downloadbrowsevptrlx's Magic mirror

Download Magic_Mirror[vptrlx].zip, 244 kb (password: crackmes.de)
Browse contents of Magic_Mirror[vptrlx].zip

I don't know how difficult it is, but i believe it's not obvious and a little bit tricky one.
The best solution must be the name/key pair.
And, this one wants a lot of your resources, so you better don't try to solve it while running something else :)
/*I guess, that with everything closed it must be ok everywhere - it worked correct even on the old 633Mhz Celeron*/

So, as it is said, close all other programs and crack it! ;)
Good luck!

Cheers,
vptrlx.

Difficulty: 4 - Needs special knowledge
Platform: Windows
Language: Borland Delphi

Published: 16. Jul, 2010
Downloads: 306

Rating

Waiting for at least 3 votes
(we have only 2).

Rate this crackme:

Send a message to vptrlx »

View profile of vptrlx »

Solutions

There are no solutions to this crackme yet. Have you solved it? Please write a tutorial and submit it here!

Submit your solution »

Discussion and comments

vptrlx
Author
02. Aug 2010		Well, colleagues :) I know it's not very easy, but does anyone try something? It keeps being unsolved for a long time -- why?
r-Evolution
05. Sep 2010		The one with the animation makes things more complicated!!!!
vptrlx
Author
07. Sep 2010		r-Evolution, did you intend to see a usual messagebox? :) Tried to make it look pretty :)
vptrlx
Author
07. Sep 2010		/*the ui part was written about 4 years ago, this is the oldest part of the code*/
r-Evolution
09. Sep 2010		I don't disagree it's really beautiful but it makes things complicated.if it had a messagebox called with a function to MessageBoxA it would be easy to be found the routine to the algorithm of comparison between name+serial and name+real serial.I checked the code.it gave me a headache :P
r-Evolution
09. Sep 2010		Btw I tried call stack backtracing too many calls with the animation.I am thinking to try something tomorow.but if I solve it first you will give me the source :) deal???
freesoul
09. Sep 2010		r-Evolution... if you had hard to find the check routine, then the check routine itself will rape your brain xD
vptrlx
Author
10. Sep 2010		Actually, the wrong-serial-animation-routine can be easily found (btw the right-serial-animation-routine also isn't hard to see). But the way it's called.... :)
freesoul
12. Sep 2010		Well I really don't know how the crackme worked for you vptrlx: I modified the crackme to see the output of the modified DWORDS on the algorithm (via messagebox) and in runtime w/o bps I get different outputs. So I think this is not reversible.
My pc has 3 GHz 3 GB ram, running only your app :S
vptrlx
Author
13. Sep 2010		it is reversible, but if you include messagebox (or any other operation taking more than 25ms :-P) you will get "a very random everything" :) Algo has to be analyzed in another way. After you know the "inside" of the algo you'll see that it works as i expect in the absolute majority of cases. And for the left minority i recommend closing all other applications.
freesoul
13. Sep 2010		No, the messagebox is just after the algo, and I get different outputs... ^^ Okey.. I'll suposse how it have to work and try to keygen for majority of cases ! :P
vptrlx
Author
14. Sep 2010		it's hard to determine the "just end of the algo", because the value you are talking about keeps being updated for a noticable time after the work with it is finished; it may have any random value after i give up watching it.
vptrlx
Author
24. Dec 2010		hey, freesoul! hey, anybody?! :)
draww
24. Dec 2010		hey vptrlx.. i just saw this one. at first everything is clear. how the name & serial are used (conversions, operations)

00453A18 /. 55 PUSH EBP ; kubok (success)
00453BFC 55 PUSH EBP ; jazyk (failure)
00454CA4 $ 55 PUSH EBP ; check function

an then two threads running in THREAD_PRIORITY_HIGHEST that's why it needs so much resources (400 cycles?)

it's Slovak right? kubok = cup, jazyk = tongue :P

etc. etc. maybe i talked too much :O
vptrlx
Author
24. Dec 2010		hi draww!
it's russian :) These function names in russian and the whole interface part code look so ugly now (as common for 5-year-old code), but it works and i preferred just not to touch it, even didn't try to hide this cup and tongue routines :P

And THREAD_PRIORITY_HIGHEST is just a small attempt to get so max time as possible, which is needed.
draww
25. Dec 2010		yep russian, after i wrote the message, that was my second guess :) you'r right, the code is still good..

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.