View previous topic :: View next topic |
Author |
Message |
Reak I post too much Reputation: 0
Joined: 15 May 2007 Posts: 3496
|
Posted: Sat Aug 09, 2008 11:32 am Post subject: KeyGenMe |
|
|
Crackbitch!
Code: | Example:
rEakW0n
70-71-53-86-75-21-39 |
Probably too lame
Edit:
Just to make this clear:
The challenge is to post a key with your name , not to patch it.
|
|
Back to top |
|
|
HalfPrime Grandmaster Cheater Reputation: 0
Joined: 12 Mar 2008 Posts: 532 Location: Right there...On your monitor
|
Posted: Sat Aug 09, 2008 12:41 pm Post subject: |
|
|
The checking takes place at http://www.reakworld.de/cef/crackme.php?testkey=1&name=&key=
I don't think there's any way to get the source of the php, so it would be impossible to get a key without bruteforcing.
For a crack, I thik you can just NOP 0046D447, but I didn't test it.
_________________
|
|
Back to top |
|
|
Zerith Master Cheater Reputation: 1
Joined: 07 Oct 2007 Posts: 468
|
Posted: Sat Aug 09, 2008 12:47 pm Post subject: |
|
|
A possible solution would be to change the website string
(http://www.reakworld.de/cef/crackme.php?testkey=1&name=&key=)
and change it to a custom page that output's '1' , since when you go to
http://www.reakworld.de/cef/crackme.php?testkey=1&name=&key=
it output's 0.
Code: |
0046D3D4 . E8 87FFFFFF CALL KeyGenMe.0046D360
0046D3D9 . 33C0 XOR EAX,EAX
0046D3DB . 55 PUSH EBP
0046D3DC . 68 76D44600 PUSH KeyGenMe.0046D476
0046D3E1 . 64:FF30 PUSH DWORD PTR FS:[EAX]
0046D3E4 . 64:8920 MOV DWORD PTR FS:[EAX],ESP
0046D3E7 . 68 74D54600 PUSH KeyGenMe.0046D574 ; ASCII "http://zerith.bplaced.net/index.php?l=1&testkey=1&name="
0046D3EC . 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
0046D3EF . 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
0046D3F2 . 8B80 00030000 MOV EAX,DWORD PTR DS:[EAX+300]
0046D3F8 . E8 5F71FCFF CALL KeyGenMe.0043455C
0046D3FD . FF75 EC PUSH DWORD PTR SS:[EBP-14]
0046D400 . 68 B4D54600 PUSH KeyGenMe.0046D5B4 ; ASCII "&key="
|
I just changed the string to this one
(which is a PHP file that displays '1')
and cracked, you lose reakw0n.
|
|
Back to top |
|
|
athiwatc Advanced Cheater Reputation: 0
Joined: 22 Sep 2007 Posts: 58
|
Posted: Thu Aug 14, 2008 4:01 am Post subject: |
|
|
urif15 no there is no way to win this by his method! what you did was patching it. The only way to win is simply BF lol
This program simply set the goodboy and badboy
at
46D456 and 46D462 after it get 1 or 0 from the server which it did nothing in the program. that mean without crack there is only one way.
Yap am going to crack THIS ^ ^
Last edited by athiwatc on Thu Aug 14, 2008 4:25 am; edited 1 time in total |
|
Back to top |
|
|
atom0s Moderator Reputation: 199
Joined: 25 Jan 2006 Posts: 8518 Location: 127.0.0.1
|
Posted: Thu Aug 14, 2008 4:21 am Post subject: |
|
|
Found this funny lol:
Code: | 0046D514 . 49 4E 46 4F 3>ASCII "INFO: @Debugger/"
0046D524 . 44 69 73 61 7>ASCII "Disassembler: If"
0046D534 . 20 79 6F 75 2>ASCII " you see this, d"
0046D544 . 69 73 72 65 6>ASCII "isregard the nex"
0046D554 . 74 20 32 20 6>ASCII "t 2 lines please"
0046D564 . 20 2D 3E 3E 3>ASCII " ->>>",0
0046D56A 00 DB 00
0046D56B 00 DB 00
0046D56C . FFFFFFFF DD FFFFFFFF
0046D570 . 37000000 DD 00000037
0046D574 . 68 74 74 70 3>ASCII "http://www.reakw"
0046D584 . 6F 72 6C 64 2>ASCII "orld.de/cef/crac"
0046D594 . 6B 6D 65 2E 7>ASCII "kme.php?testkey="
0046D5A4 . 31 26 6E 61 6>ASCII "1&name=",0
0046D5AC . FFFFFFFF DD FFFFFFFF
0046D5B0 . 05000000 DD 00000005
0046D5B4 . 26 6B 65 79 3>ASCII "&key=",0
0046D5BA 00 DB 00
0046D5BB 00 DB 00
0046D5BC . FFFFFFFF DD FFFFFFFF
0046D5C0 . 01000000 DD 00000001
0046D5C4 . 31 00 ASCII "1",0
0046D5C6 00 DB 00
0046D5C7 00 DB 00
0046D5C8 . FFFFFFFF DD FFFFFFFF
0046D5CC . 1E000000 DD 0000001E
0046D5D0 . 49 4E 46 4F 3>ASCII "INFO: Thanks for"
0046D5E0 . 20 64 69 73 7>ASCII " disregarding!",0
|
Anyway, the key is not generated in the program, but in the php script, which is not visible and not downloadable so can't really do much to this.
_________________
- Retired. |
|
Back to top |
|
|
athiwatc Advanced Cheater Reputation: 0
Joined: 22 Sep 2007 Posts: 58
|
Posted: Thu Aug 14, 2008 4:30 am Post subject: |
|
|
Wiccaan I got some thing fun
Code: | #include <INet.au3>
For $i1 = 00 To 99
For $i2 = 00 To 99
For $i3 = 00 To 99
For $i4 = 00 To 99
For $i5 = 00 To 99
For $i6 = 00 To 99
For $i7 = 00 To 99
If StringLen($i1) = 1 Then $i1 = '0' & $i1
If StringLen($i2) = 1 Then $i2 = '0' & $i2
If StringLen($i3) = 1 Then $i3 = '0' & $i3
If StringLen($i4) = 1 Then $i4 = '0' & $i4
If StringLen($i5) = 1 Then $i5 = '0' & $i5
If StringLen($i6) = 1 Then $i6 = '0' & $i6
If StringLen($i7) = 1 Then $i7 = '0' & $i7
$r = _INetGetSource('http://www.reakworld.de/cef/crackme.php?testkey=1&name=sightez&key=' & $i1 & '-' & $i2 & '-' & $i3 & '-' & $i4 & '-' & $i5 & '-' & $i6 & '-' & $i7)
ConsoleWrite($r & ' ' & $i1 & '-' & $i2 & '-' & $i3 & '-' & $i4 & '-' & $i5 & '-' & $i6 & '-' & $i7 & @CRLF)
If $r = 1 Then MSGBOX(0,'','FOUND')
Next
Next
Next
Next
Next
Next
Next |
Run this autoit script with your name instead of sightez lol BF
(First i going to make it in delphi lol but this is much easyer)
And this guy program look like this
Code: |
(DELPHI)
If input = 1 Then
begin
text := 'goodboy';
showmessage(text);
end;
If input = 0 Then
begin
text := 'badboy';
showmessage(text);
end;
|
|
|
Back to top |
|
|
|