Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


"The Game"
Goto page Previous  1, 2, 3  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes
View previous topic :: View next topic  
Author Message
Cryoma
Member of the Year
Reputation: 198

Joined: 14 Jan 2009
Posts: 1819

PostPosted: Thu Sep 18, 2008 6:04 pm    Post subject: Reply with quote

It's open to lancing shell.exp so pretty much I just have to partial compile the randomator as 5000.
Back to top
View user's profile Send private message
Noz3001
I'm a spammer
Reputation: 26

Joined: 29 May 2006
Posts: 6220
Location: /dev/null

PostPosted: Thu Sep 18, 2008 6:23 pm    Post subject: Reply with quote

Cryoma wrote:
It's open to lancing shell.exp so pretty much I just have to partial compile the randomator as 5000.


Erm, what?
Back to top
View user's profile Send private message MSN Messenger
jackyyll
Expert Cheater
Reputation: 0

Joined: 28 Jan 2008
Posts: 143
Location: here

PostPosted: Thu Sep 18, 2008 7:37 pm    Post subject: Reply with quote

Bruce Lee wrote:
noz3001 wrote:
Cryoma wrote:
It's open to lancing shell.exp so pretty much I just have to partial compile the randomator as 5000.


Erm, what?


I understand what he said.


Okay. Thanks for your input!
Back to top
View user's profile Send private message AIM Address MSN Messenger
Overload
Master Cheater
Reputation: 0

Joined: 08 Feb 2008
Posts: 293

PostPosted: Thu Sep 18, 2008 10:17 pm    Post subject: Reply with quote

Bruce Lee wrote:
noz3001 wrote:
Cryoma wrote:
It's open to lancing shell.exp so pretty much I just have to partial compile the randomator as 5000.


Erm, what?


I understand what he said.


Cool Rolling Eyes

_________________
Blog

Quote:
Rhys says:
you can be my maid
Rhys says:
ill buy you a french maid outfit
Tyler says:
Sounds good
Rhys says:
ill hold you to that
Back to top
View user's profile Send private message MSN Messenger
Noz3001
I'm a spammer
Reputation: 26

Joined: 29 May 2006
Posts: 6220
Location: /dev/null

PostPosted: Fri Sep 19, 2008 3:08 am    Post subject: Reply with quote

Bruce Lee wrote:
noz3001 wrote:
Cryoma wrote:
It's open to lancing shell.exp so pretty much I just have to partial compile the randomator as 5000.


Erm, what?


I understand what he said.


Go back to Random Spam.
Back to top
View user's profile Send private message MSN Messenger
DoomsDay
Grandmaster Cheater
Reputation: 0

Joined: 06 Jan 2007
Posts: 768
Location: %HomePath%

PostPosted: Fri Sep 19, 2008 1:07 pm    Post subject: Reply with quote

The storage of the values is still static, so it was easy to monitor.
All in all, it took me a lot of time to go through it manually, but I finally got it =]
This thing at the end... nasty trick you got there =P
Back to top
View user's profile Send private message
Noz3001
I'm a spammer
Reputation: 26

Joined: 29 May 2006
Posts: 6220
Location: /dev/null

PostPosted: Fri Sep 19, 2008 2:29 pm    Post subject: Reply with quote

DoomsDay wrote:
The storage of the values is still static, so it was easy to monitor.
All in all, it took me a lot of time to go through it manually, but I finally got it =]
This thing at the end... nasty trick you got there =P


I've been getting ready to go to Uni so i've not had much time to have a play with it yet. I've got an idea which should throw you off a bit, i hope anyway. Wink
Back to top
View user's profile Send private message MSN Messenger
Cryoma
Member of the Year
Reputation: 198

Joined: 14 Jan 2009
Posts: 1819

PostPosted: Fri Sep 19, 2008 3:26 pm    Post subject: Reply with quote

Lancing shell.explore is a script that gives you a real time decrypted console of everything going on in an app.
It lets you change certain aspects and re-compile part of that app without decompiling and recompiling the whole thing.
In real time.
Back to top
View user's profile Send private message
Noz3001
I'm a spammer
Reputation: 26

Joined: 29 May 2006
Posts: 6220
Location: /dev/null

PostPosted: Fri Sep 19, 2008 5:38 pm    Post subject: Reply with quote

Cryoma wrote:
Lancing shell.explore is a script that gives you a real time decrypted console of everything going on in an app.
It lets you change certain aspects and re-compile part of that app without decompiling and recompiling the whole thing.
In real time.


