downloadbrowsexiayuanzhong's CrackMe(HardestShell)20110404

Download CrackMe20110403.zip, 129 kb (password: crackmes.de)
Browse contents of CrackMe20110403.zip

[Obsolete]
It's a Console Programm, but its shell is too hard to unpack. So Unpacking is the hardest!
If you unpack it successfully, you will see my email, and I want you to teach how to unpack it.
Thanks and Good Luck!~!
[\Obsolete]

Make a keygen!

Difficulty: 1 - Very easy, for newbies
Platform: Windows
Language: C/C++

Published: 23. Apr, 2011
Downloads: 632

Rating

Votes: 3
Crackme is quite bad.

Rate this crackme:

Send a message to xiayuanzhong »

View profile of xiayuanzhong »

Solutions

Solution by acruel, published 26. oct, 2015; download (1 kb), password: crackmes.de or browse.

acruel has not rated this crackme yet.

Submit your solution »

Discussion and comments

xiayuanzhong
Author
27. Apr 2011		It has no shell now, because the shell was thought to be a virus.
I had to unpack it, so it is pretty easy.
Axel.NET
15. Apr 2012		Hi my dear xiayuanzhong@126.com
Natrium
05. Jun 2012		Uhm okay http://epvpimg.com/SmPCf
xiayuanzhong
Author
05. Jul 2012		Need Keygen, cheer up, Matrium!~
Sl!ce
28. Jul 2012		NameLength = unknown_libname_19((int)&Name);
UnknownName = NameLength + 4;
PassLength = unknown_libname_19((int)&Password);
if ( UnknownName == PassLength )
break;
POSTERROR();
}
for ( i = 0; i < NameLength; ++i )
{
v27 = 1;
NameIntData = _ZNSsixEj(&Name, i);
Length = NameLength - i - 1;
CheckIntData = _ZNSsixEj(&Password, Length);
if ( *(_BYTE *)NameIntData != *(_BYTE *)CheckIntData )
{
v6 = CharPlusTen(-1);
v34 = CharMinusTen(v6);
POSTERROR();
break;
}
}
Length = NameLength + 3;
v27 = 1;
if ( *(_BYTE *)_ZNSsixEj(&Password, Length) != 122 )
{
v7 = CharPlusTen(-1);
v34 = CharMinusTen(v7);
}
v27 = 1;
if ( *(_BYTE *)_ZNSsixEj(&Password, NameLength) != 95 )
{
v8 = CharPlusTen(-1);
v34 = CharMinusTen(v8);
}
Length = NameLength + 1;
v27 = 1;
if ( *(_BYTE *)_ZNSsixEj(&Password, Length) != 120 )
{
v9 = CharPlusTen(-1);
v34 = CharMinusTen(v9);
}
Length = NameLength + 2;
v27 = 1;
if ( *(_BYTE *)_ZNSsixEj(&Password, Length) != 121 )
{
v10 = CharPlusTen(-1);
v34 = CharMinusTen(v10);
}
v27 = 1;
v11 = CharPlusTen(v34);
v22 = CharMinusTen(v11);
v12 = CharPlusTen(0);
v13 = CharMinusTen(v12);
}
while ( v22 <= v13 );
v14 = CharPlusTen(v34);
v21 = CharMinusTen(v14);
v15 = CharPlusTen(0);
v16 = CharMinusTen(v15);
if ( v21 > v16 )
POSTSUCCESS();


What i've got so far, makes not really sense for me
adding 10 and subtracting it again in the next line?
Why used the Password when you need the Name?

*(_BYTE *)_ZNSsixEj(&Password, Length)
is something like
Password[Length]
i think.
dohuff
06. Dec 2014		i have done it, nice one!
my user: abcde
correct password: can i post it?
simple algo but needs time
i was confused a bit because everything is in the stack and i can't rename addresses
example:
mov eax, 0012345 --> mov eax,<crackme.user>
but with mov eax,[EBP-28] i can't rename to see "user"
Shivajitheboss
14. Oct 2015		i was able to patch it. Can be patched easily. :P I dont have that much smart brain to crack it :(
acruel
17. Oct 2015		Done in 15 minutes. I'm going to post a solution.

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.