znycuk's cracKme#3
| Download CrackMe#3.zip, 65 kb (password: crackmes.de) Browse contents of CrackMe#3.zip Hi,
Difficulty: 3 - Getting harder | RatingWaiting for at least 3 votes View profile of znycuk » |
Solutions
Solution by aallove, published 25. jun, 2006; download (10 kb), password: crackmes.de or browse.
aallove has not rated this crackme yet.
Discussion and comments
| Ox87k 17. Jun 2006 | very g0od j0b man! ;) The AntiDebug tricks make the code a really jungle! I find the serial for my name, i try to understand how to make it. Thanks! |
|---|---|
| znycuk Author 17. Jun 2006 | thanx Ox87k, yes, serial fishing is really easy on this one... But a keygen is required ;) |
| Ox87k 17. Jun 2006 | the only think.. i find some difficult to unpack it, i'm working on packed exe :( |
| l0calh0st 17. Jun 2006 | Good work znycuk....i think it can be keygenned without unpacking?? |
| Ank83 17. Jun 2006 | Hi When I try to download it, Kaspersky says that this is a visus infected file. Is it safe to download it ? Best Regards Ank83 |
| HMX0101 17. Jun 2006 | I can't unpack it!, some hints? |
| znycuk Author 17. Jun 2006 | @Ank83 Yes, Fsecure have also false positive on it, it is surely because some parts of the code comes from vxers world... But don't be afraid, it's really just a crackme :) @HMX0101 Well, in this one i've most worked on the packer, than the crackme itself, And anti-unpacking was an aim ;) |
| haggar 17. Jun 2006 | Crushes on my WinXP SP2, exception address 4232cf it's memory violation 0xc0000005. |
| Ox87k 17. Jun 2006 | the keygen isn't very hard... the main problem (if u want to unpack it) is unpacking... some hints for this plz? :) |
| Ank83 17. Jun 2006 | haggar in Olly you got to set to ignore custom exception with the range of c0000005. I think this will help Regards Ank83 |
| znycuk Author 17. Jun 2006 | @haggar Does it crash without any modification ? I mean: does it crash when you launch it normally ? Cos i've coded and tested it under WinXP pro SP2. @Ox87k Normally you cannot rebuild import automagically... So you have to do it manually... But i'm still a newbie in RCE world, so maybe an automatic process for import reconstruction is feasible... |
| HMX0101 17. Jun 2006 | It crash if you have changed the NumsOfRvaAndSizes |
| znycuk Author 17. Jun 2006 | in this case, it's normal behavior ;) |
| Ox87k 17. Jun 2006 | if i change the NumsOfRvaAndSizes and set it to 10 in my case the crackme crashs! :| |
| znycuk Author 17. Jun 2006 | As i have said, it is normal behavior... If you change NumsOfRvaAndSizes, the inspect the code section and make your conclusion ;) |
| HMX0101 17. Jun 2006 | i can't find the oep... somebody can help me? |
| red477 18. Jun 2006 | Oh,very nice crackme,znycuk.Will look into it:D |
| Ox87k 18. Jun 2006 | @hmx0101 this packer was made "in house" by znycuk. Usually the oep of a prg is 00401000. But why it would haven't to be also in this case?? :D |
| haggar 18. Jun 2006 | I just extract it from archive and on double click exe crushed with msg from Dr.Watson. Then I opened it in Olly and sow that it's packed/protected. There is no point to try find bug/error in packed crackme. |
| znycuk Author 18. Jun 2006 | hum so it crashes in the loader code... i will check this, but i also use XP SP2 (Home and PRO edition) and it doesn't crash... |
| haggar 19. Jun 2006 | Well, shit happens, you know :-) |
| znycuk Author 24. Jun 2006 | Anybody has submitted a solution ? |
| Zaphod 16. Sep 2007 | znucyk, I took your good advice from CrackMe#4 and looked at this one instead. I didn't want to look at aallove's solution right away, so I tried to unpack it myself. I got much farther than with CrakMe#4, I have ALMOST unpacked it now. My dump.exe apparently works in every way except when I quit it. Then there is an exception. Well, I'll have a look at aallove's solution now... |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.