pxor's KeygenMe v2
| Download keygenme_v2.zip, 3 kb (password: crackmes.de) Browse contents of keygenme_v2.zip This is another keygenme by me ;P its easy and dedicated to noobs so get to work.....
Difficulty: 2 - Needs a little brain (or luck) | RatingWaiting for at least 3 votes View profile of pxor » |
Solutions
Solution by Knight, published 29. jun, 2005; download (22 kb), password: crackmes.de or browse.
Knight has not rated this crackme yet.
Discussion and comments
| jeromecrea 23. Jun 2005 | Lots of xlate tables. Gotten the first 8 chars with my m4d n00b sk|11z in about 6 hours. :P |
|---|---|
| pxor Author 23. Jun 2005 | i don't care :PP get to the work !! :-D |
| SunSatION 23. Jun 2005 | Yes, too muuuch :) |
| renno 24. Jun 2005 | I got 9 chars in about 10 seconds :D |
| renno 24. Jun 2005 | sorry, mistake 13 chars, reverse first loop, and gues rest |
| jeromecrea 24. Jun 2005 | Slowly made it up to L004012BF, and looks like it's about to get harder again. Finding that starting "X" from goodboy values is getting easier from practice though. Using only a disassembler and the exe is like working with stone and chisel! :) |
| pxor Author 26. Jun 2005 | No one cracks it yet ? LOL ? :D |
| Knight 28. Jun 2005 | Cracked it in couple hours. Solution is coming. |
| pxor Author 28. Jun 2005 | YEA! thats what i like :P (hope your keygen generate xxx valid serials for any name) |
| Knight 29. Jun 2005 | Yes of course it can. But... i know that there is bug in my keygen that i can't find, so some of those xxx serials are fake. |
| pxor Author 29. Jun 2005 | _CantFindGetOtha: mov esi,offset name mov edi,offset serial+13 mov ebx,offset s_dat1 mov ebp,8 _GenAnotherPart: xor ecx,ecx dec ecx rdtsc and eax,11111111b ;X mov dl,al xlatb xor al,byte ptr [esi] ;X xor N inc esi _SearchForSameAsAl: inc ecx cmp ecx,256 jz _CantFindGetOtha cmp byte ptr [ebx+ecx],al jnz _SearchForSameAsAl mov al,dl stosb mov al,cl stosb dec ebp jnz _GenAnotherPart mov ecx, 8 lea edx, [serial+13] lea esi, name lea ebx, s_dat1 B: call rand mov [edx], al xlat xor al, [esi] push ecx mov ecx, 100h lea edi, s_dat1 repne scasb not cl mov [edx+1], cl add edx, 2 inc esi pop ecx dec ecx jnz B ..... hope u understand :P |
| pxor Author 29. Jun 2005 | One of invalid serials generated by your keygenme...... name: d9a serial:Kocham Gosie-87881C0FFFAD1E3A574C1B0AF43BAD3FA8BD76B03DD0011D57ACA35D4AF1624BAF |
| pxor Author 29. Jun 2005 | lea esi, [serial+13] ;get 4'th part mov eax, [esi] xor eax, [esi + 4] xor eax, [esi + 12] mov [esi + 12], eax ;get 3'rd part xor eax, [esi + 8] xor eax, [esi + 4] mov [esi + 8], eax ;get 1'st part xor eax, [esi] xor eax, [esi + 12] mov [esi], eax ;get 2'nd part xor eax, [esi + 4] xor eax, [esi + 8] xor eax, [esi + 12] mov [esi + 4], eax for siure this is good but there is another way to reverse it too ;p mov esi,offset serial+13 mov edi,offset RevShitHere mov eax,dword ptr [esi+4] xor eax,dword ptr [esi] mov dword ptr [edi+4],eax mov eax,dword ptr [esi+8] xor eax,dword ptr [esi+12] xor eax,dword ptr [esi] mov dword ptr [edi+8],eax mov eax,dword ptr [esi+12] xor eax,dword ptr [esi] xor eax,dword ptr [esi+4] mov dword ptr [edi+12],eax mov eax,dword ptr [esi+4] xor eax,dword ptr [esi+8] xor eax,dword ptr [esi] mov dword ptr [edi],eax A=nB xor nC xor nA B=nB xor nA C=nC xor nD xor nA D=nD xor nA xor nB |
| Knight 30. Jun 2005 | About the first one well your code does same as mine, just checks if value was realy found. I think it's not necessary but even with that check it still sometimes fails. About the second. A think there is no big difference which one to use, just mine uses only one buffer. |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.