View previous topic :: View next topic |
Author |
Message |
haha01haha01 Grandmaster Cheater Supreme Reputation: 0
Joined: 15 Jun 2007 Posts: 1233 Location: http://www.SaviourFagFails.com/
|
Posted: Mon Aug 06, 2007 9:14 am Post subject: |
|
|
im not a lady.
and besides do u think im having fun wasting my time on fighting with that guy?
im sooo close to crack that crackme (fix:alredy cracked it, now i try to find PW)
|
|
Back to top |
|
|
Cx Master Cheater Reputation: 0
Joined: 27 Jul 2007 Posts: 367
|
Posted: Mon Aug 06, 2007 10:35 am Post subject: |
|
|
lul.
The patch is pretty easy. I didn't do any spaghetti or annoying goto's to pointless code.
Straightforward, text decryption for tracing and simple math for password.
_________________
armed with this small butterfly net
i will face the world alone
& never be lonely. |
|
Back to top |
|
|
haha01haha01 Grandmaster Cheater Supreme Reputation: 0
Joined: 15 Jun 2007 Posts: 1233 Location: http://www.SaviourFagFails.com/
|
Posted: Tue Aug 07, 2007 12:13 am Post subject: |
|
|
"spaghetti" is how u call the programs that write the worng msg in a loop that each time it add another letter?
|
|
Back to top |
|
|
xarchelo Cheater Reputation: 0
Joined: 16 Jun 2007 Posts: 31
|
Posted: Tue Aug 07, 2007 12:48 am Post subject: |
|
|
took me 3 mins.
patched at
Code: |
004010F1 75 56 JNZ 0040149
| change the JNZ to JE
to do this go to adress 004010F1 and right click it,
bynary, edit, change 75 56 to 74 56 press ok olly does the rest.
|
|
Back to top |
|
|
Zombi3 Expert Cheater Reputation: 0
Joined: 02 Aug 2007 Posts: 144
|
Posted: Tue Aug 07, 2007 2:24 am Post subject: |
|
|
xarchelo wrote: | took me 3 mins.
patched at
Code: |
004010F1 75 56 JNZ 0040149
| change the JNZ to JE
to do this go to adress 004010F1 and right click it,
bynary, edit, change 75 56 to 74 56 press ok olly does the rest. |
O RLY ?
|
|
Back to top |
|
|
haha01haha01 Grandmaster Cheater Supreme Reputation: 0
Joined: 15 Jun 2007 Posts: 1233 Location: http://www.SaviourFagFails.com/
|
Posted: Tue Aug 07, 2007 3:02 am Post subject: |
|
|
xarchelo wrote: | took me 3 mins.
patched at
Code: |
004010F1 75 56 JNZ 0040149
| change the JNZ to JE
to do this go to adress 004010F1 and right click it,
bynary, edit, change 75 56 to 74 56 press ok olly does the rest. |
u didnt patch it u reversed it.
the correct password wont work with ur patch.
and y to edit binary? double click on the address olly let u modify it. just nop that line.
the real thing is to find the pass... patching is easy.
edit:found the pass!!!!!!!!!!!!!! its 1330!!!!!! ill now explain how the algorithm works:
Code: | 004010D2 |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-4]
004010D5 |. 83C2 0A ADD EDX,0A
004010D8 |. 8955 FC MOV DWORD PTR SS:[EBP-4],EDX
004010DB |. 8B45 C0 MOV EAX,DWORD PTR SS:[EBP-40]
004010DE |. 83C0 03 ADD EAX,3
004010E1 |. 8945 C0 MOV DWORD PTR SS:[EBP-40],EAX
004010E4 |. 8B4D FC MOV ECX,DWORD PTR SS:[EBP-4]
004010E7 |. 334D C0 XOR ECX,DWORD PTR SS:[EBP-40]
004010EA |. 894D FC MOV DWORD PTR SS:[EBP-4],ECX
004010ED |. 837D FC 00 CMP DWORD PTR SS:[EBP-4],0
004010F1 75 56 JNZ SHORT crackcoc.00401149 |
step1: the code take what u entered and add A to it. (10)
step2:the algorithm take the number 539 (its always the same num) and add 3 to it so it will become 53c.
step3:now the algorithm xor 53c with the number u entered.
