Ox87k's kEYGENME#1 : +gAs+
| Download +gAs+.zip, 73 kb (password: crackmes.de) Browse contents of +gAs+.zip ~~~~~~~~~~~~~~~~~~~~~
Difficulty: 3 - Getting harder | Send a message to Ox87k » View profile of Ox87k » |
Solutions
Solution by Crosys, published 19. jun, 2006; download (239 kb), password: crackmes.de or browse.
Crosys has not rated this crackme yet.
Solution by HMX0101, published 15. jun, 2006; download (99 kb), password: crackmes.de or browse.
HMX0101 has not rated this crackme yet.
Discussion and comments
| Ox87k Author 06. May 2006 | thanks for comment but plz, no post serial or something like this! Serial fishing is very easy because the final serial is clear in the stack! It's a keygenme so.... kEYGEN iT! :P |
|---|---|
| saytos 06. May 2006 | i registered recently. sorry...=) |
| HMX0101 06. May 2006 | SHA-1 (maybe modified), this time i can't crack this :D @Ox87k: a little question... oraculum is permitted as valid solution? btw, nice gfx... |
| indomit 07. May 2006 | Sorry for offtopic: Can anybody tell me, what meaning of "Serial Fishing" and "Self-Keygenning"? Plz... :/ |
| l0calh0st 07. May 2006 | indomit Serial fishing is finding a serial for your name........while self kegenning makes the proggy to display correct serial for the name entered.. |
| l0calh0st 07. May 2006 | and nice effects Ox87k :) |
| indomit 07. May 2006 | l0calh0st, thanks a lot :) |
| Ox87k Author 07. May 2006 | @HMX0101 a little question... oraculum is permitted as valid solution? what means this? sorry but... what's oraculum?!?! :| however yes, is sha1 not modified (only the initialized numbers). Why u can't crack this? @For all: thanks! =) |
| HMX0101 07. May 2006 | "Informatically speaking, an oraculum is a loader, an external program which executes the target program and does some memory patching in order to obtain some information such as usually the serial code, and then it reports those things to the user. An Oraculum is not a self-keygen (an application patched to reveal its real serial), because the original application isn’t patched on disk, isn’t only a loader because the application is closed when the required information are found (usually the real serial) and the application isn’t patched to avoid limitations, it is something different, it’s simply an Oraculum..." Oraculum Tutorial by Shub-Niggurrath http://tutorials.accessroot.com |
| Ox87k Author 07. May 2006 | ah ok!! i now understand what do u means but in my readme.txt i wrote: NOT ALLOWED + Loader however... i can accept ONLY ONE solution with oraculum/loader, the others MUST BE ONLY kEYGEN+TUTE! ;) |
| HMX0101 13. May 2006 | load the oraculum, press get a serial, now put a name in the keygenme press check, wait a moment and the right serial is putted in the textbox of the oraculum. |
| indomit 13. May 2006 | for me oraculum work if first I run keygenme... next I do the said steps. |
| Ox87k Author 13. May 2006 | @hmx0101 SORRY : I deleted ur post for my mistake! however... here is the oraculum by HMX0101: http://rapidshare.de/files/20363315/Oraculum_Keygenme_1.zip.html I've tried many times but still nothing.. someone other can try this plz? another sorry HMX0101! :'( |
| Ox87k Author 31. May 2006 | does nobody succeeds to make a keygen and a tutorial for it?? it's not very hard, only sha1 not modified... if somebody need hints, maybe i can help... |
| HMX0101 31. May 2006 | Sha1 its very easy, but i don't know what are doing the crackme in this part (a little down, some similar): 0040804C > \6A 01 PUSH 1 ; This is passed with different numbers 0040804E . 8D8C24 480200>LEA ECX,DWORD PTR SS:[ESP+248] 00408055 . 55 PUSH EBP 00408056 . 8D9424 000100>LEA EDX,DWORD PTR SS:[ESP+100] 0040805D . 51 PUSH ECX 0040805E . 8D8424 A00200>LEA EAX,DWORD PTR SS:[ESP+2A0] 00408065 . 52 PUSH EDX 00408066 . 50 PUSH EAX 00408067 . 81EC C4000000 SUB ESP,0C4 0040806D . B9 31000000 MOV ECX,31 00408072 . 8DB424 500600>LEA ESI,DWORD PTR SS:[ESP+650] 00408079 . 8BFC MOV EDI,ESP 0040807B . F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI> 0040807D . E8 3E040000 CALL +gAs+.004084C0 ; i don't know exactly what are doing the crackme in this call I hope that you can help me :D Anyway, very good crackme. |
| Ox87k Author 31. May 2006 | eheheh the routine is all them! :P however, in simple words: 0040804C > 6A 01 PUSH 1 ; ; push var we call this var "countertimes". At offset 0040807D u have a call... in this call the crackme get the value of eax and the len(name) (ebp) and calculated "countertimes" times the sha1 of eax. If the countertimes is 1 then we have the 'normal' hash of eax ('normal' but be careful to sha1 initials dwords) else we have a cicle........ Sorry for my bad english, i hope u understand now.. I also hope to see a keygen and a tutorial soon! :) |
| l0calh0st 01. Jun 2006 | Waiting for someone to submit solution..i want to learn these crpto stuff..Maybe HMX is near to completing it |
| HMX0101 02. Jun 2006 | The 1st time it use the modified default dwords of initialization and the another time it modify the dwords... Is this right? |
| Ox87k Author 03. Jun 2006 | nope! the dwords are always the same ones! :) it is easier than that you think!! |
| HMX0101 03. Jun 2006 | The 1st time, it take the normal hash of the name, after this it load in a variable the first 8 chars of the last hash X times, but where is used this value? |
| Ox87k Author 03. Jun 2006 | name -> sha1 -> hash1 hash1 (with len=8) -> sha1 -> hash2 etc... |
| HMX0101 12. Jun 2006 | I have submitted my solution for this crackme! This crackme can confuse to everybody that play with it... Anyway, good job Ox87k... Waiting for another good challenge! |
| Ox87k Author 15. Jun 2006 | very very very good job hmx0101 and finally someone has solved it =) Another thanks to have tried it (specially hmx0101) |
| HMX0101 15. Jun 2006 | Thank you, for this nice challenge! I'm waiting the next challenge!!! |
| Crosys 18. Jun 2006 | Solved. Can write tutorial if you guys want 1 more.... |
| Ox87k Author 18. Jun 2006 | Good work x15or =) write and submit! |
| HMX0101 18. Jun 2006 | @Ox87k: how you can make the effect in the gfx? it's cool :D |
| l0calh0st 18. Jun 2006 | Yeah that effect is cool...have seen in some CORE keygens...Maybe Ox87k can reveal something :) |
| Ox87k Author 18. Jun 2006 | hum... i've seen one time in a official keygenme by ROR and after some searches i found it here (the code is public) http://codeproject.com/bitmap/specialfx.asp =) |
| HMX0101 18. Jun 2006 | Thanks!!!, i like this effect :p |
| l0calh0st 18. Jun 2006 | Yeah...thanks ...nice project :) |
| Ox87k Author 18. Jun 2006 | @x15or: u can write another solution :) Ur keygen has a very nice cool gfx :D |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.