Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


:: Crack me :: Stolen Bank card ::

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes
View previous topic :: View next topic  
Author Message
dEagle
Expert Cheater
Reputation: 0

Joined: 17 Jun 2006
Posts: 225
Location: CheatEngine Forum

PostPosted: Wed Mar 05, 2008 5:59 am    Post subject: :: Crack me :: Stolen Bank card :: Reply with quote

Stolen bank card.
Guess the pincode!
Back to top
View user's profile Send private message
HolyBlah
Master Cheater
Reputation: 2

Joined: 24 Aug 2007
Posts: 446

PostPosted: Thu Mar 06, 2008 6:51 am    Post subject: Reply with quote

Password:
Code:
69640123
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Thu Mar 06, 2008 3:57 pm    Post subject: Reply with quote

Some more info on this one:

Code:
0042CAA7   .  52            PUSH EDX
0042CAA8   .  50            PUSH EAX
0042CAA9   .  51            PUSH ECX
0042CAAA   .  FF15 18104000 CALL DWORD PTR DS:[<&MSVBVM60.__vbaStrCa>;  MSVBVM60.__vbaStrCat
0042CAB0   .  8BD0          MOV EDX,EAX
0042CAB2   .  8D4D DC       LEA ECX,DWORD PTR SS:[EBP-24]
0042CAB5   .  FF15 90104000 CALL DWORD PTR DS:[<&MSVBVM60.__vbaStrMo>;  MSVBVM60.__vbaStrMove
0042CABB   .  50            PUSH EAX
0042CABC   .  FF15 44104000 CALL DWORD PTR DS:[<&MSVBVM60.__vbaStrCm>;  MSVBVM60.__vbaStrCmp


Break on the first push. EDX contains the value you have entered yourself. This is the first push for the compare. Next, ECX and EAX contain the first and second part of the real pin, they are joined together (appended) via strcat. strmove creates a new string to hold the new value returned by strcat, then is pushed into strcmps stack and compared.

When you break on the first push the register window of olly shows you the full answer:

Code:
EAX 00177E74 UNICODE "6964"
ECX 00177E0C UNICODE "0123"
EDX 00178164 UNICODE "7777777"
EBX 00000000
ESP 0013F384
EBP 0013F468
ESI 003A084C ASCII "HT9"
EDI 0016A698
EIP 0042CAA7 Bank_Car.0042CAA7
C 0  ES 0023 32bit 0(FFFFFFFF)
P 1  CS 001B 32bit 0(FFFFFFFF)
A 0  SS 0023 32bit 0(FFFFFFFF)
Z 1  DS 0023 32bit 0(FFFFFFFF)
S 0  FS 003B 32bit 7FFDF000(FFF)
T 0  GS 0000 NULL
D 0
O 0  LastErr ERROR_SUCCESS (00000000)
EFL 00000246 (NO,NB,E,BE,NS,PE,GE,LE)
ST0 empty +UNORM 038E 015D0000 0013FA54
ST1 empty +UNORM 038E 015D0000 0000137F
ST2 empty +UNORM 1F80 00000001 00000000
ST3 empty 0.0000000078275202060e-4933
ST4 empty +UNORM 10F0 0000003B A9557C38
ST5 empty +UNORM 003B 0013FDF0 00000000
ST6 empty -UNORM FDE8 00000202 0000001B
ST7 empty 4.4477983388301931520e-4932
               3 2 1 0      E S P U O Z D I
FST 0000  Cond 0 0 0 0  Err 0 0 0 0 0 0 0 0  (GT)
FCW 137F  Prec NEAR,64  Mask    1 1 1 1 1 1

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites