| View previous topic :: View next topic |
| Author |
Message |
Ksbunker
Advanced Cheater
![]() Reputation: 0
Joined: 18 Oct 2006
Posts: 88
|
 Posted: Wed Jul 04, 2007 5:56 am Post subject: |
 |
|
As AnonymousX said "3455296" is the password.
Open Target in OllyDbg (or your debugger of choice).
Right Click - "Search for all referenced Text strings"
Scroll up, double click "Welcome to midnight7's crackme".
you will see;
| Code: | 004013E0 |. C74424 04 0000>MOV DWORD PTR SS:[ESP+4],CrackMe.0044000>; ASCII "==============================
"
004013E8 |. C70424 C033440>MOV DWORD PTR SS:[ESP],CrackMe.004433C0
004013EF |. E8 64AD0300 CALL CrackMe.0043C158
004013F4 |. C74424 04 2000>MOV DWORD PTR SS:[ESP+4],CrackMe.0044002>; ASCII "Wellcom to MidNigh7's crackMe.
"
004013FC |. C70424 C033440>MOV DWORD PTR SS:[ESP],CrackMe.004433C0
00401403 |. E8 50AD0300 CALL CrackMe.0043C158
00401408 |. C74424 04 0000>MOV DWORD PTR SS:[ESP+4],CrackMe.0044000>; ASCII "==============================
"
00401410 |. C70424 C033440>MOV DWORD PTR SS:[ESP],CrackMe.004433C0
00401417 |. E8 3CAD0300 CALL CrackMe.0043C158
0040141C |. C74424 04 4000>MOV DWORD PTR SS:[ESP+4],CrackMe.0044004>; ASCII "Enter the password:
"
00401424 |. C70424 C033440>MOV DWORD PTR SS:[ESP],CrackMe.004433C0
0040142B |. E8 28AD0300 CALL CrackMe.0043C158
00401430 |. 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
00401433 |. 894424 04 MOV DWORD PTR SS:[ESP+4],EAX
00401437 |. C70424 6034440>MOV DWORD PTR SS:[ESP],CrackMe.00443460
0040143E |. E8 DD6D0200 CALL CrackMe.00428220
00401443 |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
00401446 |. 3B45 F4 CMP EAX,DWORD PTR SS:[EBP-C]
00401449 |. 75 51 JNZ SHORT CrackMe.0040149C
0040144B |. C74424 04 5600>MOV DWORD PTR SS:[ESP+4],CrackMe.0044005>; ASCII "you just cracked me.
"
00401453 |. C70424 C033440>MOV DWORD PTR SS:[ESP],CrackMe.004433C0
0040145A |. E8 F9AC0300 CALL CrackMe.0043C158
0040145F |. C74424 04 6C00>MOV DWORD PTR SS:[ESP+4],CrackMe.0044006>; ASCII "press any key to get out.
"
00401467 |. C70424 C033440>MOV DWORD PTR SS:[ESP],CrackMe.004433C0
0040146E |. E8 E5AC0300 CALL CrackMe.0043C158
00401473 |. 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
00401476 |. 894424 04 MOV DWORD PTR SS:[ESP+4],EAX
0040147A |. C70424 6034440>MOV DWORD PTR SS:[ESP],CrackMe.00443460
00401481 |. E8 9A6D0200 CALL CrackMe.00428220
00401486 |. C74424 04 8700>MOV DWORD PTR SS:[ESP+4],CrackMe.0044008>; ASCII "your out."
0040148E |. C70424 C033440>MOV DWORD PTR SS:[ESP],CrackMe.004433C0
00401495 |. E8 BEAC0300 CALL CrackMe.0043C158
0040149A |. EB 4F JMP SHORT CrackMe.004014EB
0040149C |> C74424 04 9100>MOV DWORD PTR SS:[ESP+4],CrackMe.0044009>; ASCII "OWNAGE!! ZOMGWTFBBQ
"
004014A4 |. C70424 C033440>MOV DWORD PTR SS:[ESP],CrackMe.004433C0
004014AB |. E8 A8AC0300 CALL CrackMe.0043C158
004014B0 |. C74424 04 6C00>MOV DWORD PTR SS:[ESP+4],CrackMe.0044006>; ASCII "press any key to get out.
"
004014B8 |. C70424 C033440>MOV DWORD PTR SS:[ESP],CrackMe.004433C0
004014BF |. E8 94AC0300 CALL CrackMe.0043C158
004014C4 |. 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
004014C7 |. 894424 04 MOV DWORD PTR SS:[ESP+4],EAX
004014CB |. C70424 6034440>MOV DWORD PTR SS:[ESP],CrackMe.00443460
004014D2 |. E8 496D0200 CALL CrackMe.00428220
004014D7 |. C74424 04 8700>MOV DWORD PTR SS:[ESP+4],CrackMe.0044008>; ASCII "your out."
