gbe32241's SDDecoder
| Download sddecoder_v1.1.zip, 327 kb (password: crackmes.de) Browse contents of sddecoder_v1.1.zip This is an updated version of my original SDDecoder challenge which will hopefully clarify some misunderstandings.
Difficulty: 6 - Hard, for very professionals only | RatingVotes: 7 View profile of gbe32241 » |
Solutions
Solution by andrewl.us, published 13. jan, 2010; download (638 kb), password: crackmes.de or browse.
andrewl.us has not rated this crackme yet.
Discussion and comments
| zart 26. Jun 2008 | Why do I just get the feeling that this wasn't coded by you? |
|---|---|
| gbe32241 Author 26. Jun 2008 | Just ask me some questions and see if my replies satisfy you. |
| zart 26. Jun 2008 | i've submitted a solution, personally i still don't think you wrote this, the level is far too high for the requirements you've set... just providing another serial is tedious. providing a (bruteforce) keygen would also be tedious since it only requires you to call the functions you have already provided for us. |
| MR.HAANDI 26. Jun 2008 | I'm on my way making a clean keygen for this one and I first had the same impression (some ripped routines) but one single sentence in a PM from the author destroyed that illusion ;) One more thing: this kind of keygenme is exactly what I love to solve! |
| andrewl.us Moderator 26. Jun 2008 | I'm looking forward to a non-bruteforce solution, don't leave out any details, MR.HAANDI! :) |
| gbe32241 Author 27. Jun 2008 | If you were to produce some collisions pursuing the non-linearity of the f_evaluate function, please consider that it would be easy to counter by just black-listing my own codes after that function. |
| andrewl.us Moderator 01. Jul 2008 | Nice solution, Zart. I like your observation of the look-alike characters maybe indicating that this wasn't a typical crackme. I would still like to see a key generator that faces the math directly. Can we all gather in a circle and chant "MR.HAANDI" to summon him for a solution? |
| gbe32241 Author 01. Jul 2008 | Zart's solution in a real world scenario simply doesn't work, because if I were to black-list codes I would do by comparing the list against the code signatures (the output of the f_evaluate function) and not the input strings. He also probably does not realize that just because portions of my code actually do come from real world protections, doesn't mean that I'm not the author. Still I have to blame myself for my poorly written requests. |
| MR.HAANDI 01. Jul 2008 | Why did a mod permit this solution? If zart wants a level 1 keygenme, then he should specify his serach. This is one of the best math keygenmes I had in a year (still on it) and of course, the task looks kind of weird (well, first submission). However, the submitted solution is like a joke which belongs into comments. |
| gbe32241 Author 01. Jul 2008 | No problem, I'm now updating the challenge leaving the math problem intact and getting rid of these shortcuts at the same time. |
| saitob 01. Jul 2008 | I agree with MR.HAANDI. I know it says only to find one valid serial, beside the ones included. But, if you look at the logic of the program, it's really not a diffirent serial. I mean, the modified serials in the solution is equal to the included ones for the program. I think a valid solution with 1 valid serial would be a completely different serial, maybe if you bruteforce your way to one?... Anyway, i'll be waiting for MR.HAANDI's solution. As always, sorry for bad English, hope i'm understood. |
| TiGa 01. Jul 2008 | Crackme updated after the first solution has been approved. |
| saitob 01. Jul 2008 | Very nice with the update. Just a question: If the source code was not included, what difficulty would this crackme be then? |
| gbe32241 Author 02. Jul 2008 | Not much higher. It may take sometime to reverse, but unless I use a VM to perform the operations, in less than about 4-5 hours a good reverser would quickly rebuild the higher level structures and roughly reach the point where you're all starting with the source code. |
| zart 02. Jul 2008 | I was not intending to be insulting in anyway. I merely was following the directions of the crackme as it had been stated. I'm sorry if I wrongfully thought the crackme was not written by the author who had posted it, I explained why I thought so also. I also stated WHY I felt it was improperly labeled and why a brute-forcer would also be easy enough to do. Don't hate me for following rules that have been set. The updated crackme changes exactly what I was griping about. Again - No offense was ment. |
| cyclops Moderator 15. Jan 2010 | Exceptional solution Andrew!!! Hats off! |
| gbe32241 Author 16. Jan 2010 | Just in case somebody wishes details on DRegZ or on how SDDecoder was built: http://www.webalice.it/giuliano.bertoletti/lca.html |
| simonzack Moderator 16. Jan 2010 | really impressive maths there andrew |
| andrewl.us Moderator 16. Jan 2010 | thanks dudes, the LaTeX stuff makes it look fancier than it really is...too bad it's so much work...TXT next time :) |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.