D4ph1's Self Destructed
| Download D4ph1_-_Crackme#3.zip, 4 kb (password: crackmes.de) Browse contents of D4ph1_-_Crackme#3.zip - Author : D4ph1
Difficulty: 1 - Very easy, for newbies | RatingVotes: 9 View profile of D4ph1 » |
Solutions
Solution by l0calh0st, published 11. feb, 2006; download (180 kb), password: crackmes.de or browse.
l0calh0st has rated this crackme as quite nice.
Solution by paranoid, published 11. feb, 2006; download (5 kb), password: crackmes.de or browse.
paranoid has not rated this crackme yet.
Solution by Kerberos, published 02. feb, 2006; download (59 kb), password: crackmes.de or browse.
Kerberos has rated this crackme as boring.
Solution by Ank83, published 02. feb, 2006; download (5 kb), password: crackmes.de or browse.
Ank83 has rated this crackme as quite nice.
Discussion and comments
| D4ph1 Author 02. Feb 2006 | Anyone tough with a keygenerator? |
|---|---|
| Ox87k 02. Feb 2006 | hmm.. i'm trying to make a kEYGEN but i don't understand how to the first dword of own id is generated.. I can try in only 1 pc so :( The first 4 bytes is unknow for me, the 5 and 6 byte is the result of GetVersion, part less significative and the other is the result of GetComputerName. An help plz?? :) TnX! |
| D4ph1 Author 02. Feb 2006 | Ox87k : Icant really understand that dword you say:/ Except if you mean the Kernel32 address =) |
| Ox87k 03. Feb 2006 | hum... murble! maybe i understand! =) however i'm waiting another solution+keygen source! great j0b D4ph1! |
| Ank83 04. Feb 2006 | Your keygen is not right on my machine also. |
| paranoid 04. Feb 2006 | I need to figure out how to recode stuff, self keygenning and putting the keygen into a messagebox is a bit dirty... but oh well! Thanks for this one. |
| D4ph1 Author 05. Feb 2006 | Thanks for your good words...Too shame the submission is closed! I'd like to see a keygenerator :( |
| paranoid 05. Feb 2006 | I made a self keygen :P I dunno, I should read up more on ASM... maybe next time! ;) |
| Ox87k 05. Feb 2006 | d4ph1, since the submission of solutions is closed, can u upload in some space (like rapidshare or another) the source of this crackme or at least first part? Thanks... I would want to try to understand as you have made! |
| zairon Moderator 05. Feb 2006 | ok, submission is now open. |
| D4ph1 Author 06. Feb 2006 | Thanks moderators! paranoid : You can send me your self-keygen if you want by mail :) Ox87k : As soon as a working keygen approved or the submission is closed i will upload the source.Because I know where you get confused, I can give you a hint : See what the crackme does when its loaded before calling the DialogBox procedure. Hope I help! :) |
| Ox87k 06. Feb 2006 | it seems that work on the call to isdebuggerpresent... decrypt name and get, i think, the its address... but I continue to not understand!!! L0L! |
| D4ph1 Author 07. Feb 2006 | Ox87k : Ok maybe I have to tell more...lol! Analyse the very first call that the crackme does...before decrypting the isdebuggerpresent. Then some checks are made uppon this dword value that the call returns (and i as I told you its the address of Kernel32) and finally this value is changing to something similar. Wow I can keep no secrets!:) |
| l0calh0st 09. Feb 2006 | Have the hidedebuggger plugin for olly....so it was eas to get the serial and make a self kegen...thanks to ank83 and Ox87k ;)..and to D4ph1 for making this keygen :) |
| D4ph1 Author 09. Feb 2006 | l0calh0st I hope you havent sent a self-keygen...There are already two.I know its very easy to self-keygen it thats why im asking for a keygenerator plz! Thanks! :) |
| Ox87k 09. Feb 2006 | d4ph1 i have make a keygen in asm but rip the code so is not g00d to send.. i don't really understand how to make the first part in c/c++ - u made a g00d j0b, damned!! |
| l0calh0st 09. Feb 2006 | oops i just sent it......sorry it's my very first crackme....so i was excited...Actually i just registered yesterday...so hoping to gain some knowledge here Thanks;) |
| D4ph1 Author 09. Feb 2006 | Ox87k send it if it works...I dont care if you rip the code as long as it works...Send it and i'll give you the source!=) |
| Ox87k 09. Feb 2006 | i need another little help!! in this line 00401461 |. 8B9F 07124000 |MOV EBX,DWORD PTR DS:[EDI+401207] the crackme load in ebx some values... but... is this a "table" with some value or ....(boh!).... ???? |
| D4ph1 Author 10. Feb 2006 | At 401207 there are some anti-debug opcodes (bytes) of the crackme. esi = Size of the ComputerName, so the max number of bytes you will take from the crackme from 401207 is MAX_COMPUTERNAME_LENGTH*dword=32*4=128. |
| Ox87k 11. Feb 2006 | my keygen not work.. =( the first part is ok but the second... damned!!! |
| acidflash 13. Feb 2006 | I hope to keygen this baby :) Internal w/ good serial injected into textbox is really cheating but best I can do for now :) |
| acidflash 17. Feb 2006 | D4ph1: Re: crackme#3 « Back to messages Sent: 16. Feb, 16:41 It works just fine!Congratulations!!!! Only the Name tha should be at least 5 chars not 6...but thats ok!!! Congrats again!!!!;) hehe fixed that, email me if anyone wants solution. This place seems to hate |
| D4ph1 Author 17. Feb 2006 | Anyone who's interested in, here is the link to download the source of my crackme : http://rapidshare.de/files/13468636/D4ph1_-_Crackme_3_Source_.rar.html |
| zairon Moderator 17. Feb 2006 | acidflash, we don't hate anyone but if you submit this tutorial: ---------------------------------------------- nuke debugger check: 00401287 EB 2C JMP SHORT injected.004012B5 hook: 004014BE > E8 FD000000 CALL Internal.004015C0 004014C3 . EB 21 JMP SHORT Internal.004014E6 cave: 004015C0 /$ 68 70334000 PUSH Internal.00403370 ; /lParam = 403370 004015C5 |. 6A 00 PUSH 0 ; |wParam = 0 004015C7 |. 6A 0C PUSH 0C ; |Message = WM_SETTEXT 004015C9 |. 68 EB030000 PUSH 3EB ; |ControlID = 3EB (1003.) 004015CE |. FF75 08 PUSH DWORD PTR SS:[EBP+8] ; |hWnd 004015D1 |. E8 82FFFFFF CALL <JMP.&user32.SendDlgItemMessageA> ; \SendDlgItemMessageA 004015D6 \. C3 RETN ---------------------------------------------- we must have to reject the solution, don't you think? |
| acidflash 17. Feb 2006 | hehe yea :) I would have rejected that also... I hadn't actually looked at the format the others use to submit solutions (my bad).. Writing up a tutorial for the keygen now, will submit asap. Thanks for re-opening :) |
| DJ1hAD0 22. Jun 2013 | This crackme not works on my PC (W7SP1) |
| arlkers 19. Apr 2014 | Thanks,everyone! |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.