004014DF |. C70424 C033440>MOV DWORD PTR SS:[ESP],CrackMe.004433C0
004014E6 |. E8 6DAC0300 CALL CrackMe.0043C158
004014EB |> B8 00000000 MOV EAX,0
004014F0 |. C9 LEAVE
004014F1 \. C3 RETN |
It looks all rather innocent with exception to;
| Code: | 00401443 |. 8B45 F0 MOV EAX,DWORD PTR SS:[EBP-10]
00401446 |. 3B45 F4 CMP EAX,DWORD PTR SS:[EBP-C] |
Just a guess, but i would think [EBP-10] holds out entered password, it then gets stored in EAX. Now, [EBP-C] is compared against EAX, Jump it not equal to badboy message, as see by;
| Code: | | 00401449 |. 75 51 JNZ SHORT CrackMe.0040149C |
Place breakpoint at 401443, press F9 to run program. Enter in your password, I used "1337". Olly will break, press F8 to trace calls, stop at "CMP EAX, DWORD PTR SS:[EBP-C]" and take a look at the Stack;
| Code: | Stack SS:[0022FF6C]=0034B940
EAX=00000539
|
I was curious to see what EAX was. I open CALC.exe and typed 539h into the calculator then converted to decimal, fortunately for us it was "1337". Using the same logic, copy "34B940h" (h denoting hex) to CALC.exe, hit conversion to decimal, outputed is "3455296".
Open crackme again, type this as the password and you'll be greeted with the congratulations message. Good work, cracked.
|
|
| Back to top |
|
 |
haha01haha01
Grandmaster Cheater Supreme
 Reputation: 0
Joined: 15 Jun 2007
Posts: 1233
Location: http://www.SaviourFagFails.com/
|
| Posted: Wed Jul 04, 2007 11:12 am Post subject: |
|
|
WOW OMG THX UR DA BEST GOTTA TRY IT!!!
umm... how do i see the stack ^.^ sry im a beginner with debugging.
cool i just cracked it at other way then urs. i placed a "nop" command on the "jnz crackme" line so it will not jump to other adresses and just keep going and it get cracked at every password.
anyway how do i see the stack?
ohhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh i got it i now see the stack....
ty very much u helped me alot 
|
|
| Back to top |
|
|
avril18
Master Cheater
 Reputation: 0
Joined: 11 Apr 2007
Posts: 380
Location: En san salvador, El Salvador
|
| Posted: Wed Jul 11, 2007 9:14 pm Post subject: |
|
|
| Prowsezy wrote: | | What a piece of shit Crack me. |
nahh its not that bad man
_________________
|
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Wed Jul 25, 2007 11:42 pm Post subject: |
|
|
i cracked it manualy O_o
i mean...
i did the passwords:
a
~
!
#
%
and 6... =\ (meant to do ^ but i phailed )
well that was easy ^_^
i dont know how to crack such things, uce, ollydbg?
|
|
| Back to top |
|
|
haha01haha01
Grandmaster Cheater Supreme
Reputation: 0
Joined: 15 Jun 2007
Posts: 1233
Location: http://www.SaviourFagFails.com/
|
| Posted: Thu Jul 26, 2007 12:10 am Post subject: |
|
|
| Symbol wrote: | i cracked it manualy O_o
i mean...
i did the passwords:
a
~
!
#
%
and 6... =\ (meant to do ^ but i phailed )
well that was easy ^_^
i dont know how to crack such things, uce, ollydbg? |
what is with the a~!#% ?
and u crack it with ollydbg, read the first replay on this page.
|
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Thu Jul 26, 2007 1:05 am Post subject: |
|
|
every number under 10 digits is write...
0-9999999999 are right...
|
|
| Back to top |
|
|
haha01haha01
Grandmaster Cheater Supreme
Reputation: 0
Joined: 15 Jun 2007
Posts: 1233
Location: http://www.SaviourFagFails.com/
|
| Posted: Thu Jul 26, 2007 2:36 am Post subject: |
|
|
lol? theres only 1 right password.
the password is 3455296
(btw ZOMGWTFBBQ means u lost)
|
|
| Back to top |
|
|
Acim
Grandmaster Cheater Supreme
 Reputation: 0
Joined: 04 Jun 2007
Posts: 1948
Location: If anyone has a GMS DK and they don't need it I'll have it!!
|
| Posted: Fri Jul 27, 2007 5:27 pm Post subject: |
|
|
| chunti wrote: | | wtf is a crack me i dont get it could some 1 plz inform me? |
A crack me is a program with a password that you have to crack. Easy to make simple ones. Hard to make advanced ones.
_________________
I'm alive and well, but I quit CEF for a while. Legitly playing since Novemberish 07. Starting hacking October 06. |
|
| Back to top |
|
|
oib111
I post too much
 Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Sat Jul 28, 2007 8:39 am Post subject: |
|
|
Heh, I memorized the tutorial on how to crack this. And I just did it. I failed doing the tutorial, but I got the password!
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
xarchelo
Cheater
![]() Reputation: 0
Joined: 16 Jun 2007
Posts: 31
|
| Posted: Sun Aug 05, 2007 9:56 pm Post subject: |
|
|
patched it using hiew hex editor
changed
| Code: |
00401449 |. 75 51 JNZ SHORT CrackMe.0040149C
|
to
| Code: |
00401449 |. 74 51 JE SHORT CrackMe.0040149C
|
Lol when I enter the real pass I get OWNAGE! ZOMGWTFBBQ
P.S Why does the program terminate when I enter letters?
|
|
| Back to top |
|
|
haha01haha01
Grandmaster Cheater Supreme
Reputation: 0
Joined: 15 Jun 2007
Posts: 1233
Location: http://www.SaviourFagFails.com/
|
| Posted: Mon Aug 06, 2007 12:13 am Post subject: |
|
|
its a bug... its because the way c works is to terminate the program after it finished if u enter letters.... cause he prolly didnt do the | Code: | flushall();
a=getchar(); |
method... so its not like da program crash it shows the result but then exit so fast that u cant see it.
if ull put BP with olly on the lines after the wrong\right msges then even if u enter letters olly will break b4 it terminate.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