if the result is 0 it jump to a spaghetti code where u get the win msg.
so the only thing i had to do is take 53c, substract a from it, and comvert it to DEC. and the result: 1330
|
|
Back to top |
|
|
Zombi3 Expert Cheater Reputation: 0
Joined: 02 Aug 2007 Posts: 144
|
Posted: Tue Aug 07, 2007 3:55 am Post subject: |
|
|
Nice
|
|
Back to top |
|
|
Cx Master Cheater Reputation: 0
Joined: 27 Jul 2007 Posts: 367
|
Posted: Tue Aug 07, 2007 7:19 am Post subject: |
|
|
Well done "haha" (but the fact that "xar" posted the patch address made it much easier to find the password).
_________________
armed with this small butterfly net
i will face the world alone
& never be lonely. |
|
Back to top |
|
|
haha01haha01 Grandmaster Cheater Supreme Reputation: 0
Joined: 15 Jun 2007 Posts: 1233 Location: http://www.SaviourFagFails.com/
|
Posted: Tue Aug 07, 2007 7:39 am Post subject: |
|
|
wtf.
i found it b4 him.
|
|
Back to top |
|
|
xarchelo Cheater Reputation: 0
Joined: 16 Jun 2007 Posts: 31
|
Posted: Tue Aug 07, 2007 10:47 am Post subject: |
|
|
haha01haha01 wrote: | wtf.
i found it b4 him. |
Right and that is why you were stuck btw who wants to put in the right pass?
and it did take me 3 mins
btw i reversed it only because if it was a real program it might detect that some of the code was removed when I try to update it. So I just reverse it so that I can reverse it again whenever I want to.
btw I did come up with 1330 but when I entered it, it said wrong. I must've forgot that I reversed it.
p.s hahaha why did it take you so long to figure out the pass?
+rep for trying so hard now ur back to 0 lol
|
|
Back to top |
|
|
haha01haha01 Grandmaster Cheater Supreme Reputation: 0
Joined: 15 Jun 2007 Posts: 1233 Location: http://www.SaviourFagFails.com/
|
Posted: Tue Aug 07, 2007 11:08 am Post subject: |
|
|
its my first time i see that type of code. i usually cracked crackmes that are on plain text or the pass is hidden by a register but bp can show u the pass.
and btw if u will ever try to crack a REAL program ull see that patching wont work. it will say the pass was right but then when u enter the program again it forget that u "registered" it.
|
|
Back to top |
|
|
xarchelo Cheater Reputation: 0
Joined: 16 Jun 2007 Posts: 31
|
Posted: Tue Aug 07, 2007 11:16 am Post subject: |
|
|
lol you should know ollydbg doesnt make permanent changes...
if I use hiew (hex editor) and make the change permanent the program will remember I entered the right pass... you really dont know much do you?
|
|
Back to top |
|
|
haha01haha01 Grandmaster Cheater Supreme Reputation: 0
Joined: 15 Jun 2007 Posts: 1233 Location: http://www.SaviourFagFails.com/
|
Posted: Tue Aug 07, 2007 11:38 am Post subject: |
|
|
nop.
im a beginner.
|
|
Back to top |
|
|
1320playa Advanced Cheater Reputation: 0
Joined: 29 May 2006 Posts: 64
|
Posted: Tue Aug 07, 2007 11:41 am Post subject: |
|
|
This is a toughy...=/
_________________
www.hottwarez.com
Goodbye, See ya soon. Remember have a good time cheating.=]
-1320playa out |
|
Back to top |
|
|
Cx Master Cheater Reputation: 0
Joined: 27 Jul 2007 Posts: 367
|
Posted: Tue Aug 07, 2007 12:30 pm Post subject: |
|
|
xarchelo wrote: | lol you should know ollydbg doesnt make permanent changes...
if I use hiew (hex editor) and make the change permanent the program will remember I entered the right pass... you really dont know much do you? |
YOU don't really know that much.
1) Jump inversions are idiotic, you should have simply nop'd or jmp'd it. Would have also saved you the idiotic move of 1330=wrong.
2) OllyDbg can make permanent changes.
_________________
armed with this small butterfly net
i will face the world alone
& never be lonely. |
|
Back to top |
|
|
|