downloadbrowseD4ph1's Self Destructed

Download D4ph1_-_Crackme#3.zip, 4 kb (password: crackmes.de)
Browse contents of D4ph1_-_Crackme#3.zip

- Author : D4ph1
- File : Crackme#3 - Self Destructed.exe
- Programming Language : Assembler
- Compiler : MASM32
- OS : Windows
- Type : Name/Serial
- Difficulty : 1/10
- Protection : Very very simple but if you dont bypass it...check what happens!:)
- Target : Make a Keygenerator. Selfkeygens are also accepted but the keygen has the priority
- Rules : No rules, but becarefull if you patch anything!
- Blahblah : The Serial is different on each machine
- Greets : Rascob,Linden,ultrasound,Giavanna,everyone in crackmes.de and everyone who FIGHTS!

Difficulty: 1 - Very easy, for newbies
Platform: Windows
Language: Assembler

Published: 01. Feb, 2006
Downloads: 1737

Rating

Votes: 9
Crackme is nothing special.

Rate this crackme:

Send a message to D4ph1 »

View profile of D4ph1 »

Solutions

Solution by l0calh0st, published 11. feb, 2006; download (180 kb), password: crackmes.de or browse.

l0calh0st has rated this crackme as quite nice.

Solution by paranoid, published 11. feb, 2006; download (5 kb), password: crackmes.de or browse.

paranoid has not rated this crackme yet.

Solution by Kerberos, published 02. feb, 2006; download (59 kb), password: crackmes.de or browse.

Kerberos has rated this crackme as boring.

Solution by Ank83, published 02. feb, 2006; download (5 kb), password: crackmes.de or browse.

Ank83 has rated this crackme as quite nice.

Submit your solution »

Discussion and comments

D4ph1
Author
02. Feb 2006
Anyone tough with a keygenerator?
Ox87k
02. Feb 2006
hmm.. i'm trying to make a kEYGEN but i don't understand how to the first dword of own id is generated..

I can try in only 1 pc so :(
The first 4 bytes is unknow for me, the 5 and 6 byte is the result of GetVersion, part less significative and the other is the result of GetComputerName.

An help plz?? :)
TnX!
D4ph1
Author
02. Feb 2006
Ox87k : Icant really understand that dword you say:/ Except if you mean the Kernel32 address =)
Ox87k
03. Feb 2006
hum... murble! maybe i understand! =) however i'm waiting another solution+keygen source!
great j0b D4ph1!
Ank83
04. Feb 2006
Your keygen is not right on my machine also.
paranoid
04. Feb 2006
I need to figure out how to recode stuff, self keygenning and putting the keygen into a messagebox is a bit dirty... but oh well! Thanks for this one.
D4ph1
Author
05. Feb 2006
Thanks for your good words...Too shame the submission is closed! I'd like to see a keygenerator :(
paranoid
05. Feb 2006
I made a self keygen :P I dunno, I should read up more on ASM... maybe next time! ;)
Ox87k
05. Feb 2006
d4ph1, since the submission of solutions is closed, can u upload in some space (like rapidshare or another) the source of this crackme or at least first part?

