PAGMAN's PAGMAN BitCrypt
| Download PAGMANs_BitCrypt.zip, 39 kb (password: crackmes.de) Browse contents of PAGMANs_BitCrypt.zip Obfuscation is irreverent when you compare it to this. You WILL NOT crack this. The code is easily visible in .NET Reflector. There is no need to hide it. This can NOT be reversed. You either are licensed to run it or you aren't'; it's that simple.
Difficulty: 9 - You can't solve this yourself :) | Send a message to PAGMAN » View profile of PAGMAN » |
Solutions
There are no solutions to this crackme yet. Have you solved it? Please write a tutorial and submit it here!
Discussion and comments
| Coderess 11. Aug 2010 | >This can NOT be reversed. This is rash opinion |
|---|---|
| PAGMAN Author 11. Aug 2010 | Go ahead and prove me wrong :) |
| TQN 12. Aug 2010 | Can you rebuild your crackme with .Net framework below 4.0 (2.0, 3.5...) |
| buganxin 12. Aug 2010 | yes , please rebuild it with .net framework 3.5 or below. |
| cyclops Moderator 12. Aug 2010 | I have seen these kind of protection(though I dont remember the name). This protection cannot be applied in real life licensing schemes. If I bought a licensed copy, which is encrypted with my CPUID, I can just dump the decrypted IL, do some hex patching and make a fully functional product. Its like giving a password protected ZIP file, once it is unzipped everyone can copy it :P Now coming to the protection, processor id is a 64bit number, so you can start brute forcing from 0 to (2^64)-1. (Someone trying it?? :P) It seems the author has overlooked at the processor id. Processor id is not a serial number that is just different for every processor. It is the result of instruction CPUID when executed with EAX = 1. This will give the feature list of the processor like x87 FPU on Chip, APIC on Chip etc. So the probability of finding a system with same CPUID is pretty large(for a licensing scheme). I have tested with couple of PCs and result is: Core 2 Duo: BFEBFBFF000006FD Athlon x2 4600+: 178BFBFF00040F33 Athlon x2 4600+: 178BFBFF00040F32 Dual Core: BFEBFBFF0001067A Athlon x2 5600+: 178BFBFF00040F33 Perfectly brute forcible if you know authors processor type and series : D Again to math, there are 7 reserved bits(set to 0 by default), so you can optimize the brute force a little bit, and you may assume many of the bits to be set(just assumptions, may be I am wrong). Ok, enough BS, can you solve it? may be/may be not, I am not gonna brute force! |
| PAGMAN Author 13. Aug 2010 | I will rebuild it... |
| mazuki 17. Feb 2011 | i will start work on this one i think, should be a good .net project to start off with, cyclops, one question.....you got odd results for your CPUID, shouldn't bit 31 returned by 0 always as they default to that? when i run CPUID i get 0 for all processors in this bit location |
| cybercrz 14. Apr 2012 | stupid crackme... only licenced for only processor... can only be decrypted with one processor hash.. that's why he said this cant be reversed... |
| .Net 15. Jan 2013 | It could be reversed, when you bypass the CPU Check! |
| loizos 31. Mar 2013 | Any program can be reversed if you try crack this program without reversing it its like throwing eggs on the wall |
| upsurt 06. Jan 2014 | Content blocked While trying to retrieve the URL:http://crackmes.de/users/pagman/pagman_bitcrypt/download/PAGMANs_BitCrypt.zip The content is blocked due to the following condition: The item you have requested is infected by a virus. It will not be downloaded. Report: TR/Dropper.MSIL.Gen |
| zairon Moderator 07. Jan 2014 | Don't trust everything they tell you, antivirus are not perfect. |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.