anorganix's KEYGEN.ME.5
| Download CrackMe.5.anorganix.zip, 222 kb (password: crackmes.de) Browse contents of CrackMe.5.anorganix.zip Rules:
Difficulty: 4 - Needs special knowledge | RatingWaiting for at least 3 votes View profile of anorganix » |
Solutions
Solution by kao, published 13. feb, 2006; download (282 kb), password: crackmes.de or browse.
kao has rated this crackme as quite nice.
Discussion and comments
| anorganix Author 05. Feb 2006 | Need some hints? Here is the first: "ANX" / "anx" |
|---|---|
| anorganix Author 06. Feb 2006 | P.S: the above hint is usefull after unpacking :D |
| HMX0101 06. Feb 2006 | The crackme has a section named ".anx", if is changed show a error, maybe this is the loader section :) If this is correct, tell me more hints, hehehe :) |
| Kerberos 06. Feb 2006 | HMX0101: Your're close, but it's not loader section ... it's section with encoded file which is loaded into memory. But after saving this file after decoding I'm still unable to repair it's PE header :-/ (I think it's packed with UPX) |
| HMX0101 07. Feb 2006 | yeah this is packed with UPX :) |
| Kerberos 07. Feb 2006 | Yeah, but that "second" file is IMHO packed with UPX too :) |
| anorganix Author 07. Feb 2006 | You are almost right guys... It's packed with a "home-brewed" packer that uses the UCL compression library (same used in UPX)... This is the second hint... :) |
| HMX0101 07. Feb 2006 | uhhhm, the crackme uses some calls to WriteProcessMemory and CreateProcess, interesting... |
| HMX0101 07. Feb 2006 | The compression library used maybe is the Delphi version of UCL: http://www.zeitungsjunge.de/delphi/ucl/index.htm :D |
| HMX0101 07. Feb 2006 | This is a trap, the crackme is packed two times: 1: Packed with UPX 2: Packed with a modified version of UCL anorganix: You are cool! |
| anorganix Author 07. Feb 2006 | Thx man! If you need more hints, just ask... :D |
| kao 09. Feb 2006 | Unpacking took 15 minutes. Serial algo search and rippping - 30 minutes. Got fooled by certain trick.. ;) Thumbs up for Anorganix! |
| Kerberos 09. Feb 2006 | Kao : I hope you're going to write a solution :) |
| HMX0101 09. Feb 2006 | kao: please write the solution :D |
| l0calh0st 09. Feb 2006 | How to unpack the file |
| kao 10. Feb 2006 | Sorry guys, I am damn lazy... ;) If nobody writes a solution until Monday, I will write a tutorial + publish keygen sources in 100% Delphi. Not a single ASM line in there.. :)) |
| anorganix Author 13. Feb 2006 | @kao: Your solution is VERY well explained... You are a talented reverser! Cheers! |
| HMX0101 13. Feb 2006 | kao: you are a very talented cracker, but a lazy person XD Sorry for my bad english |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.