Sashx41's AntiOlly #1
| Download AntiOlly.zip, 6 kb (password: crackmes.de) Browse contents of AntiOlly.zip Let this small app work fine(!) with Ollydbg. Do not change any jumpcommands, patch the code as less as you can to lead it to the good message.
Difficulty: 3 - Getting harder | RatingWaiting for at least 3 votes View profile of Sashx41 » |
Solutions
Solution by macduff, published 19. feb, 2009; download (9 kb), password: crackmes.de or browse.
macduff has rated this crackme as quite nice.
Discussion and comments
| br0ken 19. Jan 2009 | Doesn't run here. (xpsp3) |
|---|---|
| WinFan 19. Jan 2009 | AntiVir detects a virus ^^ |
| Sashx41 Author 19. Jan 2009 | My detected it too, its heuristik isn't allways right :p (The reason is because 1 Olly annoying method.) |
| shellwolf 20. Jan 2009 | Doesn't run here too. But it seems a easy one by disasm. 1.Isdebugpresent, 2.gettickcount 3.findwindows("OllyDbg") 4.numofRvaAndSizes is changed .(most virus does this) |
| Bswap 21. Jan 2009 | When I use a olly-plugin like "Olly Advanged" the protection is no problem at all (debugger is not detected). |
| simonzack Moderator 22. Jan 2009 | based on shellwolf's description, olly advanced bypasses all of those... I think this one is loads easier than the last anti-olly, maybe level 2... |
| Sashx41 Author 22. Jan 2009 | I thought it's sure to not use such plugins... :/ |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.