| View previous topic :: View next topic |
| Author |
Message |
spectrum
Expert Cheater
 Reputation: 0
Joined: 27 Mar 2007
Posts: 143
|
 Posted: Thu Mar 20, 2008 6:20 pm Post subject: Another easy crack me |
 |
|
Well in this one i tried to implement what you guys told me in the other thread, i made encryptions (I hope =P) and used hex.
Also i didn't encrypt so much the second password cause the ones that can get ok the first one can get ok the second one without much effort, and i wont make you work for somethng not very important.
http://www.mediafire.com/?9mjbex4y99y
good luck, even you wont need it.
_________________
C++ {||||||||||}
ASM {||||||||||} |
|
| Back to top |
|
 |
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Fri Mar 21, 2008 12:20 pm Post subject: |
|
|
First Password - Anything.
Second Password - 5th character+15 (0xF) should be the same as first character of the first password+11 (0xB)
For example:
The ASCII of '0' is 0x30, so add to the first character of the first password 11 (0xB) it would be 0x3B, which is semi-colon ';'.
Now add 15 (0xF) to the 5th character of the second password, so to get 0x3B we do 0x3B-0xF = 0x2C (comma ',')
Simply take a random number, I took 0x3B and decrased it by 11 for first character of the first password and decrased by 15 for the 5th character for the second password.
Now there's another check:
Add 11 to the 5th character of the second password, in this example I used comma (0x2C) so it results 0x37 ('7') and then add 10 to the 4rd character of the first password, then compare these 2, so simply take 0x37 and decrase by 0xA, thats 0x2D ('-') and then... there's another check! 
Add 12 (0xC) to the 4rd character of the first password and compare it to the first character of second password.
Simply add 12 to '-' (0x2D) which is 0x39, then decrase by 10 (because we add 10 later) which is 0x2F. ('/')
Then the first character of the second password should be '/', because then we add 0xA (10) to 0x2F which is 0x39, which is also 0x2D ('-') + 12.
We got now:
0**-*
/***,
* = wild card.
And finally, the last check...
It doesn't check the ASCII, it checks the a 4 bytes value of the 8th character of the second password. (characters 8, 9, 10 and 11)
It compares it to 0x108 (0x00000108), so only the 8th and 9th characters are needed. (and 10 and 11 are null - 0)
8th character ASCII should be 08 and the 9th should be 01.
Not sure which characters are 01 and 08, so I have to change them manualy using ollydbg.
I typed:
0**-*
/***,__55
we're gonna change 55 to 01 and 08 manually.
Set a breakpoint at 401483 and go in the hex dump to 44301C.
type the passwords above and press enter.
Now we break at 401483, in the hex dump I edit the first byte (untick "Keep size") and type 08 01 00 00.
Cracked.
Wasn't hard, just annoying.
|
|
| Back to top |
|
|
Heartless
I post too much
 Reputation: 0
Joined: 03 Dec 2006
Posts: 2436
|
|
| Back to top |
|
|
spectrum
Expert Cheater
Reputation: 0
Joined: 27 Mar 2007
Posts: 143
|
| Posted: Fri Mar 21, 2008 12:42 pm Post subject: |
|
|
| Symbol wrote: | First Password - Anything.
Second Password - 5th character+15 (0xF) should be the same as first character of the first password+11 (0xB)
For example:
The ASCII of '0' is 0x30, so add to the first character of the first password 11 (0xB) it would be 0x3B, which is semi-colon ';'.
Now add 15 (0xF) to the 5th character of the second password, so to get 0x3B we do 0x3B-0xF = 0x2C (comma ',')
Simply take a random number, I took 0x3B and decrased it by 11 for first character of the first password and decrased by 15 for the 5th character for the second password.
Now there's another check:
Add 11 to the 5th character of the second password, in this example I used comma (0x2C) so it results 0x37 ('7') and then add 10 to the 4rd character of the first password, then compare these 2, so simply take 0x37 and decrase by 0xA, thats 0x2D ('-') and then... there's another check!
Add 12 (0xC) to the 4rd character of the first password and compare it to the first character of second password.
Simply add 12 to '-' (0x2D) which is 0x39, then decrase by 10 (because we add 10 later) which is 0x2F. ('/')
Then the first character of the second password should be '/', because then we add 0xA (10) to 0x2F which is 0x39, which is also 0x2D ('-') + 12.
We got now:
0**-*
/***,
* = wild card.
And finally, the last check...
It doesn't check the ASCII, it checks the a 4 bytes value of the 8th character of the second password. (characters 8, 9, 10 and 11)
It compares it to 0x108 (0x00000108), so only the 8th and 9th characters are needed. (and 10 and 11 are null - 0)
8th character ASCII should be 08 and the 9th should be 01.
Not sure which characters are 01 and 08, so I have to change them manualy using ollydbg.
I typed:
0**-*
/***,__55
we're gonna change 55 to 01 and 08 manually.
Set a breakpoint at 401483 and go in the hex dump to 44301C.
type the passwords above and press enter.
Now we break at 401483, in the hex dump I edit the first byte (untick "Keep size") and type 08 01 00 00.
