View previous topic :: View next topic |
Author |
Message |
gunner54 Newbie cheater Reputation: 0
Joined: 17 Mar 2006 Posts: 12
|
Posted: Fri Mar 07, 2008 12:15 pm Post subject: CrackMe v2.0 - Gunner54 |
|
|
This is a very difficult crackme. Yeh... you can patch it but thats not what i want. I want the Key!
CrackMe v2.0
- MD5 Encryption
- Anti-OllyDBG (Very Simple)
MD5 Key Information
Key Length : 16
Key Characters : Numbers
Key Module : MD5(MD5(Key).Salt)
I will be suprised when you find the key, thats if you do...
Btw, this is aimed at Wiccaan!
Good Luck! |
|
Back to top |
|
|
coder sal Master Cheater Reputation: 0
Joined: 11 May 2007 Posts: 304
|
Posted: Fri Mar 07, 2008 1:11 pm Post subject: Re: CrackMe v2.0 - Gunner54 |
|
|
gunner54 wrote: | This is a very difficult crackme. Yeh... you can patch it but thats not what i want. I want the Key!
CrackMe v2.0
- MD5 Encryption
- Anti-OllyDBG (Very Simple)
MD5 Key Information
Key Length : 16
Key Characters : Numbers
Key Module : MD5(MD5(Key).Salt)
I will be suprised when you find the key, thats if you do...
Btw, this is aimed at Wiccaan!
Good Luck! |
I think I cracked....not sure. I used notepad this is what I got.
a6Z-40f3aceae495d94dd26805e6e07eede1
6595b64144ccf1df
Is any of that the password or something related to it, like the encryption for it? |
|
Back to top |
|
|
gunner54 Newbie cheater Reputation: 0
Joined: 17 Mar 2006 Posts: 12
|
Posted: Fri Mar 07, 2008 2:24 pm Post subject: |
|
|
Salt : a6Z (I have nothing to do with the hash below.)
MD5 : 40f3aceae495d94dd26805e6e07eede1
I still need the key =D |
|
Back to top |
|
|
atom0s Moderator Reputation: 199
Joined: 25 Jan 2006 Posts: 8518 Location: 127.0.0.1
|
Posted: Sat Mar 08, 2008 12:56 pm Post subject: |
|
|
Compile it normally and not in Pcode. _________________
- Retired. |
|
Back to top |
|
|
gunner54 Newbie cheater Reputation: 0
Joined: 17 Mar 2006 Posts: 12
|
Posted: Sat Mar 08, 2008 1:21 pm Post subject: |
|
|
it wont help you, but ok |
|
Back to top |
|
|
atom0s Moderator Reputation: 199
Joined: 25 Jan 2006 Posts: 8518 Location: 127.0.0.1
|
Posted: Sat Mar 08, 2008 2:25 pm Post subject: |
|
|
Ok firstly you do something with the exe at runtime, you could see this in both the pcode version and native which prevents Olly from debugging. Mostly I would assume it's for the InitCommonControls since you have that imported. Either way it fucks up cause GetCurrentProcess() is called and it gets the process handle of Olly and not your crackme and fails to locate the resource successfully and all that jazz. (My assumption.)
Anyway, run it without Olly then attach after it's running to debug.
I can say this is a bit more creative then the other typical crackme's. Only thing is you are using MD5 which I'm not going to bother reversing as you can't "reverse" MD5, it is a hash.
Anyway your main button control calls another function to do the compare so the error message is not in the same call as the compare. The compare can be found at:
Code: | 0040978B . FF15 80104000 CALL DWORD PTR DS:[<&MSVBVM60.__vbaStrCm>; MSVBVM60.__vbaStrCmp |
The conditional jump is found at:
Code: | 00409501 . /75 59 JNZ SHORT Native.0040955C |
To "crack" it you can just patch that jump, as for the password, like I said above, MD5 being a hash, I'm not going to bother attempting to fish it. _________________
- Retired. |
|
Back to top |
|
|
|