dc0de's crackme
| Download dc0de-crackme.zip, 206 kb (password: crackmes.de) Browse contents of dc0de-crackme.zip Lust a simple username/serial crackme.
Difficulty: 2 - Needs a little brain (or luck) | RatingWaiting for at least 3 votes View profile of dc0de » |
Solutions
Solution by ultrasound, published 02. jan, 2006; download (208 kb), password: crackmes.de or browse.
ultrasound has not rated this crackme yet.
Discussion and comments
| Ank83 29. Dec 2005 | Name: Vladimir Serial: 1243883 I would like to write an internal keygen, the serial is keep in a EDI register and is in HEX ! I don't know how to print the serial insted of "wrong" in the badboy message ! If it possible can somebody help me ?! With wich command do we convert the HEX to DEC in OLLY ? |
|---|---|
| Ank83 29. Dec 2005 | I understand how the serial is generated, but I'm not in the mood to write a keygen, and also i would like to practice a little in internal keygen ! |
| astigmata 30. Dec 2005 | autokeygen is not allowed if you found good serial, and if you don't know how serial is gen try others logins like aaaaaa aaaaab aaaaac 111111 111112 111121 and look the serial each time |
| m@rio_crk 30. Dec 2005 | nice idea for crackme ;) there's a little bug at the end: 004539FA |. 3B7D EC CMP EDI,DWORD PTR SS:[EBP-14] 004539FD |. 75 0C JNZ SHORT crackme.00453A0B edi holds the real serial plus some pointer value, in my case it's 0012F7A8 (hex) so the keygen can be made if this value is the same for every computer.. but is it always the same? :/ |
| ultrasound 30. Dec 2005 | >>astigmata 30. Dec, 11:21 autokeygen is not allowed why do you say that? a keygen is a keygen surely? i have auto-keygenned and have submitted, I hope its accepted now :| |
| Ank83 31. Dec 2005 | Do we have to write a solution ? Or just a keygen is acceptable ? I hate writing solution ! |
| m@rio_crk 31. Dec 2005 | Ank83: writing solution to this crackme is not so hard (some code+few line of text) ;) To be honest, I don't like writing solutions either, but that's the rules... |
| Ank83 31. Dec 2005 | I wrote a keygen, but solution will be ready tomorow if I'm not too drunk to think ! Also I foun a bug in keygen with longer names than 9 chars - probably I missed some procedure ! Happy New Year, and have a nice night ! |
| Ank83 02. Jan 2006 | Hm ! I know how you generate the last tree number ! Take every char of name convert to Asc code and add to serial ! can some help how do you get the fist 4 numbers ! How do you get 1243000 or something like this ! HELP ! |
| dc0de Author 02. Jan 2006 | hmm I think m@rio_crk is correct that there is a bug in this, because looking at ultrasound's solution, his key is different from the key i get for his name on my computer... but Ank83's(Vladimir) works on mine... I unfortunately no longer have the code for this crackme so I can't fix it :/ My apologies to those who have tried to solve it and encountered this problem. |
| dengkeng 03. Jan 2006 | I have write the keygen and have submitted, I hope its accepted now.copy your asm.^_^ |
| dengkeng 05. Jan 2006 | char szKey[]=";;;;;;;;;;;;;**====,,=,,========*=**=*=**=*=**=*=*=* "; //char szName[]="dengkeng"; CString strTemp; CString s1; char szName[128]={0}; char szStr1[128]={0}; for(int i=0; i<strlen(szKey); i++) { szKey[i]=szKey[i]+1; } GetDlgItemText(IDC_EDIT1,strTemp); if(strTemp.IsEmpty()) { AfxMessageBox("Your Name is Empty!!!!!"); return ; } strncpy(szName,strTemp,strTemp.GetLength()); memcpy(szStr1,szKey,strlen(szKey)); memcpy(szStr1+strlen(szKey)+1,szName,strlen(szName)); DWORD var_Len = strlen(szKey); DWORD var_10 = strlen(szKey)+2; DWORD dwResult = 0; if(strTemp.GetLength()>0x09) { dwResult = 0x12F7A8 ; s1.Format("%d",dwResult); SetDlgItemText(IDC_EDIT2,s1); return ; } __asm { pushad mov eax, 1 xor edx, edx loc_453924: mov cl, byte ptr [szStr1+eax-1] and ecx, 0FFh cmp ecx, 3Ch jg short loc_453950 jz short loc_453966 sub ecx, 21h jz loc_4539CF sub ecx, 0Ah jz short loc_45396B sub ecx, 2 jz short loc_453983 jmp loc_4539D1 loc_453950: sub ecx, 3Eh jz short loc_453961 sub ecx, 1Dh jz short loc_45399B sub ecx, 2 jz short loc_4539B5 jmp short loc_4539D1 loc_453961: inc [var_10] jmp short loc_4539D1 loc_453966: dec [var_10] jmp short loc_4539D1 loc_45396B: mov ecx, [var_10] movzx ecx, byte ptr [ecx+szStr1-1] inc ecx mov ebx, [var_10] mov byte ptr [ebx+szStr1-1], cl jmp short loc_4539D1 loc_453983: mov ecx, [var_10] movzx ecx, byte ptr [ecx+szStr1-1] dec ecx mov ebx, [var_10] mov byte ptr [ebx+szStr1-1], cl jmp short loc_4539D1 loc_45399B: mov ecx, [var_10] cmp byte ptr [ecx+szStr1-1], 0 jnz short loc_4539D1 loc_4539A8: inc eax cmp byte ptr [eax+szStr1-1], 5Dh jnz short loc_4539A8 jmp short loc_4539D1 loc_4539B5: mov ecx, [var_10] cmp byte ptr [ecx+szStr1-1], 0 jz short loc_4539D1 loc_4539C2: dec eax cmp byte ptr [eax+szStr1-1], 5Bh jnz short loc_4539C2 jmp short loc_4539D1 loc_4539CF: mov dl, 1 loc_4539D1: inc eax cmp dl, 1 jnz loc_453924 mov edi,12F7A8h // mov ebx, 1 loc_4539E0: mov eax, [var_Len] add eax, ebx movzx eax, byte ptr [eax+szStr1-1] add edi, eax inc ebx cmp ebx, 0Ah jnz short loc_4539E0 mov [dwResult],edi popad } s1.Format("%d",dwResult); SetDlgItemText(IDC_EDIT2,s1); There maybe some error ,I think is the dwResult = 0x12F7A8 ; I don't know How the edi=12F7A8h???I test in winxp+SP2 VC6.0 |
| dengkeng 05. Jan 2006 | It's pity that my Solution rejected.How the edi get the value???? I can get the right value in my computer with my keygen.But there is some other error in it.it should be edi. I think so!!! |
| syhs89 07. Jan 2006 | how to compile the code above by dengkeng 05. Jan, 16:45 ??? |
| syhs89 07. Jan 2006 | funny... according to the tutorials, i found out that user: ultrasound pass: 1308424 is wrong while the correct password is 1243080 |
| syhs89 07. Jan 2006 | i could not find where that 1308424 from..... |
| ultrasound 07. Jan 2006 | syhs89, the serial may change accross different computers, so the serial I have written down was the correct one on my machine, the keygen should be used to generate a serial on your machine.. i write my tuts as I go along, so that why I have written the serial.. |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.