geeko's new age
| Download crackme.zip, 245 kb (password: crackmes.de) Browse contents of crackme.zip coded in Delphi + ASM. But doesn't matter, the idea works in every language.
Difficulty: 2 - Needs a little brain (or luck) | RatingWaiting for at least 3 votes View profile of geeko » |
Solutions
Solution by BoR0, published 26. sep, 2006; download (4 kb), password: crackmes.de or browse.
BoR0 has rated this crackme as boring crap.
Discussion and comments
| AlexeyG 30. Aug 2006 | Well I got some results... not so good results, but still.. Here is a code that'll show the good boy message: 0713247. I think it's one of the possible variants (I didn't look into this). The code seems to work, but I do have a small 'bug' there... if you hit the check more then once then you'll get an error. I think this is another catch. Haven't looked yet, but guess the number should be greater. Please confirm that this is not a bug. |
|---|---|
| AlexeyG 30. Aug 2006 | Ok, some results I can say: this is not the only key, that will start the good boy message procedure. However this is the only numeric key to do this ;) And I want to belive that program crash is not my fault. Oh and I liked one trick in the crackme a lot, good work, geeko. |
| geeko Author 30. Aug 2006 | 0713247 is a bad code. did u brute force it or? u can call it a lil' bug (maybe u want me to write an updated crackme, so 0713247 won't work anymore?), but I said that the prog may crash with invalid code! u did it good, alexey, u are pretty close. Find the code & write tut. Thank u |
| AlexeyG 30. Aug 2006 | No, didn't bruteforce. I just found the good boy message and made a code that would make the crackme jump there. Hm, oki I will look into this tom. Thank you for the answer! |
| geeko Author 31. Aug 2006 | ok,i confirm is a little bug with second press, even with the right code (it was intended to be pressed once). It was by mistake that your code works, but is very close to the 'good boy' real routine entry. Any way I accept your solution if u write the tuto on how did u find it |
| geeko Author 31. Aug 2006 | is not a bug, is a catch. there is other numeric key |
| geeko Author 07. Sep 2006 | Hey. Did you give up? |
| geeko Author 19. Sep 2006 | hint try again. The code is an encrypted memory address. |
| BoR0 21. Sep 2006 | I understand the algorithm, but the hard part is to find the code offset where the Goodboy is stored. :) |
| geeko Author 21. Sep 2006 | hint look in 'changemouseup' |
| BoR0 21. Sep 2006 | Here's a code that will generate an EBFE (infinite loop) 2253246 :) |
| BoR0 21. Sep 2006 | Hmm, I thought I found the goodboy offset, but I did not. 00466110 is NOT the offset we need. |
| geeko Author 22. Sep 2006 | Where is that infinite loop? why 466110 is not good? |
| BoR0 22. Sep 2006 | The offset 466110 is a good offset. But your algorithm is such that it has no possibility of spitting a number that will generate a jump to 466110. |
| BoR0 22. Sep 2006 | Is 466110 the offset we were looking for? Did you plan that offset to be the final offset? If so, this crackme has no solution. |
| geeko Author 25. Sep 2006 | Are u sure? Think a bit more. OK. it took too much time! there is a sollution. 466110 is the right address. Tomorrow I'll publish the corect code. |
| BoR0 25. Sep 2006 | I have bruteforced every value from 0 to 4294967295. Your algorithm has no possibility of returning a 0x466110. |
| geeko Author 25. Sep 2006 | Hahaha. You are cool man! Tomorrow u'll see your brute force has an itzy bitzy tiny little bug which avoids the correct number. :) see ya. |
| HMX0101 25. Sep 2006 | This one is very easy... @BoR0: try to reverse 00466110, using the geeko algo :) |
| BoR0 25. Sep 2006 | I apologise. A mistake found in my bruteforcer. Why was my post deleted btw? Admin message me please |
| BoR0 25. Sep 2006 | BTW I have found the correct code :) |
| geeko Author 26. Sep 2006 | Tell the correct code. Bruteforce is not a solution! |
| BoR0 26. Sep 2006 | geeko, I have already posted the correct code but the admins have deleted that message. I will post it to your PM. |
| BoR0 26. Sep 2006 | I have found a way to solve it without bruteforcing too, but I am afraid I already posted my solution yesterday. Why didn't you say that bruteforcing was not allowed in the readme.txt file? |
| zairon Moderator 26. Sep 2006 | From our FAQ: "...don't post comments like "I have solved the crackme" or "Solved! Serial is xxx" or "Solution is posted"..." |
| BoR0 26. Sep 2006 | OK zairon. I havent been around this webpage for a while. ;) |
| geeko Author 26. Sep 2006 | I forgot to say not to bruteforce. sorry |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.