SubmiN|KinG's KeygenMe No.4
| Download n00b-keygenmeno4.zip, 220 kb (password: crackmes.de) Browse contents of n00b-keygenmeno4.zip KeygenMe No.4 by n00b README:
Difficulty: 4 - Needs special knowledge | Send a message to SubmiN|KinG » View profile of SubmiN|KinG » |
Solutions
Solution by bundy, published 18. mar, 2007; download (74 kb), password: crackmes.de or browse.
bundy has rated this crackme as nothing special.
Discussion and comments
| HMX0101 10. Mar 2007 | Hmm, a little tricky but easy :p but i think it must be 2/10 ;) |
|---|---|
| bundy 10. Mar 2007 | I agree - it's easy, but I think some newbies could still see it difficult (although - what's hard on serial fishing? ;) -> self-keygen) |
| Ox87k 10. Mar 2007 | i guess n00b doesn't want a self-keygen but a keygen... ;) |
| HMX0101 16. Mar 2007 | I've created a keygen for this one some time ago, but i was lazy to write a solution :p bundy, good job and i hope it can be accepted anyway if isn't accepted i going to put my hands on notepad :D |
| SubmiN|KinG Author 17. Mar 2007 | good work HMX0101 ;)) Loved your keygen :=) |
| bundy 17. Mar 2007 | funny .. where did my comment disappear? ELFZ, it happened already twice this month :( |
| Ox87k 18. Mar 2007 | ot: ELFZ Last seen: 30. Jan, 2007 @.@' |
| zairon Moderator 18. Mar 2007 | bundy, I removed your comment. Check pm for a private talk :) |
| HMX0101 18. Mar 2007 | bundy, good solution but you said something that's not completely right... ----- Copied from bundy solution ----- 0045AEBA lea edx,[local.4] 0045AEBD mov eax,[local.4] 0045AEC0 call 004581E8 ; ????? Really ?????. The purpose of this call was to convert this base64 string to base 2 string - but due to a bug?! it always returns: "110100110100110100110100110100110100" ----- Copied from bundy solution ----- It only return "110100110100110100110100110100110100" when name length is 4,5,6... else it return "110100110100110100110100110100110101", check it out yourself ;) This part fucked me a moment, but when i tested different names with different length i've realized it :D And yeah... its a bug.. maybe ConvertBase64to2 function modified? don't know but all is possible ;) |
| bundy 18. Mar 2007 | I think that it is NOT dependent on length of name. The parameter to this call is base64 string of name hash (which is fixed length). In the call there is this: 0045822D |>mov edx,0FF 00458232 |>call <initialize6> 00458237 |>mov eax,[local.257] ; "000000" 0045823D |>call LStrLen 00458242 |>mov ebx,eax The LStrLen call takes as parameter the string "000000" which is fixed also. This string is then converted to base2 string. PS: I've tried many different length serials, all of them worked. Could you write me an example name when it returns this other string? |
| HMX0101 18. Mar 2007 | Try my keygen, plz: http://hmx0101.googlepages.com/kg4n00b-keygen.rar Anyway, i tested my keygen with a lot of names of different lengths and it worked, don't know why all name you tested are good :/ Some examples: My keygen: -------------- ABC/0236-D7FD-a8 crackmes.de/5178-255D-2f Keygenme/7D14-8BC4-90 Your keygen: -------------- ABC/C130-7C6D-e1 crackmes.de/589B-6EE7-22 Keygenme/C4C6-B7B1-61 :P |
| bundy 19. Mar 2007 | You are right - there's something strange happening. I've tried the examples you wrote (also your keygen - nice banner btw). The first two examples - my keygen works as expected - correctly (:) at least on this machine?!). The third example "Keygenme" is the tricky one. On the very first press to "Is it correct?" button your serial works ... on later checks my serial works. Could you please check if your serial for "Keygenme" works on each click to check button? If yes, maybe this is somehow machine dependent. |
| HMX0101 19. Mar 2007 | Yeah, it works on each click.... maybe n00b put something in it that can't be threat easily :/, maybe it deals with ConvertBase64to2 modified :( |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.