qpt^J's qpt^J's Crackme
| Download Crackme.zip, 9 kb (password: crackmes.de) Browse contents of Crackme.zip There is no rules:
Difficulty: 2 - Needs a little brain (or luck) | Send a message to qpt^J » View profile of qpt^J » |
Solutions
Solution by DoomsDay, published 03. aug, 2009; download (2 kb), password: crackmes.de or browse.
DoomsDay has rated this crackme as awesome.
Discussion and comments
| kilobyte.asm 28. Jul 2009 | nice scheme, is it really for newbies :P |
|---|---|
| qpt^J Author 28. Jul 2009 | I think no,I choozed a Difficulty 4/10 |
| HackerVirus_90 29. Jul 2009 | sorry, but if i write active code and i push check button, the software crashed..sorry for my bad english.. |
| obnoxious 29. Jul 2009 | he he definitely not a lvl 2. :) |
| qpt^J Author 29. Jul 2009 | So,that is a wrong activation code.This Crackme isn't so easy P.S. sorry for my bad english too :) |
| BoRoV 29. Jul 2009 | and what I must see when all good? P.S. sorry for my bad english too :))) |
| HackerVirus_90 29. Jul 2009 | i think my activation code is correctly but i don't know if it is correct, call a messagebox or good message??!! :) |
| qpt^J Author 30. Jul 2009 | BoRoV You must see there Message "Write Serial" HackerVirus 90 your activation code isn't correct but you make a patch,because you can't find write serial number with its algorithm |
| cobrasniper555 30. Jul 2009 | So far, I've got an activation code that has every 8th byte that'll pass the first check routine. However, you've included a nice routine that uncovers another procedure via polymorphism. I like these routines because they're hard but I also don't like them because of their tendencies to be bruteforced for a valid solution. I'm sorry but I think I'm going to call it quits on this one. |
| kilobyte.asm 30. Jul 2009 | this should help -> http://ref.x86asm.net/coder32.html, if you're looking for opcodes |
| obnoxious 30. Jul 2009 | it will be big time bruteforcing or a very very very good guessing session :) |
| qpt^J Author 30. Jul 2009 | obnoxious algorith for serial is very very very simple :) |
| kilobyte.asm 30. Jul 2009 | no need for bruteforcing....just very good guessing session, i wouldn't call it guessing if you look through the code you can make some educated guess as to what sequences go where anyways just a hint :/ that are two functions that are never called, and i believe one of them is the serial checking routine. If you look at the activation string it starts and ends with a 6, so we can assume that it is a pushad/popad, just use careful analysis and *educated* guesses. look out for push/pops and conditional jumps etc. |
| kilobyte.asm 30. Jul 2009 | one more hint, won't reveal too much, just how you should think about things. Think about how the serial checking routine would go. GetDlgItemTextA, checks etc, call calculate serial, lstrcmp (Already imported), goodboy,badboy etc, cleanup, exit. Don't assume that code is aligned. hopefully this is help and i haven't given incorrect hints :/ :P. |
| kilobyte.asm 30. Jul 2009 | take hints at own risk :P, i've just noticed some minor mistakes, anyways i'll stop talking now. |
| obnoxious 30. Jul 2009 | have you finished it @kilobyte.asm i will wait for the tut then. :P |
| kilobyte.asm 30. Jul 2009 | not yet, still at the edcuated guesses stage, will write if somebody doesn't and/or if somebody does but my methods are different. |
| qpt^J Author 30. Jul 2009 | kilobyte.asm your method is write, just continue guessing |
| Vallani 30. Jul 2009 | Hello qpt^J, maybe you are able and willingly to answer this simple question: Is there some umhh...hint in this CrackMe for the routine we are expected to restore, in addition to the first half byte of each dword and the included functions, which are seemingly not usedt? |
| Vallani 30. Jul 2009 | Or is this designed as a opcode puzzle :) ? |
| cobrasniper555 30. Jul 2009 | @kilobyte.asm, I know what you mean with the guessing part but you also misunderstood the bruteforcing part. Assuming the first dword or so of the procedure would be the correct way to finding the bytes that are supposed to be in the activation code. However, a bruteforcing method is what I thought I saw fit for finding the right characters in the activation code from the morphed code. Check out this crackme for a similar approach: http://crackmes.de/users/sharpe/unlockme_crackme_8_by_sharpe/ |
| tamaroth Moderator 03. Aug 2009 | Ok, so i've done some part of it. need to finish off the puzzle you left, though it's kind of hard to guess what you put there. Nevretheless you could put SEH just before it's execution to prevent crackme from crashing everytime i enter wrong serial. hopefully keygen and most importantly activation code soon :) |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.