Thanks... I would want to try to understand as you have made!
zairon
Moderator
05. Feb 2006
ok, submission is now open.
D4ph1
Author
06. Feb 2006
Thanks moderators!
paranoid : You can send me your self-keygen if you want by mail :)
Ox87k : As soon as a working keygen approved or the submission is closed i will upload the source.Because I know where you get confused, I can give you a hint : See what the crackme does when its loaded before calling the DialogBox procedure.
Hope I help! :)
Ox87k
06. Feb 2006
it seems that work on the call to isdebuggerpresent... decrypt name and get, i think, the its address... but I continue to not understand!!! L0L!
D4ph1
Author
07. Feb 2006
Ox87k : Ok maybe I have to tell more...lol! Analyse the very first call that the crackme does...before decrypting the isdebuggerpresent. Then some checks are made uppon this dword value that the call returns (and i as I told you its the address of Kernel32) and finally this value is changing to something similar.
Wow I can keep no secrets!:)
l0calh0st
09. Feb 2006
Have the hidedebuggger plugin for olly....so it was eas to get the serial and make a self kegen...thanks to ank83 and Ox87k ;)..and to D4ph1 for making this keygen :)
D4ph1
Author
09. Feb 2006
l0calh0st I hope you havent sent a self-keygen...There are already two.I know its very easy to self-keygen it thats why im asking for a keygenerator plz!
Thanks! :)
Ox87k
09. Feb 2006
d4ph1 i have make a keygen in asm but rip the code so is not g00d to send.. i don't really understand how to make the first part in c/c++ - u made a g00d j0b, damned!!
l0calh0st
09. Feb 2006
oops i just sent it......sorry it's my very first crackme....so i was excited...Actually i just registered yesterday...so hoping to gain some knowledge here
Thanks;)
D4ph1
Author
09. Feb 2006
Ox87k send it if it works...I dont care if you rip the code as long as it works...Send it and i'll give you the source!=)
Ox87k
09. Feb 2006
i need another little help!! in this line
00401461 |. 8B9F 07124000 |MOV EBX,DWORD PTR DS:[EDI+401207]

the crackme load in ebx some values... but... is this a "table" with some value or ....(boh!).... ????
D4ph1
Author
10. Feb 2006
At 401207 there are some anti-debug opcodes (bytes) of the crackme. esi = Size of the ComputerName, so the max number of bytes you will take from the crackme from 401207 is MAX_COMPUTERNAME_LENGTH*dword=32*4=128.
Ox87k
11. Feb 2006
my keygen not work.. =( the first part is ok but the second... damned!!!
acidflash
13. Feb 2006
I hope to keygen this baby :) Internal w/ good serial injected into textbox is really cheating but best I can do for now :)
acidflash
17. Feb 2006
D4ph1: Re: crackme#3

« Back to messages

Sent: 16. Feb, 16:41

It works just fine!Congratulations!!!!
Only the Name tha should be at least 5 chars not 6...but thats ok!!!
Congrats again!!!!;)

hehe fixed that, email me if anyone wants solution. This place seems to hate
D4ph1
Author
17. Feb 2006
Anyone who's interested in, here is the link to download the source of my crackme : http://rapidshare.de/files/13468636/D4ph1_-_Crackme_3_Source_.rar.html
zairon
Moderator
17. Feb 2006
acidflash, we don't hate anyone but if you submit this tutorial:
----------------------------------------------
nuke debugger check:
00401287 EB 2C JMP SHORT injected.004012B5

hook:
004014BE > E8 FD000000 CALL Internal.004015C0
004014C3 . EB 21 JMP SHORT Internal.004014E6

cave:
004015C0 /$ 68 70334000 PUSH Internal.00403370 ; /lParam = 403370
004015C5 |. 6A 00 PUSH 0 ; |wParam = 0
004015C7 |. 6A 0C PUSH 0C ; |Message = WM_SETTEXT
004015C9 |. 68 EB030000 PUSH 3EB ; |ControlID = 3EB (1003.)
004015CE |. FF75 08 PUSH DWORD PTR SS:[EBP+8] ; |hWnd
004015D1 |. E8 82FFFFFF CALL <JMP.&user32.SendDlgItemMessageA> ; \SendDlgItemMessageA
004015D6 \. C3 RETN
----------------------------------------------
we must have to reject the solution, don't you think?
acidflash
17. Feb 2006
hehe yea :) I would have rejected that also... I hadn't actually looked at the format the others use to submit solutions (my bad)..

Writing up a tutorial for the keygen now, will submit asap. Thanks for re-opening :)
DJ1hAD0
22. Jun 2013
This crackme not works on my PC (W7SP1)
arlkers
19. Apr 2014
Thanks,everyone!

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.