downloadbrowsecosty's FOUR ACES

Download poker.zip, 9 kb (password: crackmes.de)
Browse contents of poker.zip

Poker Crackme: you have to patch in order to get four (4) ACES. Each card can appear only ones. For example the program can't show two kings of heart.
Patching the program in order to show the message "POKER OF ACES!!" isn't a valid solution if you don't have four (4) ACES for real.

Difficulty: 3 - Getting harder
Platform: Windows
Language: (Visual) Basic

Published: 19. May, 2010
Downloads: 263

Rating

Waiting for at least 3 votes
(we have only 1).

Rate this crackme:

Send a message to costy »

View profile of costy »

Solutions

Solution by synak, published 25. may, 2010; download (1215 kb), password: crackmes.de or browse.

synak has not rated this crackme yet.

Submit your solution »

Discussion and comments

Xspider
20. May 2010		ouh looks like a nice one :D
obnoxious
20. May 2010		nice as usual :)
costy
Author
20. May 2010		I think my crackmes have always something special ;)
Xspider
20. May 2010		yep they actually do :)
synak
23. May 2010		this was fun, thanks! i've got the successful msg after getting myself four different 1's (aces), but the criteria to ensure the cards only appear once (including the CPU's hand) is something I'll leave to someone else..:)
costy
Author
24. May 2010		Continue practice synak!!
Why don't you try to give to the CPU and to the player always the same cards? ;)
Xspider
25. May 2010		hhhh you made it show more than 7 aces :p nice solution synak ;)
costy
Author
25. May 2010		I just finished to read the solution you posted privately and now it's published.
It's a good solution.
I hope you explain it better to me.
;)
synak
27. May 2010		I got a little lazy and didn't explain how I knew EBP-18 was the current card count (1-10). Here is the additional detail:

Shortly after the Rand() function is called, I noticed this:

0040BB0F MOVSX ESI,WORD PTR SS:[EBP-18]
0040BB13 CMP ESI,0B
0040BB16 JB SHORT 0040BB1E

Ths is checking to see how many times the random card generation function has been called, compares it to 0Bh (11decimal), and jumps (continues generating cards) if we're still under 11. There are 10 cards in total being generated, so it was safe for me to assume that EBP-18 at this point in the code will contain the current amount of cards that have been generated so far. Knowing that, I used EBP-18 instead of writing code to do my own counting within the code cave.

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.