Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[CrackMe]void's REMIX 1A
Goto page 1, 2  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes
View previous topic :: View next topic  
Author Message
voidREMIX
Newbie cheater
Reputation: 0

Joined: 22 Aug 2007
Posts: 18

PostPosted: Wed Aug 22, 2007 8:19 pm    Post subject: [CrackMe]void's REMIX 1A Reply with quote

Obfuscation: High

Smile This is just taste of the new crack me thats about to come. Just testing some anti debug tricks.


Patching is allowed. I rather you find the password then patch :/
Back to top
View user's profile Send private message
zart
Master Cheater
Reputation: 0

Joined: 20 Aug 2007
Posts: 351
Location: russia

PostPosted: Wed Aug 22, 2007 8:23 pm    Post subject: Reply with quote

i'll try this in the morn Wink
_________________
0x7A 0x61 0x72 0x74

TEAM RESURRECTiON
Back to top
View user's profile Send private message
voidREMIX
Newbie cheater
Reputation: 0

Joined: 22 Aug 2007
Posts: 18

PostPosted: Wed Aug 22, 2007 10:52 pm    Post subject: Reply with quote

Bump
Back to top
View user's profile Send private message
slippppppppp
Grandmaster Cheater
Reputation: 0

Joined: 08 Aug 2006
Posts: 929

PostPosted: Wed Aug 22, 2007 10:55 pm    Post subject: Reply with quote

took me 5 seconds =P

00401161 : Push voidsrem.00409060
Back to top
View user's profile Send private message AIM Address MSN Messenger
voidREMIX
Newbie cheater
Reputation: 0

Joined: 22 Aug 2007
Posts: 18

PostPosted: Wed Aug 22, 2007 11:29 pm    Post subject: Reply with quote

Well thats a simple way of patching. I was thinking of changing jumps.
Back to top
View user's profile Send private message
SunBeam
I post too much
Reputation: 65

Joined: 25 Feb 2005
Posts: 4022
Location: Romania

PostPosted: Thu Aug 23, 2007 5:00 am    Post subject: Reply with quote

So far:

00401153 > /52 PUSH EDX
00401154 . |33D2 XOR EDX,EDX
00401156 . |BA 12000000 MOV EDX,12
0040115B . |83FA 12 CMP EDX,12
0040115E .^\75 F3 JNZ SHORT voidsRem.00401153
00401160 . 5A POP EDX
00401161 > 68 58904000 PUSH voidsRem.00409058 ; ASCII "Wrong"
00401166 . E8 6A020000 CALL voidsRem.004013D5
0040116B . 83C4 04 ADD ESP,4
0040116E . E9 71010000 JMP voidsRem.004012E4
00401173 > 68 60904000 PUSH voidsRem.00409060 ; ASCII "Win"
00401178 . E8 58020000 CALL voidsRem.004013D5
0040117D . 83C4 04 ADD ESP,4
00401180 . E9 5D010000 JMP voidsRem.004012E2
00401185 > 0C 80 OR AL,80
00401187 . 0C 70 OR AL,70
00401189 . 0C 60 OR AL,60
0040118B . 0C 50 OR AL,50
0040118D . 0C 40 OR AL,40
0040118F . 0C 30 OR AL,30
00401191 . 0C 20 OR AL,20
00401193 . 0C 10 OR AL,10
00401195 . 0C 00 OR AL,0
00401197 . 68 50134000 PUSH voidsRem.00401350
0040119C . 68 A0904000 PUSH voidsRem.004090A0 ; ASCII "Enter"

Looks pretty obvious Wink Poke around the ORs Very Happy

Here's the pattern:

00401148 . A3 68904000 MOV DWORD PTR DS:[409068],EAX
0040114D . 58 POP EAX
0040114E . E9 93010000 JMP voidsRem.004012E6
......
004012E6 >^\E9 9AFEFFFF JMP voidsRem.00401185
......
00401185 > /0C 80 OR AL,80
00401187 . |0C 70 OR AL,70
00401189 . |0C 60 OR AL,60
0040118B . |0C 50 OR AL,50
0040118D . |0C 40 OR AL,40
0040118F . |0C 30 OR AL,30
00401191 . |0C 20 OR AL,20
00401193 . |0C 10 OR AL,10
00401195 . |0C 00 OR AL,0

I suggest you take it backwards from 401195 up to 401185 to decode EAX Very Happy Be back later, for now it's BEACH time for me Razz
Back to top
View user's profile Send private message
Symbol
I'm a spammer
Reputation: 0

Joined: 18 Apr 2007
Posts: 5094
Location: Israel.

