Ms-Rem's KeyGenMe by Ms-Rem
| Download keygenme.zip, 20 kb (password: crackmes.de) Browse contents of keygenme.zip This keygenme use 8 commands VM for check serial.
Difficulty: 8 - *VERY VERY* hard | Send a message to Ms-Rem » View profile of Ms-Rem » |
Solutions
Solution by simonzack, published 18. feb, 2009; download (70 kb), password: crackmes.de or browse.
simonzack has rated this crackme as nothing special.
Solution by MR.HAANDI, published 30. sep, 2007; download (517 kb), password: crackmes.de or browse.
MR.HAANDI has rated this crackme as quite nice.
Discussion and comments
| indomit 07. May 2006 | VM-??? :) I tryed crack it... heh... I find the next: The text of messagebox depend on serial :/ If serial right then text of messagebox is generated as "Congratulations", else as "Not valid"... But the algo cycle is very very very long :) I don't understand it :) |
|---|---|
| Shism 08. May 2006 | That's What Im talking about :) I like the first trick ;). Very clever ;) Yes The vm looks pretty complex to me... |
| fnkt 14. May 2006 | nice keygenme! ep=0 is a nice trick and the vm looks nice. but why is it level 8? imho it is a lot easier. you can easily figure out the serial algorithm by setting some memory breakpoints and watching how the bytes change(only some additions & one substraction are used), this way you don't even need to disassemble the VM bytecode to understand it. anyway nice keygenme Ms-Rem! |
| Shism 15. May 2006 | fnkt did you "crack it"? |
| Shism 16. May 2006 | Are you gonna make a tutorial on how to keygen it? or Could you tell me how? |
| TQN 18. May 2006 | How it can run with EP = 0 ? I don't know why ? |
| fnkt 18. May 2006 | @TQN: sorry I meant AddressOfEntryPoint = 0, so EP = imagebase :/ 00400000 DEC EBP 00400001 POP EDX 00400002 MOV EAX,00405246 00400007 JMP EAX @Shism received my message? |
| Shism 18. May 2006 | ya fnkt... Even though its pretty hard , I haven't really researched what you showed me. |
| halsten 19. Feb 2007 | Hey all, I wonder about the trick of entry-point is 0, any ideas? |
| jB_ 19. Feb 2007 | halsten: what is the problem? The entry point is zero, that's all. This is not common. Look at the disassembly: "MZ" can be interpreted as a code sequence, then the program will jump to the "real" entry point. |
| halsten 19. Feb 2007 | jB: Thanks, I thought that it was abnormal to have an entry-point with a 0. I'll check it again. |
| jB_ 19. Feb 2007 | Actually it is not normal, but there is no problem with that. Read fnkt's post. Execution starts from image base, but Ms-Rem made the necessary to jump to the real entry point just after. |
| halsten 19. Feb 2007 | Problem is that I can't get it to disassemble the code, any ideas? Am I missing something that you've already pointed out? Thanks in advance. |
| zairon Moderator 19. Feb 2007 | >I can't get it to disassemble the code What do you mean exactly? |
| halsten 19. Feb 2007 | zairon: I can't seem to get a correct disassembly for the crackme even with IDA. |
| zairon Moderator 20. Feb 2007 | Maybe you need to dump the running exe... ;) |
| halsten 20. Feb 2007 | zairon: I've already done that, but still I get something weird. |
| zairon Moderator 21. Feb 2007 | What exactly? Write down some examples. |
| simonzack Moderator 10. Feb 2009 | brain fuck :p cool keygenme |
| MR.HAANDI 18. Feb 2009 | I just read simonzack's last lines and I think I was misunderstood. When I say "a woman would write a tool" then I mean it in a positive context. To write a tool you have to get behind the whole idea and this is a much more elegant solution. (That goes to my experience that women often write elegant code and men write fast code.) Maybe I've put more effort into a real level 8 ;) |
| simonzack Moderator 19. Feb 2009 | thanks for the clarification :p except lena151, haven't seen much woman doing RCE |
| Rouse_ 12. Nov 2015 | Full solution: http://habrahabr.ru/post/218887/ Sorry, only Russian language:( |
| Coderess 13. Nov 2015 | @Rouse_ It's very interesting solution, great job bro! |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.