Yeah.. Ok.
Back to top
View user's profile Send private message MSN Messenger
krazedkat
I post too much
Reputation: 0

Joined: 29 Aug 2007
Posts: 2255
Location: Hell, Norway

PostPosted: Fri Sep 19, 2008 10:29 pm    Post subject: Reply with quote

haha cracked in 5 minutes.
Back to top
View user's profile Send private message
haha01haha01
Grandmaster Cheater Supreme
Reputation: 0

Joined: 15 Jun 2007
Posts: 1233
Location: http://www.SaviourFagFails.com/

PostPosted: Fri Sep 19, 2008 11:45 pm    Post subject: Reply with quote

so, basically, we are supposed to unrandomize the value and always set it 5000?
Back to top
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger
Noz3001
I'm a spammer
Reputation: 26

Joined: 29 May 2006
Posts: 6220
Location: /dev/null

PostPosted: Sat Sep 20, 2008 3:09 am    Post subject: Reply with quote

haha01haha01 wrote:
so, basically, we are supposed to unrandomize the value and always set it 5000?


Just set it to 5000 and you will win.
Back to top
View user's profile Send private message MSN Messenger
nog_lorp
Grandmaster Cheater
Reputation: 0

Joined: 26 Feb 2006
Posts: 743

PostPosted: Wed Oct 01, 2008 12:51 am    Post subject: Reply with quote

Noz where you going? I just started a week and a half ago.

Slightly more on topic: lol, RtlDecodePointer:
Code:
7C91393D > 8BFF             MOV EDI,EDI
7C91393F   55               PUSH EBP
7C913940   8BEC             MOV EBP,ESP
7C913942   5D               POP EBP
7C913943  ^EB D2            JMP SHORT ntdll.RtlEncodePointer

_________________
Mutilated lips give a kiss on the wrist of the worm-like tips of tentacles expanding in my mind
I'm fine accepting only fresh brine you can get another drop of this yeah you wish
Back to top
View user's profile Send private message
Noz3001
I'm a spammer
Reputation: 26

Joined: 29 May 2006
Posts: 6220
Location: /dev/null

PostPosted: Wed Oct 01, 2008 3:41 am    Post subject: Reply with quote

nog_lorp wrote:
Noz where you going? I just started a week and a half ago.

Slightly more on topic: lol, RtlDecodePointer:
Code:
7C91393D > 8BFF             MOV EDI,EDI
7C91393F   55               PUSH EBP
7C913940   8BEC             MOV EBP,ESP
7C913942   5D               POP EBP
7C913943  ^EB D2            JMP SHORT ntdll.RtlEncodePointer

Going, as in Uni? Manchester Metropolitan University.

About RtlEncodePointer, it must must have been put in there by the compiler. I only use 1 API, SetConsoleTitle =|. Saying that, it's in a DLL so I don't even think it uses it.

Btw, I just uploaded a slightly newer version with only a minor change. I was pretty stupid not to change it earlier ^_^.
Back to top
View user's profile Send private message MSN Messenger
nog_lorp
Grandmaster Cheater
Reputation: 0

Joined: 26 Feb 2006
Posts: 743

PostPosted: Wed Oct 01, 2008 8:25 pm    Post subject: Reply with quote

Interesting, what compiler are you using? It encodes a million pointers and stores them in TLS.

RtlDecodePointer is just funny because it looks like they did

void * RtlDecodePointer(void * ptr) {
__asm {
pop ebp
jmp RtlEncodePointer
}
}

Since they do exactly the same thing (xor'ing the pointer with a random per-process 32 bit mask).

_________________
Mutilated lips give a kiss on the wrist of the worm-like tips of tentacles expanding in my mind
I'm fine accepting only fresh brine you can get another drop of this yeah you wish
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes All times are GMT - 6 Hours
Goto page Previous  1, 2, 3  Next
Page 2 of 3

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites