downloadbrowsehaggar's KeyMe1

Download KeyMe1.zip, 2 kb (password: crackmes.de)
Browse contents of KeyMe1.zip

Hi folks!

This lame crackme is for totally newbie's , but beware of very simple but very annoying anti-Olly trick(s).

Do not run this crackme if you are surfing the net, or you have important documents opened. Close all and then try to solve this crackme. I stole trick from one protector. I threw some junk code inside just that it is not so obvious.


Your primary task is to find valid serial. It's simple but it needs to be bruted. No, it's not crypto (far away from that) and serial consist only from numbers and .... you'll see.



So find serial and explain anti-stuff. Good luck :)



PS

Tested only on Windows XP SP1.

Difficulty: 2 - Needs a little brain (or luck)
Platform: Windows
Language: Assembler

Published: 09. Apr, 2006
Downloads: 803

Rating

Votes: 4
Crackme is nothing special.

Rate this crackme:

Send a message to haggar »

View profile of haggar »

Solutions

Solution by l0calh0st, published 10. apr, 2006; download (13 kb), password: crackmes.de or browse.

l0calh0st has rated this crackme as quite nice.

Submit your solution »

Discussion and comments

l0calh0st
09. Apr 2006		Very nasty Trick of exiting windows :P
Thanks :)
justinf
10. Apr 2006		sadly thats just too much thinking for me, to brute the key- although I see how, I just *really* don't want to think that much ;]

a+b*b+c*c+d*d+e*e

Is there an easier way than I was thinking? taking the last value, dividing by 0x30-0x39 for each of the values until one of them makes it back 5 and equals 0?
TQN
10. Apr 2006		FindWindow with "OLLYDBG" class name string, IsDebuggerPresent, rdtsc trick. My Windows and OllyDbg not exit.
haggar
Author
10. Apr 2006		l0calh0st, nice work. And quick too ;) Keygen was nice bonus.

See you!
Zaphod
10. Apr 2006		l0calh0st writes in his tutorial: "Just press Ctrl+Alt+Del and then Esc and now everything seems to be fine..."
Well, yes - but why? How did haggar make the computer apparently freeze? And what is BlockInput? This function is not mentioned in my win32.hlp...
l0calh0st
10. Apr 2006		Sorry i didn't mentioned that........Well the BlockInput blocks the keyboard and Mouse input...Only Ctrl+Alt+Del can unblock it in Windows Xp
justinf
11. Apr 2006		just hit 'space' in olly and change the call eax to nop's and blockinput is no longer an issue. Additionally, just set eax to 0 after IsDebuggerPresent() and the FindWindow() stuff.

I never got it go quick enough between rdtsc's to be < 100, best I got was like 1000, so I just patch the jump to hand control one byte forward.
haggar
Author
11. Apr 2006		Zaphod

Enter in Google BlockInput and first link will give you API explanation.

That RDTSC trick was crapp :) Just waste of couple bytes but I tought than some newbie maybe newer sow that opcode before.
Ox87k
11. Apr 2006		i don't know the trick RDTSC... haggar, can u give me more info about this? Thanks!
haggar
Author
11. Apr 2006		RDTSC , ReaD Time Stamp Counter, is some timer value based on cpu cycles. Use google and you'll find more info.

Basicly, it gives to EAX:EDX some timer value, I store it to stack , then little later I take another value. I subtract them and compare result. If result is big, that mean lot of time passed betwen those checks. In another words, somebody is debuging my code ;)

It is common thing in todays protectors (SDProtector, SVKP, ...).
Zaphod
11. Apr 2006		Thanks, haggar.
I had never heard of BlockInput or RDTSC before. Nice to learn new tricks...
Ox87k
11. Apr 2006		yeah, very nice trick (rdtsc)... thanks for description haggar ;)

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.