
cyclops's NTS-Crackme10
Download NTS-Crackme10.zip, 22 kb (password: crackmes.de) Browse contents of NTS-Crackme10.zip NTS(Newbie Cracking Series)-Crackme10
Difficulty: 2 - Needs a little brain (or luck) | RatingVotes: 6 View profile of cyclops » |
Solutions
Solution by TheColonial, published 08. mar, 2007; download (247 kb), password: crackmes.de or browse.
TheColonial has rated this crackme as nothing special.
Discussion and comments
Ank83 24. Dec 2006 | WOW. What a nice way to write a book about cracking. All the work will be done by others :))) 10 point for creativity. Best Regards Ank83 |
---|---|
cyclops Moderator 24. Dec 2006 | Thanx Ank, hope u enjoi the crackmes.... Happy X-Mas to all..... Regards, Cyclo |
hardcoder 24. Dec 2006 | You cannot miss judge this crack me, this is not that easy that you mentioned in the readme.. Really very good crackme I'd rate this 2. I enjoyed playing with it... RDTSC,and initial exception trick is interesting... KeyGen is toooo simple........ Keep it up man, regards |
DaBookshah 25. Dec 2006 | Even though the section beginning with 004010D9 . 64:A1 30000000 MOV EAX,DWORD PTR FS:[30] 004010DF . 8B40 0C MOV EAX,DWORD PTR DS:[EAX+C] stands out pretty obviously, and I bypassed it, I don't understand it :(. Can someone enlighted me? |
Bswap 25. Dec 2006 | Good Crackme I like it ! ;) |
Zaphod 05. Jan 2007 | Cyclops, I have found the correct serial for my name ( and also written a keygen ), but I had to activate the HideDebugger-plugin to do it. Without the HideDebugger I can't. I think that's because I don't know what these MFC42-functions do. Do you know where to find a list of the functions and some documentation? The only thing I know about MFC is that it means Microsoft Foundation Classes, but that doesn't help much... |
l0calh0st 08. Jan 2007 | No Zaphod....Theseare WinAPI calls that are preenting you from debugging..... Hint : Check in string references.....and there is exceptions trick too and another one which you have to find :P |
Zaphod 08. Jan 2007 | I don't know how the OutputDebugString-trick works, but I can bypass it by changing two bytes. But there is still the IsDebuggerPresent-thing that gives me problems. It it not enough to nop it out. Hmmm... |
cyclops Moderator 08. Jan 2007 | U can by pass it by changing the je/jne to jmp or change the return value of the call.. |
cyclops Moderator 08. Jan 2007 | OutputDebugString exploits the format string of the ollydbg.some thing like this printf(str);.if u give str as format strings like %s it wil fetch args frm stack nd try to get strings from arbitrary locations. This creates the exception |
Zaphod 08. Jan 2007 | Cyclops, I did try changing je to jne, but the program still exits. There must be one more trick connected to this? What I don't understand about the OutputDebugString is that the ApiHelp says that the string is output to the debugger and displayed. Displayed where? I changed %s%s%s... to A,0 and it works. But I don't know where the A would be displayed. |
Zaphod 08. Jan 2007 | Okay, now I found it! It has to do with the FS:[18] stuff - what that means, however, I don't know :( |
TheColonial 02. Mar 2007 | Hi all. I've submitted a solution, hopefully it'll get through moderation soon. I only used IDA to solve it, and had no issues getting round the debugger check. It would have been harder had it actually constantly run on a separate thread, but thankfully once on startup made it very easy! For more info, read the solution :) I would apprecicate any feedback. |
ARCHANGEL 03. Mar 2007 | TheColonial, you are really cool reverser if you could do that, well done:) |
Ox87k 03. Mar 2007 | ARCHANGEL: where is the problem!? anti-debug part? For a keygen, just attach to the process :P |
TheColonial 05. Mar 2007 | ARCHANGEL: Solution is now available. 0x87k: Isn't the purpose of this entire website to learn and share your solutions? Just "attaching" to the process is hardly going to help others learn. Thanks guys. |
Ox87k 05. Mar 2007 | TheColonial: surely about this site but my comment wasn't a critic but just a little hint for a quick method to keygenning it. This crackme is level2 and then if someone try it, that suppose (maybe) that he isn't a very very very newbie, right? So, i told you another method to solve it. Nothing more.. Please sorry if my post has given a wrong impression. |
TheColonial 05. Mar 2007 | 0x87k: No need to apologise :) I didn't mean to be rude either. I was just making a point. You're right, your comment does give newbies a hint. Cheers :) |
TheColonial 08. Mar 2007 | Hi All. Zairon has informed me that my keygen crashes when he runs it. The reason is that the MS VC++ libraries that come with Visual studio 2005 SP1 need to be installed. You can download these redistributables from here: http://www.microsoft.com/download/NTS-Crackme10.zips/details.aspx?familyid=32BC1BEE-A3F9-4C13-9C99-220B62A191EE&displaylang=en I am sorry, but I don't want to include those in the zip file. Cheers T.C. |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.