Cracked.
Wasn't hard, just annoying. |
O_O good job. btw why the first password can be anything? and, yes I agree it was very annoying. But I improved a bit, with what you and wiccan told me didn't I?
_________________
C++ {||||||||||}
ASM {||||||||||} |
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Fri Mar 21, 2008 1:05 pm Post subject: |
|
|
Because the 2nd password (characters 1, 4, 8 and 9) are relative to the first password. (characters 1 and 4)
You could change everything to something else, for example 0 (0x30) to 1 (0x31) and then add every character ASCII by 1.
"ADD EAX,0A" isn't really encrypting the password, sorry. 
|
|
| Back to top |
|
|
Labyrnth
Moderator
 Reputation: 9
Joined: 28 Nov 2006
Posts: 6285
|
| Posted: Fri Mar 21, 2008 2:36 pm Post subject: |
|
|
Well, dang the site linked is 404.....
Must be real busy right now or something 
_________________
|
|
| Back to top |
|
|
spectrum
Expert Cheater
Reputation: 0
Joined: 27 Mar 2007
Posts: 143
|
| Posted: Fri Mar 21, 2008 3:04 pm Post subject: |
|
|
also when i tried to increase a value with a high hex like 0xea7e it said that integers can't be compared to pointers blahblah, any help?
_________________
C++ {||||||||||}
ASM {||||||||||} |
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Sat Mar 22, 2008 3:18 am Post subject: |
|
|
| Show your code?
|
|
| Back to top |
|
|
spectrum
Expert Cheater
Reputation: 0
Joined: 27 Mar 2007
Posts: 143
|
| Posted: Sat Mar 22, 2008 10:17 am Post subject: |
|
|
| Code: | #include <iostream>
using namespace std;
char pass1 [5], pass2 [5], ble;
int a;
int main ()
{
again:
cout << "type in the first part of the pw, it can be up to five numbers long \n";
cin >> pass1;
a = (pass1[1] + pass1[2] + pass1[0] + pass1[3] + pass1[4]);
cout << "type in the first part of the pw, it can be up to five numbers long \n";
cin >> pass2;
if (pass1[0] + 0xb == pass2[4] + 0xf)
if (pass2[4] + 0xb == pass1[3] + 0xa)
if (pass1[3] + 0xc == pass2[0] + 0xa)
if ( a == 0x108)
{
cout << "congrats!!!";
cin >> ble;
}
else
goto wrong;
wrong:
cout << "wrong \n";
goto again;
return 0;
} |
don't laugh. The goto wrong i know its "wrong" but i don't know why the else didn't worked wothout that(i tried using"{" and "}").
_________________
C++ {||||||||||}
ASM {||||||||||} |
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Sun Mar 23, 2008 2:47 pm Post subject: |
|
|
else goto wrong;
wrong:
?! O_O
Anyway, it works fine...
| Code: | again:
cout << "type in the first part of the pw, it can be up to five numbers long \n";
cin >> pass1;
a = (pass1[1] + pass1[2] + pass1[0] + pass1[3] + pass1[4]);
cout << "type in the first part of the pw, it can be up to five numbers long \n";
cin >> pass2;
if (pass1[0] + 0xea7e == pass2[4] + 0xea7e && pass2[4] + 0xea7e == pass1[3] + 0xea7e && pass1[3] + 0xea7e == pass2[0] + 0xea7e && a == 0xea7e)
cout << "congrats!!!";
else
cout << "wrong \n";
goto again; |
|
|
| Back to top |
|
|
spectrum
Expert Cheater
Reputation: 0
Joined: 27 Mar 2007
Posts: 143
|
| Posted: Sun Mar 23, 2008 3:36 pm Post subject: |
|
|
could it be because the compiler? im using dev c++
_________________
C++ {||||||||||}
ASM {||||||||||} |
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Sun Mar 23, 2008 3:51 pm Post subject: |
|
|
Maybe it thinks you're pointing to an address in the memory if you use a 2 bytes number.
Try MVC++.
|
|
| Back to top |
|
|
spectrum
Expert Cheater
Reputation: 0
Joined: 27 Mar 2007
Posts: 143
|
| Posted: Sun Mar 23, 2008 11:49 pm Post subject: |
|
|
I always get errors at compiling in mvc++, even with the hello world program THEY set as default
it says:
.\xtest.cpp(3) : fatal error C1083: Cannot open precompiled header file: 'Debug\test.pch': No such file or directory
_________________
C++ {||||||||||}
ASM {||||||||||} |
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Mon Mar 24, 2008 3:25 am Post subject: |
|
|
| Try unticiking 'precompiled header' checkbox. (when you make a new application, click next and untick)
|
|
| Back to top |
|
|
SunBeam
I post too much
 Reputation: 65
Joined: 25 Feb 2005
Posts: 4022
Location: Romania
|
| Posted: Tue Mar 25, 2008 5:57 am Post subject: |
|
|
Am preparing a nice surprise for y'allz. It comes with custom protection and a small protector (maybe packer). Wanna see who manages to do the dirty work and trace his way to the "good_boy" 
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
