downloadbrowseBswap's Little Man 1.45

Download LittleMan145.zip, 5 kb (password: crackmes.de)
Browse contents of LittleMan145.zip

Little Man 1.45, (difficulty 1)

The Program is 100% written in ASM , Try to oversee it.

Goal : Make a key generator, it is so easy.

This was just for private fun and training.
In fact this is good to unsolved this one.

Bye and good luck - Bswap - Holland

Difficulty: 1 - Very easy, for newbies
Platform: Windows
Language: Assembler

Published: 23. Jun, 2008
Downloads: 927

Rating

Votes: 5
Crackme is boring.

Rate this crackme:

Send a message to Bswap »

View profile of Bswap »

Solutions

Solution by arpm, published 07. sep, 2008; download (949 b), password: crackmes.de or browse.

arpm has rated this crackme as nothing special.

Submit your solution »

Discussion and comments

dakrone
30. Jun 2008		I'm failing to understand how you could ever generate a usable key without patching the program. Looking at the assembly:

CALL LittleMa.004019E9
MOV DWORD PTR DS:[40334B],EDI
MOV EAX,DWORD PTR DS:[40334B]
MOV EBX,DWORD PTR DS:[403330]
MOV DWORD PTR DS:[4032E6],EAX
XOR EAX,EAX
MOV DWORD PTR DS:[4032EA],EBX
PUSHAD ; push all registers
PUSH 0DEAD
POP EAX
PUSH 0BEEF
POP EBX
PUSH 0AAAAAAF
POP ECX
BSWAP ECX
BSWAP ECX
POPAD ; pop all registers
OR AL,1 ; if eax == 1, then we can register correctly
OR EAX,EAX ; set zero flag if eax is 0
JNZ LittleMa.004015F0

The important instruction:
XOR EAX,EAX
(skipped, nothing happens to EAX)
PUSHAD
(skipped)
POPAD
OR AL,1
OR EAX,EAX
JNZ LittleMa.004015F0 ; jmp to registering the program

Since the XOR sets EAX to 0, and all registers are then pushed and popped, EAX returns to 0 after the POPAD. Therefore it will always be 1 after the ORing it with 1 and the zero flag will never be set.

Is this on the right track? I'm failing to see how it's possible to get EAX to be zero so the flag is set.
Bswap
Author
30. Jun 2008		Yep, right...... This way the registerflag (eax) will never been set.

It's a level 1 so how hard could it be..........;)
HMX0101
30. Jun 2008		@dakrone: i'll give you a hint..."timer"... ;) i hope i don't spoil too much :D
~misunderstood~
29. Jul 2008		I don´t understand how this works...
I found the important call, I see where in dump the value compared to my input is stored, but how is it generated, and where?
I recognized some places where timers are set, but on what do they depend?
Could someone please PM me or write a solution for this?
Thx

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.