downloadbrowseDcoder's KeygenME #3

Download kgme3.zip, 6 kb (password: crackmes.de)
Browse contents of kgme3.zip

==== KeygenME #3 ====

Hello again. I haven't put anything out in a while, so I decided to make
this little thing. Unlike #2, I tried to make this one as succinct as
possible, so you won't have much to reverse.

The goal is to produce a key generator for arbitrary names, and a write-up.

Have fun,
Dcoder

Difficulty: 3 - Getting harder
Platform: Windows
Language: C/C++

Published: 06. Nov, 2012
Downloads: 383

Rating

Waiting for at least 3 votes
(we have only 2).

Rate this crackme:

Send a message to Dcoder »

View profile of Dcoder »

Solutions

Solution by pk__, published 03. jan, 2013; download (6 kb), password: crackmes.de or browse.

pk__ has rated this crackme as awesome.

Submit your solution »

Discussion and comments

hPlow
07. Nov 2012		I tried, but I failed.

something I did "nops" in a conditional jump.

But it did not work.

I look forward on tutorial!
haggar
08. Nov 2012		If you want to patch it so it shows "Good job!", then you need to NOP two jumps. Open OllyDbg, right click on CPU window, select "Search for ->", select "All referenced text strings" and there you will see 9 ASCII strings. Double click on "Good job!". Below you see "Try again" and above you have two conditional jumps that throw you at that message. So , what are you gonna do? Now you think a little :)

It is very easy and straightforward. But keygening... hmm that algo at first glance looks interesting. I would like to give it a try, but I'm so short with time for these things.

By
seskissinger2
16. Nov 2012		00C915DC |. 75 0F JNZ SHORT kgme3.00C915ED
00C915E4 |. 75 07 JNZ SHORT kgme3.00C915ED

Are the two jmp "Haggar" talking about.
a_tek7
27. Nov 2012		Hashes for name and serial are produced almost identical.I mean for serial a special part of code is executed which is not executed for name. So, I have to Brute Force it or I'm wrong?
tamaroth
Moderator
03. Dec 2012		Brute force (or rather some form of it) is necessary.

name: tamaroth
key: 45A88256CC2C4DA7FB073F986DA6F89C

However it takes far too long in its current state, so I need to find a way to generate it faster.
pk__
29. Dec 2012		One way to solve this problem is described here: www.cs.berkeley.edu/~daw/papers/genbday-long.ps

% time ./keygen pk
c75699f4c79c038da8e83d6172bef93a
d59a129cc62b0db2be79bf1482687a84
b922ea4aef7ed1fbe73e4ebe38f8146b
f1b728f382e886b280f8177372e3e202
41fd2b233c7807f373a36867b6fcf0e5
32f83a5f4903c7d890f2d1fc42eb752f
7a9a20358b5840cc728b3aba74a44614
./keygen pk 3.72s user 0.79s system 99% cpu 4.531 total
jenkinspro
30. Dec 2012		ohhh the algo is too long i havnt the patience for that:(

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.