downloadbrowsecyclops's NTS-Crackme9

Download NTS-Crackme9.zip, 23 kb (password: crackmes.de)
Browse contents of NTS-Crackme9.zip

NTS(Newbie Cracking Series)-Crackme9

Regards,
Cyclo

Difficulty: 2 - Needs a little brain (or luck)
Platform: Windows 2000/XP only
Language: C/C++

Published: 23. Dec, 2006
Downloads: 807

Rating

Waiting for at least 3 votes
(we have only 2).

Rate this crackme:

Send a message to cyclops »

View profile of cyclops »

Solutions

Solution by hound, published 31. jan, 2007; download (15 kb), password: crackmes.de or browse.

hound has rated this crackme as quite nice.

Solution by profdracula, published 04. jan, 2007; download (11 kb), password: crackmes.de or browse.

profdracula has not rated this crackme yet.

Submit your solution »

Discussion and comments

Zaphod
17. Jan 2007		profdracula states in his solution that a string is MD5'ed here:

00401E08 PUSH EDX ;--push string
00401E09 PUSH EAX ;--push length
00401E0A CALL Crackme9.00401CB0 ;--Get MD5

If you look at the crackme with PeID's plugin Krypto analyzer KANAL it says:

MD5 :: 000013CE :: 004013CE

I can't see that this address has anything to do with the call at 401E0A or any of it's subcalls.
Given the address 4013CE, how can you figure out that the call to MD5 is at 401E0A?
wast
17. Jan 2007		by stepping throw code? have to some some work yourself.
Zaphod
17. Jan 2007		Oh yes, but what is the connection between these two adresses? It seems that the MD5-signature is placed far from the actual code, and that is what mystifies me.
I simply like to understand things...

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.