 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| how hard this crackme is? |
| uber easy |
|
43% |
[ 7 ] |
| easy |
|
6% |
[ 1 ] |
| normal |
|
18% |
[ 3 ] |
| hard |
|
0% |
[ 0 ] |
| uber hard |
|
0% |
[ 0 ] |
| uncrackable (thats the correct one incase u wondered) |
|
31% |
[ 5 ] |
|
| Total Votes : 16 |
|
| Author |
Message |
haha01haha01
Grandmaster Cheater Supreme
 Reputation: 0
Joined: 15 Jun 2007
Posts: 1233
Location: http://www.SaviourFagFails.com/
|
 Posted: Thu May 15, 2008 12:17 pm Post subject: The Unpossible Crackme. if u crack it ur a genius. |
 |
|
hi guys, i wasnt on the crackme forums for alot of time, but i came back with a good one 
Credits:
Me, for making it.
lena151, the basic code,gui,etc. is based on her keygen templates.
this crackme was made with one password, but im positive there are more. the password consists of keyboard letters only(a-z,0-9,!-*)
take this crackme, do whatever u want with it. patch it, decompile it, hit it with a hammer, etc. im almost sure the only way to crack this crackme is bruteforcing, because its based on cryptography.
the way the crackme works (it wont help u alot cracking it so i dont mind saying):
the crackme decrypt a previously encrypted by me piece of code with the password u gave, and then jump to this piece of code. if the code is wrong and its going to throw annoying exceptions, it jumps to the SEH Chain installed at the beginning, pointing to the "wrong" message.
btw, in some cases the program WILL throw exceptions. this happens when the decrypted code accidently changes memory b4 actiavating SEH. this happend to me with the string "asdf", but only when inside ollydbg.
well, other then that, if there are any problems with it post here and ill fix it asap. oh yea, and if it wont be cracked a month from today ill release the source and password. programmed in: MASM32
attached.
|
|
| Back to top |
|
 |
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Thu May 15, 2008 12:57 pm Post subject: |
|
|
"$"
Edit: No, I didn't bruteforce/typed random character. used simple logic. 
|
|
| Back to top |
|
|
haha01haha01
Grandmaster Cheater Supreme
Reputation: 0
Joined: 15 Jun 2007
Posts: 1233
Location: http://www.SaviourFagFails.com/
|
| Posted: Fri May 16, 2008 12:43 am Post subject: |
|
|
| Symbol wrote: | "$"
Edit: No, I didn't bruteforce/typed random character. used simple logic. |
nice =O
how did u find that out?
and why isnt it a crackme...?
|
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Fri May 16, 2008 2:30 am Post subject: |
|
|
| haha01haha01 wrote: | | Symbol wrote: | "$"
Edit: No, I didn't bruteforce/typed random character. used simple logic. |
nice =O
how did u find that out?
and why isnt it a crackme...? |
Because the password always changes, this password will only work for the first time.
I saw that you call edi, then found out what writes the data to edi, the first character was N and that it loops through each character in the encrypted data and xor each character by password[i] character, something like:
char* data = "..";
for (int i = 0; i < 25; i++)
for (int j = 0; j < sizeof(Password); j++)
data[i] ^= Password[j];
First character I wanted to get was 6A (push xx), so I xor'd 'N' by 6A and the result was the ASCII of '$'.
I wanted to do something like:
6A 00 - push 00
6A 00 - push 00
6A 00 - push 00
6A 00 - push 00
E8 ?? ?? ?? ?? - call MessageBoxA
But appearntly your CrackMe did the rest of the job by itself.
|
|
| Back to top |
|
|
haha01haha01
Grandmaster Cheater Supreme
Reputation: 0
Joined: 15 Jun 2007
Posts: 1233
Location: http://www.SaviourFagFails.com/
|
| Posted: Fri May 16, 2008 3:40 am Post subject: |
|
|
| Symbol wrote: | | haha01haha01 wrote: | | Symbol wrote: | "$"
Edit: No, I didn't bruteforce/typed random character. used simple logic. |
nice =O
how did u find that out?
and why isnt it a crackme...? |
Because the password always changes, this password will only work for the first time.
I saw that you call edi, then found out what writes the data to edi, the first character was N and that it loops through each character in the encrypted data and xor each character by password[i] character, something like:
char* data = "..";
for (int i = 0; i < 25; i++)
for (int j = 0; j < sizeof(Password); j++)
data[i] ^= Password[j];
First character I wanted to get was 6A (push xx), so I xor'd 'N' by 6A and the result was the ASCII of '$'.
I wanted to do something like:
6A 00 - push 00
6A 00 - push 00
6A 00 - push 00
6A 00 - push 00
E8 ?? ?? ?? ?? - call MessageBoxA
But appearntly your CrackMe did the rest of the job by itself. |
how did u know the first byte was 6A?
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
