Cheat Engine

[Noz3001]

The aim of this "crackme" is simple, there's a value which is randomized everytime you press enter. Your goal is to set this value to 5000 to win. This means that patching jumps to make it say you've won don't count but you can do that if you really cant figure out how to set the value.

I was inspired by this thread: http://forum.cheatengine.org/viewtopic.php?t=289549 so you might want to check it out.

What i'm really looking for is information and tips which will help me make the program even more secure.

Try it out =D.

[AndrewMan]

I dont get it.

I pressed enter, it randomizes a number, than what do I do?

[Noz3001]

[DoomsDay]

This crackme is well written...
It took me an hour or so to reach the decryption proc manually(I began by setting a breakpoint on WriteFile), but then I just had to monitor it.
The first call to it will check if the value is already 5000, else a random number will be generated, and then checked to zero out. If it won't - it will be encrypted by the function that follows the decryption routine (location-wise).

I won't reveal my solution this time, enjoy yourselves

EDIT: Security tips:

• Don't use the same stack location twice - it's a high-risk security flaw
• Use exception handlers to trigger some events - cause an exception in purpose to jump out of a code block (it could be a bitch to analyze)

[Noz3001]

Nice one DoomsDay, you're the first person to beat it. Oohh, can't wait until i've finished the next version =].

[SunBeam]

Should I even bother?

[DoomsDay]

If noz is going to release an enhanced version, I'd say yes

[Zand]

40245A = mov eax, 0x1388
401ff8 = NOP

[SunBeam]

^ No patching, bithc

[Zand]

I didn't patch no jumps....

[DoomsDay]

You didn't patch the correct addresses either...

[Zand]

I did.

[Noz3001]

Slightly updated version uploaded. Have a go =].

[Cryoma]

Done.

[Noz3001]