
warrantyVoider's keyfile
Download crackme.zip, 14 kb (password: crackmes.de) Browse contents of crackme.zip Your task is to create a correct keyfile.
Difficulty: 3 - Getting harder | Send a message to warrantyVoider » View profile of warrantyVoider » |
Solutions
Solution by Requiem, published 29. oct, 2005; download (43 kb), password: crackmes.de or browse.
Requiem has rated this crackme as quite nice.
Discussion and comments
Ox87k 04. Sep 2005 | use the CryptCreateHash and other Crypt's call in the advapi32.dll, right? It's so complicated for me because it's my first crypto crackme... :| |
---|---|
_HellDashX_ 04. Sep 2005 | This crackme uses MD5 hash. You can found it if use PEiD, is easy, :) But, one thing in the crackme is a little more difficult |
warrantyVoider Author 04. Sep 2005 | Ox87k, the md5 part is easier than it seems, you might find this website useful: http://gdataonline.com/seekhash.php |
Oorja-HalT 04. Sep 2005 | Well i am surprised MD5 and all that. The key file i have contains just a simple string and the message keyfile accepted |
Oorja-HalT 04. Sep 2005 | Well i am surprised MD5 and all that. The key file i have contains just a simple string and it generates the message keyfile accepted |
Ox87k 04. Sep 2005 | hum... but peid with krypto plugin don't tell me MD5. ^^' i'm so confused! btw, i try to keygen it... thanks for this keyfileme :) |
warrantyVoider Author 04. Sep 2005 | Oorja-HalT, does your simple keyfile still work when you are not using a debugger? |
Oorja-HalT 05. Sep 2005 | yes it does with debugger loaded/unloaded BTW i tried in win98 .Does that effect I have the keyfile details in your PM |
warrantyVoider Author 05. Sep 2005 | LOL, Oorja-HalT, now this explains everything. The crackme is flagged "Windows 2000/XP only" for a reason. The santa claus thing is a joke. The logic is "if (debuggerpresent()) checkForSanta() else checkForRealKeyfile()". The debuggerCheck was made for w2k/xp and caused "undefined behaviour" or W98. It could have crashed/whatever, but in your case it caused a false positive, so you were stuck with santa. Sorry. Maybe next time I should check the OS version... |
Oorja-HalT 05. Sep 2005 | Yeah thats it then. And i was a bit surprised because yoour earlier crackmes were quite difficult and compared to thta it cant be such a sweet walk over. But wait I tried the crackme in WinXP and it works .Besides i dont have debugger in WinXP. So maybe your intention was as you mentioned but its not working as you have desired. Besides why its giving the keyfile accepted message. |
Ox87k 05. Sep 2005 | @Oorja-HalT why don't try olly? Btw, this crackme make me crazy, but only because i hate crypto.. uff... :) |
Oorja-HalT 06. Sep 2005 | What i meant is 0X87 I am not using debugger in winXP Therefore if (debuggerpresent()) checkForSanta() else checkForRealKeyfile()" should check for realkeyfile And if the key file is Santa then it should generate wrong message but it is not So debuggerpresent check is failing |
warrantyVoider Author 06. Sep 2005 | Ok, Oorja-HalT, sorry, I have no clue whatsovever why it gives false positive on your machine. I just tested this on W2K and 2 different XP flavours and it works fine. The debugger detection is between 4016D7 and (including) 4016EC, so anybody having problems with it please just overwrite that part with NOPs. If anyone else has problems or is stuck just PM me. |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.