
__imp__'s KeygemMe #1
Download KeygenMe_1_by__imp__.zip, 4 kb (password: crackmes.de) Browse contents of KeygenMe_1_by__imp__.zip This is my very first crackme.
Difficulty: 3 - Getting harder | RatingWaiting for at least 3 votes View profile of __imp__ » |
Solutions
Solution by Zaphod, published 24. mar, 2006; download (23 kb), password: crackmes.de or browse.
Zaphod has rated this crackme as quite nice.
Discussion and comments
__imp__ Author 16. Mar 2006 | Has anybody solved this already? |
---|---|
Zaphod 16. Mar 2006 | I think I'm close to finding the right serial for my name, but writing a keygen may prove too difficult. This is a tough one - is it really only level 2? |
__imp__ Author 16. Mar 2006 | Well, I guess it's harder than level 2. However, if You catch the meaning of the algo it won't be so difficult to make a keygen. A hint: there are some idle procedures at the end (just to lead astray). |
Zaphod 16. Mar 2006 | Now I know how to find the serial for a specific name, but I don't think I can write a regular keygen. BUT, a selfkeygen, on the other hand, shouldn't be too hard. That's what I'm working on now... |
kittmaster 17. Mar 2006 | You guys are really getting off your own hype..........I mean.......unpacking fsg is a pita all by itself and well above a level 2, now this crazy scheme. I enjoy working on them but two spend more than 2 hours on something like this.........no way. |
l0calh0st 21. Mar 2006 | SelfKEygen doesn't work |
zairon Moderator 21. Mar 2006 | I tried on Xp and I haven't problem. Which os are you running? Which sp? |
code_inside 21. Mar 2006 | I think l0calh0st meant that the selfkeygen does not output the correct serial in the editbox :) In fact, it doesn't output anything ;) |
zairon Moderator 21. Mar 2006 | Hm, strange I would say. I can clearly see the serial. Code_inside, which os? I don't have all the os at home and I can't check if something runs fine on each os... |
code_inside 21. Mar 2006 | zairon, I've checked the selfkeygen and it seems that Zaphod has used an immediate push of the window handle as part of SetDlgItemTextA (He used "push dword ptr [0012FBF0]", he should use "push dword ptr [ESP+1C]" :) So on some systems it may work, but not on all systems ;) |
__imp__ Author 21. Mar 2006 | The Selfkeygen doesn't work on my machine too (winxp sp1) :( Respect to Zaphod, the tutorial is quite OK! I hope that the algorithm will be eventually broken. |
l0calh0st 21. Mar 2006 | XP SP2---Like code_inside said...nothing is shown :( |
l0calh0st 21. Mar 2006 | and the serial is shown after changing to [ESP+1C].Thanks for the tip code_inside |
__imp__ Author 21. Mar 2006 | A remark: i think it's worth describing how to deactivate very simple antidebugging trick that i used in this crackme. I haven't found this in the solution. Maybe some real mode debuggers can do it automatically (i don't know) but nevertheless... |
HMX0101 21. Mar 2006 | __imp__, with the plugins you can bypass the debugger protection... |
__imp__ Author 21. Mar 2006 | Well, OK. I just find it useful to describe what to do without plugins :)) |
Zaphod 22. Mar 2006 | I am glad that code_inside found out about the [ESP+1C]-thing, thanks for that. This must mean that the handle can be stored in another place than [0012FF0] on other computers? By the way, I forgot to mention in my tutorial that I tried to make the keygen contain NOT two buttons saying "Check!" and "About", but only one button saying "Generate serial", but I could'nt do that. I tried using ResHack, but that didn't work. Someone who knows how to do it? |
Zaphod 22. Mar 2006 | [0012FF0] should be [0012FBF0] :) |
__imp__ Author 22. Mar 2006 | Zaphod, if you want to change resources then i think you should better make your own resource file and replace inaccessible dialog with your own (using ResHack). In this case you must know IDs of dialog controls which are easy to find. P.S.: I tried this and it works fine. |
Zaphod 23. Mar 2006 | Thanks for the tip, __imp__, I am not quite sure how to do this, but I'll try to find out. After all, this is all about learning... |
Ank83 23. Mar 2006 | yeap ! That right - IT IS ALL ABOUT LEARNIG ! |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.