility of using the service.

Of course, nobody wanted to bother with a proxy, and users began to look for ways to listen to the radio for free. As it turned out, Last.FM did not actually close access to the possibility of free listening, but this was not feasible for the latest version of the official client. Bottom line: some of the audience switched to alternative clients, some stopped updating their old client, while others either paid or went to other services.
')
So what was the change that made it impossible to listen to the radio for free in new versions of the client? Let's try to figure it out.

First we need new and old customers. A new one can be downloaded from the official site , and an old one, for example, from a rutraker . Let's put a new and old client on different virtual machines and go to the forehead: let's see what the sniffer shows when trying to start playing a radio station.



As we can see, the HTTP protocol is used , which will greatly facilitate our further analysis (binary undocumented protocols are more difficult to parse, of course).
Now compare requests from old and new customers:



The only difference that catches your eye is the additional parameter api_key in a GET request . Let's try to understand whether it affects the behavior of the client. Run the client under some debugger (I will use OllyDbg ), let it boot (F9), open the process memory (Alt + M) and look for the parameter of interest (Ctrl + B) in it.



In memory, there were 4 places that contained the desired parameter, all of which are located in the LastFmTools1 library. Let's see how this parameter is used in the code. To do this, select the byte containing the & character, which is located immediately before the api_key text.



Why him? A GET request is constructed from fragments of the form key = value, which are separated by an ampersand. In this case, the developers did not begin to form an associative array with the request parameters, and then combine pairs of it with something like the PHP implode function, but simply hard-coded the query as ready-made chunks.



We see that in front of us, in fact, the classic C-string , which consists of ASCII characters and ends with a zero-byte. Thus, we can perform manipulations with the data in memory and trim the string to a harmless ampersand, which will not spoil the request and allow us to see how the last client will behave in this case. Replace the character following the & with a zero-byte wherever the line api_key occurs, and again we try to start playing the radio.



Oh miracle! The radio is playing as if nothing had happened! But we don’t want to run the program under the debugger every time to listen to the free radio. Then we take any hex editor , open the LastFmTools1.dll file in it (it is in the Last.FM directory), find the places where the line & api_key occurs, and, as I described above, replace the byte after the ampersand with a zero-byte.

Voila, we got the ready-to-use client of the latest version with a free radio.

Those interested can also read about how to create an add-on for Last.FM, which allows you to stream the radio over the network and how to add Last.FM client management via the taskbar .