PostPosted: Thu Aug 23, 2007 5:08 am    Post subject: Reply with quote

oh yea is that ascii? :O
i never thought about it, im still learning from lena's tutorials i guess i havent learned this yet...
thats... PF<2(6t O_O
and its wrong... so yea im a complete failure at cracking =P
ill look at the code some more
oh yea i found the jmp to win, but it test register with itself and then je so i dont understand how can it jmp without patching O_o
or can it...?
Back to top
View user's profile Send private message
voidREMIX
Newbie cheater
Reputation: 0

Joined: 22 Aug 2007
Posts: 18

PostPosted: Thu Aug 23, 2007 9:50 am    Post subject: Reply with quote

;D Sunbeam fell into my trap!


@Symbol
Code:
0040115E   .^75 F3          JNZ SHORT voidsRem.00401153
That is not the jump lol.
Back to top
View user's profile Send private message
SunBeam
I post too much
Reputation: 65

Joined: 25 Feb 2005
Posts: 4022
Location: Romania

PostPosted: Thu Aug 23, 2007 1:21 pm    Post subject: Reply with quote

I glanced at it. Didn't fall into the trap. Chillax Wink Too bad you had to "explain" yourself Very Happy
Back to top
View user's profile Send private message
DeletedUser14087
I post too much
Reputation: 2

Joined: 21 Jun 2006
Posts: 3069

PostPosted: Thu Aug 23, 2007 1:38 pm    Post subject: Reply with quote

SunBeam wrote:
I glanced at it. Didn't fall into the trap. Chillax Wink Too bad you had to "explain" yourself Very Happy


Don't crack it until i do ! Very Happy

EDIT:

Wee........

P.S - Console's CrackMe sucks, no offence.
Back to top
View user's profile Send private message
voidREMIX
Newbie cheater
Reputation: 0

Joined: 22 Aug 2007
Posts: 18

PostPosted: Thu Aug 23, 2007 2:01 pm    Post subject: Reply with quote

Patched.
Back to top
View user's profile Send private message
SunBeam
I post too much
Reputation: 65

Joined: 25 Feb 2005
Posts: 4022
Location: Romania

PostPosted: Thu Aug 23, 2007 2:19 pm    Post subject: Reply with quote

Maybe you explain these lines T_T

0040120A MOVSX EAX,BYTE PTR DS:[409A3C]
00401211 CMP EAX,DWORD PTR DS:[409068]

DS:[00409068]=0053A000
EAX=00000035

There's no way in hell that could be possible, unless you patch the program...

EDIT 1: Poking around that EDX, to see how to make it write 53A000 along with my test_key...

EDIT 2: How about Wink

004012CC PUSH -1 ; /Timeout = INFINITE
004012CE CALL DWORD PTR DS:[<&KERNEL32.Sleep>] ; \Sleep

Set a timeout of 1. Using the appropriate Sleep timeout will output the needed EDX for next piece of code to be used Wink

EDIT 3: The password would be

Code:
^@^@:|

but of course it wouldn't work with that CMP stupidly set there Wink

Hmm, or SHR 53A, C Wink
Back to top
View user's profile Send private message
zart
Master Cheater
Reputation: 0

Joined: 20 Aug 2007
Posts: 351
Location: russia

PostPosted: Thu Aug 23, 2007 2:42 pm    Post subject: Reply with quote

Kaspersky wrote:

P.S - Console's CrackMe sucks, no offence.



Whats everyones beef with the console? Is the same fucking program just without a text box and a button saying "check"...

If a crack me has gui then woohoo it has gui. If it has shitty code underneath it - it still sucks. If it's good - it doesn't matter wtf the user interface is.

Besides, your cracking code - not interfaces so buzzoff and make a better crackme kasp.

_________________
0x7A 0x61 0x72 0x74

TEAM RESURRECTiON
Back to top
View user's profile Send private message
SunBeam
I post too much
Reputation: 65

Joined: 25 Feb 2005
Posts: 4022
Location: Romania

PostPosted: Thu Aug 23, 2007 2:45 pm    Post subject: Reply with quote

ROFL. Chexor this out Very Happy





@zart: Chillax, Casper is only trolling Wink

@void: That's all I can get. I dunno any "console KEYS" tricks, so spare me the thrill. Already mentioned the pass -> : | (with no spaces, since phpBB would turn it into a smilie -> Neutral)


Last edited by SunBeam on Thu Aug 23, 2007 2:48 pm; edited 2 times in total
Back to top
View user's profile Send private message
voidREMIX
Newbie cheater
Reputation: 0

Joined: 22 Aug 2007
Posts: 18

PostPosted: Thu Aug 23, 2007 2:46 pm    Post subject: Reply with quote

D: Faggotry.


BTW You use Wink <-- smiley to much. Mind unblocking me from MSN D:
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes All times are GMT - 6 Hours
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites