Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


CrackMe pl0x :D

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes
View previous topic :: View next topic  
Author Message
Stylo
Grandmaster Cheater Supreme
Reputation: 3

Joined: 16 May 2007
Posts: 1073
Location: Israel
PostPosted: Sat Dec 11, 2010 5:03 am    Post subject: CrackMe pl0x :D Reply with quote
Well hi there.
this is some crackme i created a while ago
level is somewhere between easy ~ medium

well good luck
http://www.mediafire.com/?gnz7sq72dz54f7a
_________________
Stylo
Back to top
View user's profile Send private message
Deltron Z
Expert Cheater
Reputation: 1

Joined: 14 Jun 2009
Posts: 164
PostPosted: Sat Dec 11, 2010 7:23 am    Post subject: Reply with quote
Really? I love them too!!! Razz Razz
Back to top
View user's profile Send private message
Stylo
Grandmaster Cheater Supreme
Reputation: 3

Joined: 16 May 2007
Posts: 1073
Location: Israel
PostPosted: Sat Dec 11, 2010 7:27 am    Post subject: Reply with quote
Haha Very Happy
nice one
_________________
Stylo
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8517
Location: 127.0.0.1
PostPosted: Sun Dec 12, 2010 1:12 pm    Post subject: Reply with quote
Some inline ASM from the looks of it to pull certain information. Some indirect math to throw people off too I assume?

// Gets the PEB pointer.
Code:

012910EC  |. 64:A1 18000000 MOV EAX,DWORD PTR FS:[18]
012910F2  |. 8BD8           MOV EBX,EAX
012910F4  |. 83C3 2F        ADD EBX,2F
012910F7  |. 90             NOP
012910F8  |. 43             INC EBX
012910F9  |. 8B03           MOV EAX,DWORD PTR DS:[EBX]


// Gets the debug flag from PEB. (JNZ for debug detected message.)
Code:

012910FB  |. 3E:8A40 02     MOV AL,BYTE PTR DS:[EAX+2]
012910FF  |. 83E0 0F        AND EAX,0F
01291102  |. 8985 D0FEFFFF  MOV DWORD PTR SS:[EBP-130],EAX
01291108  |. FF8D D0FEFFFF  DEC DWORD PTR SS:[EBP-130]
0129110E  |. 75 45          JNZ SHORT CrackMe.01291155


Encoded password: fc@YJc@AHN\|X@]K

// Password check is just an xor so just xor it again to get the password:
Code:

01161191  |> 3E:8A03        /MOV AL,BYTE PTR DS:[EBX]
01161194  |. 84C0           |TEST AL,AL
01161196  |. 74 12          |JE SHORT CrackMe.011611AA
01161198  |. 34 2F          |XOR AL,2F
0116119A  |. 3E:3A01        |CMP AL,BYTE PTR DS:[ECX]
0116119D  |. 75 04          |JNZ SHORT CrackMe.011611A3
0116119F  |. 43             |INC EBX
011611A0  |. 41             |INC ECX
011611A1  |.^EB EE          \JMP SHORT CrackMe.01161191


Password: ILoveLongPasSword
_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Stylo
Grandmaster Cheater Supreme
Reputation: 3

Joined: 16 May 2007
Posts: 1073
Location: Israel
PostPosted: Mon Dec 13, 2010 12:40 am    Post subject: Reply with quote
Good one Wiccan Smile
but i said it is an easy to medium
i'll try to think of more difficult ways
I'm pretty much new to reversing
_________________
Stylo
Back to top
View user's profile Send private message
Deltron Z
Expert Cheater
Reputation: 1

Joined: 14 Jun 2009
Posts: 164
PostPosted: Mon Dec 13, 2010 11:45 am    Post subject: Reply with quote
For start, make sure your CrackMe can't be self-keygenned, or at least make it a little more difficault to.
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8517
Location: 127.0.0.1
PostPosted: Mon Dec 13, 2010 7:04 pm    Post subject: Reply with quote
Stylo wrote:
Good one Wiccan Smile
but i said it is an easy to medium
i'll try to think of more difficult ways
I'm pretty much new to reversing


No worries.

Small math tricks like you did in the TEB/PEB reading for the debug flag is a plus, some may overlook the increments or not even notice them if they browse too fast and think the block of code is something else.
_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites