Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[Challenge] Crack Me

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes
View previous topic :: View next topic  
Author Message
xPerfection
Grandmaster Cheater Supreme
Reputation: 0

Joined: 06 Dec 2006
Posts: 1707
Location: echo $location

PostPosted: Sat Sep 15, 2007 3:23 am    Post subject: [Challenge] Crack Me Reply with quote

******
_________________


Last edited by xPerfection on Sun Aug 16, 2009 7:18 am; edited 2 times in total
Back to top
View user's profile Send private message MSN Messenger
haha01haha01
Grandmaster Cheater Supreme
Reputation: 0

Joined: 15 Jun 2007
Posts: 1233
Location: http://www.SaviourFagFails.com/

PostPosted: Sat Sep 15, 2007 9:54 am    Post subject: Reply with quote

ur crackme is broken. i think.
@#nÑ65)ª

this is the correct pass. ur using the vbastrcmp thingy, i returns ffffffff if pass is wrong, and 1 if pass is right. but even if the return value is 1 its still wrong. cya need to go eat..
Back to top
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger
zart
Master Cheater
Reputation: 0

Joined: 20 Aug 2007
Posts: 351
Location: russia

PostPosted: Sat Sep 15, 2007 10:40 am    Post subject: Reply with quote

Actually looks like it's comparing to "@#n¥65)¦?" though it also isn't working... Not enough time to try this though Wink
_________________
0x7A 0x61 0x72 0x74

TEAM RESURRECTiON
Back to top
View user's profile Send private message
haha01haha01
Grandmaster Cheater Supreme
Reputation: 0

Joined: 15 Jun 2007
Posts: 1233
Location: http://www.SaviourFagFails.com/

PostPosted: Sat Sep 15, 2007 10:43 am    Post subject: Reply with quote

lol u think its comparing to @#n¥65)¦? cause u did copy paste to notepad, or some other place.
i took the ascii values, changed them into a word with my ascii2word program that i built myself, and copied it to the program. i saw how vbastrcmp returns 1, but then it make sbb esi,esi so it doesnt matter what the return value will be, it will be wrong.
Back to top
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger
zart
Master Cheater
Reputation: 0

Joined: 20 Aug 2007
Posts: 351
Location: russia

PostPosted: Sat Sep 15, 2007 10:54 am    Post subject: Reply with quote

haha01haha01 wrote:
lol u think its comparing to @#n¥65)¦? cause u did copy paste to notepad, or some other place.


No Wink because i know how vbaStrCmp works.

If you did what you said you did correctly - you'd notice "Ñ" should be "¥".

_________________
0x7A 0x61 0x72 0x74

TEAM RESURRECTiON
Back to top
View user's profile Send private message
xPerfection
Grandmaster Cheater Supreme
Reputation: 0

Joined: 06 Dec 2006
Posts: 1707
Location: echo $location

PostPosted: Sat Sep 15, 2007 12:18 pm    Post subject: Reply with quote

******
_________________


Last edited by xPerfection on Sun Aug 16, 2009 7:17 am; edited 1 time in total
Back to top
View user's profile Send private message MSN Messenger
zart
Master Cheater
Reputation: 0

Joined: 20 Aug 2007
Posts: 351
Location: russia

PostPosted: Sat Sep 15, 2007 12:55 pm    Post subject: Reply with quote

xPerfection wrote:

HINT:
Its may be a lil hard to crack because on each form its validating if you really entered the correct password, therefore, just passing the form without entering the correct password (AKA without making the program thinks you did) will result in a error on the next form.

Or just find out the correct password Laughing


No it doesn't?

By patching;

00403615 0F84 D7000000 JE Crack_Me.004036F2

to be

00403615 0F84 D7000000 JNZ Crack_Me.004036F2

And anything will work, doesn't revalidate anything.

_________________
0x7A 0x61 0x72 0x74

TEAM RESURRECTiON
Back to top
View user's profile Send private message
xPerfection
Grandmaster Cheater Supreme
Reputation: 0

Joined: 06 Dec 2006
Posts: 1707
Location: echo $location

PostPosted: Sat Sep 15, 2007 1:03 pm    Post subject: Reply with quote

******
_________________


Last edited by xPerfection on Sun Aug 16, 2009 7:17 am; edited 4 times in total
Back to top
View user's profile Send private message MSN Messenger
zart
Master Cheater
Reputation: 0

Joined: 20 Aug 2007
Posts: 351
Location: russia

PostPosted: Sat Sep 15, 2007 1:20 pm    Post subject: Reply with quote

You might want to check the code then, because it only checks it at that one time. Doesn't check it at the other forms.
_________________
0x7A 0x61 0x72 0x74

TEAM RESURRECTiON
Back to top
View user's profile Send private message
xPerfection
Grandmaster Cheater Supreme
Reputation: 0

Joined: 06 Dec 2006
Posts: 1707
Location: echo $location

PostPosted: Sat Sep 15, 2007 1:27 pm    Post subject: Reply with quote

******
_________________


Last edited by xPerfection on Sun Aug 16, 2009 7:17 am; edited 2 times in total
Back to top
View user's profile Send private message MSN Messenger
zart
Master Cheater
Reputation: 0

Joined: 20 Aug 2007
Posts: 351
Location: russia

PostPosted: Sat Sep 15, 2007 1:32 pm    Post subject: Reply with quote

xPerfection wrote:
Na my code is fine.
Its have not checked it because you just changed JE to JNE.
Its done the right part =\ just like its should do, but if you entering the correct pass lol.

My next 'CrackMe' will be better =]


Ahhh dumb me. I wasn't thinking correctly. You merely checking the value of Cracked. Cracked never gets set false if it thinks the right pass was sent.

I thought you originally meant that it rechecks the actual serial at each step, not the "cracked" value.


Dumb moment, my bad. Cheers and I'll wait for you next Wink

_________________
0x7A 0x61 0x72 0x74

TEAM RESURRECTiON
Back to top
View user's profile Send private message
xPerfection
Grandmaster Cheater Supreme
Reputation: 0

Joined: 06 Dec 2006
Posts: 1707
Location: echo $location

PostPosted: Sat Sep 15, 2007 1:35 pm    Post subject: Reply with quote

******
_________________


Last edited by xPerfection on Sun Aug 16, 2009 7:18 am; edited 1 time in total
Back to top
View user's profile Send private message MSN Messenger
zart
Master Cheater
Reputation: 0

Joined: 20 Aug 2007
Posts: 351
Location: russia

PostPosted: Sat Sep 15, 2007 1:43 pm    Post subject: Reply with quote

xPerfection wrote:
Can you tell me how did you find that address?


Found the routine getting called bye the click event, and looked at this;

Code:

004035E8   > 8B45 E8        MOV EAX,DWORD PTR SS:[EBP-18]
004035EB   . 50             PUSH EAX                                 ;  out password
004035EC     68 AC284000    PUSH Crack_Me.004028AC                   ;  the password
004035F1   . FF15 40104000  CALL DWORD PTR DS:[<&MSVBVM60.__vbaStrCm>;  MSVBVM60.__vbaStrCmp
004035F7   . 8BF0           MOV ESI,EAX                              ;  load result into esi
004035F9   . 8D4D E8        LEA ECX,DWORD PTR SS:[EBP-18]
004035FC   . F7DE           NEG ESI                                  ;  negate esi
004035FE   . 1BF6           SBB ESI,ESI                              ;  sub esi esi
00403600   . 46             INC ESI                                  ;  increase esi by one
00403601   . F7DE           NEG ESI                                  ;  negate esi
00403603   . FF15 98104000  CALL DWORD PTR DS:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStr
00403609   . 8D4D E4        LEA ECX,DWORD PTR SS:[EBP-1C]
0040360C   . FF15 9C104000  CALL DWORD PTR DS:[<&MSVBVM60.__vbaFreeO>;  MSVBVM60.__vbaFreeObj
00403612   . 66:3BF7        CMP SI,DI
00403615     0F84 D7000000  JE Crack_Me.004036F2


An invalid serial would return 1 to eax, making the end result when it gets to 00403612 be comping 0 to 0... A valid serial would be something else and zero, taking the jump.

Changing the JE to JNZ would make it jump on everything but the real password.

_________________
0x7A 0x61 0x72 0x74

TEAM RESURRECTiON
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites