_khAttAm_'s _khAttAm_'s KefileMe v2
| Download _khAttAm_.kfmv2.zip, 95 kb (password: crackmes.de) Browse contents of _khAttAm_.kfmv2.zip hey ppl,
Difficulty: 7 - Very hard | Send a message to _khAttAm_ » View profile of _khAttAm_ » |
Solutions
There are no solutions to this crackme yet. Have you solved it? Please write a tutorial and submit it here!
Discussion and comments
| ap0x 27. Jul 2005 | I have just downloaded it and unpacked it... The thing i want to know is what is that code scrambler used on UPX. Do you mind telling us... |
|---|---|
| _khAttAm_ Author 27. Jul 2005 | Ok ap0x........ It's UPolyX 0.4............... |
| _khAttAm_ Author 27. Jul 2005 | And good luck ap0x.......... Hope you'll write a tut to my crackme.............. I really love to see tuts on my crackmes............... |
| deroko 05. Aug 2005 | noooooo =) why VB why =) uhhhhh this progy goes from one dir to another =) |
| deroko 06. Aug 2005 | huh I've patched kfm__1.tmp to create keyfile with my name, but I'm not sure if this is right solution? Now it prints registered to deroko... and this VB is really killing me... |
| deroko 06. Aug 2005 | yap, but I've set BPs on CreateFileA and CreateFileW, also on CreateProcessW to see what is going on, but CreateFileA is called only for checking if keyout.tmp exists, which is generated by kfm__1.tmp... I don't see any keygen routine or anything like that so I guess that patching kfm__1.tmp with my name is solution =( _khAttAm_ ? |
| _khAttAm_ Author 06. Aug 2005 | Come on konstAnt, Dont act smart............... Two weeks ago, I've already shown you how this crackme works and the valid keyfiles too................. And you've got the wrong one.......... Here is NO LOADER............ That was another one.............. Have you even tried this one?? hehe :D.....peace and derko........ Hope you've tried hard....... But I've stated clearly and will like to state, well if I haven't, that .......... "NO PATCHING" It isnt so silly as writing keyout.tmp and writing your name on that, come on........... And thats why it is level 7 (Very Hard) :) And keygen routine?? for a keyfile-gen-me............ Remind you, your target is to make a Keyfile-Generator for any name............... Let me give you a hint, the keyfile will have the name "jammin.key" and should reside in the same folder where the crackme is running from.................... If you wish to see some valid Keyfiles, you may ask........... And yet another hint, the original checking routine is in kfm__1.tmp.................., :D |
| deroko 06. Aug 2005 | yap I've seen that jammin.key and made it, but couldn't finc routine that cheks for it =) maybe to deep harder =) |
| deroko 06. Aug 2005 | ahh bunch of spelling mistakes... huh it is going to be a long night... |
| deroko 07. Aug 2005 | 004033BC FF2485 C4334000 JMP DWORD PTR DS:[EAX*4+4033C4] ahh just to see how this thing fits in, 9, 0a, 0d can't be used so some other address is used... 20 neither... huh =) Just to find working address... or we have decoy =) I'll find out very soon... |
| deroko 07. Aug 2005 | huh I got lost with all this 22/2c/24/09/0a/0d/20 =) Also there are some checks for stringlen (30) and as I fugured there should be 24 13/14 times so this would be incremented: 004010F7 E8 74250000 CALL dumped3_.00403670 004010FC 83F8 24 CMP EAX,24 004010FF 74 05 JE SHORT dumped3_.00401106 to follow last je and increment some data... not sure yet... huh, very tough crackme... |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.