View previous topic :: View next topic |
Author |
Message |
Hieroglyphics I post too much Reputation: 0
Joined: 06 Dec 2007 Posts: 2007 Location: Your bedroom
|
Posted: Sat Sep 27, 2008 7:34 pm Post subject: [Release] My first Crackme! |
|
|
I just learned simple reversing today, and I made my first crackme :\
I know it's crazy easy but w/e here you go =D
_________________
|
|
Back to top |
|
|
&Vage Grandmaster Cheater Supreme Reputation: 0
Joined: 25 Jul 2008 Posts: 1053
|
Posted: Sat Sep 27, 2008 8:52 pm Post subject: |
|
|
DWORDTForm1Addy909090909090=nop
Lolwat. It's coded in delphi. I thought "DWORDTForm1Addy909090909090=nop" was a string to throw me off at first then I went to your check routine than found out it didn't return anything ;-;
|
|
Back to top |
|
|
Hieroglyphics I post too much Reputation: 0
Joined: 06 Dec 2007 Posts: 2007 Location: Your bedroom
|
Posted: Sat Sep 27, 2008 11:17 pm Post subject: |
|
|
Haha it was to throw you off, and yeah it was in Delphi, pretty good idea huh I wanted to talk to you today, but you werent on MSN! ttyl peace.
_________________
|
|
Back to top |
|
|
Zerith Master Cheater Reputation: 1
Joined: 07 Oct 2007 Posts: 468
|
Posted: Sun Sep 28, 2008 5:15 am Post subject: |
|
|
Check routine:
Code: |
004537D4 /. 55 PUSH EBP
004537D5 |. 8BEC MOV EBP,ESP
004537D7 |. 6A 00 PUSH 0
004537D9 |. 53 PUSH EBX
004537DA |. 8BD8 MOV EBX,EAX
004537DC |. 33C0 XOR EAX,EAX
004537DE |. 55 PUSH EBP
004537DF |. 68 33384500 PUSH hCrack_v.00453833
004537E4 |. 64:FF30 PUSH DWORD PTR FS:[EAX]
004537E7 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
004537EA |. 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
004537ED |. 8B83 FC020000 MOV EAX,DWORD PTR DS:[EBX+2FC]
004537F3 |. E8 54F2FDFF CALL hCrack_v.00432A4C
004537F8 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
004537FB |. BA 48384500 MOV EDX,hCrack_v.00453848 ; ASCII "DWORDTForm1Addy909090909090=nop"
00453800 |. E8 530AFBFF CALL hCrack_v.00404258
00453805 |. 75 0C JNZ SHORT hCrack_v.00453813
00453807 |. B8 70384500 MOV EAX,hCrack_v.00453870 ; ASCII "Nice C++ Much?"
0045380C |. E8 5B3BFDFF CALL hCrack_v.0042736C
00453811 |. EB 0A JMP SHORT hCrack_v.0045381D
00453813 |> B8 88384500 MOV EAX,hCrack_v.00453888 ; ASCII "You PHAIL!"
00453818 |. E8 4F3BFDFF CALL hCrack_v.0042736C
0045381D |> 33C0 XOR EAX,EAX
0045381F |. 5A POP EDX
00453820 |. 59 POP ECX
00453821 |. 59 POP ECX
00453822 |. 64:8910 MOV DWORD PTR FS:[EAX],EDX
00453825 |. 68 3A384500 PUSH hCrack_v.0045383A
0045382A |> 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
0045382D |. E8 1A06FBFF CALL hCrack_v.00403E4C
00453832 \. C3 RETN
|
Next time don't use a Message Box =|
|
|
Back to top |
|
|
Labyrnth Moderator Reputation: 9
Joined: 28 Nov 2006 Posts: 6285
|
Posted: Mon Sep 29, 2008 8:12 pm Post subject: |
|
|
Original:
JNZ SHORT 00453813
Corrected:
JE SHORT 00453813
It is always fun to do these things.
Now with this correction you can use any password you want but the real one.
_________________
|
|
Back to top |
|
|
&Vage Grandmaster Cheater Supreme Reputation: 0
Joined: 25 Jul 2008 Posts: 1053
|
Posted: Mon Sep 29, 2008 8:55 pm Post subject: |
|
|
Labyrnth wrote: | Original:
JNZ SHORT 00453813
Corrected:
JE SHORT 00453813
It is always fun to do these things.
Now with this correction you can use any password you want but the real one. |
Better. Change JNZ SHORT 00453813 to JMP SHORT 00453813. You can use anything.
|
|
Back to top |
|
|
tuxpr0 Cheater Reputation: 0
Joined: 20 Apr 2006 Posts: 38 Location: Israel
|
Posted: Fri Nov 21, 2008 3:56 am Post subject: |
|
|
_void_ wrote: | Labyrnth wrote: | Original:
JNZ SHORT 00453813
Corrected:
JE SHORT 00453813
It is always fun to do these things.
Now with this correction you can use any password you want but the real one. |
Better. Change JNZ SHORT 00453813 to JMP SHORT 00453813. You can use anything. | Crackme'z owned!!
|
|
Back to top |
|
|
|