Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


My friend made it

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes
View previous topic :: View next topic  
Author Message
Overload
Master Cheater
Reputation: 0

Joined: 08 Feb 2008
Posts: 294

PostPosted: Fri Nov 21, 2008 8:51 pm    Post subject: My friend made it Reply with quote

A simple crackme my friend made. I've already cracked it, but he says there should be a couple different methods of doing so. Though, he's probably wrong (kind of beginner at programming).

Mission:
Crack it - Find password
Explain your method

_________________
Blog

Quote:
Rhys says:
you can be my maid
Rhys says:
ill buy you a french maid outfit
Tyler says:
Sounds good
Rhys says:
ill hold you to that
Back to top
View user's profile Send private message MSN Messenger
HolyBlah
Master Cheater
Reputation: 2

Joined: 24 Aug 2007
Posts: 446

PostPosted: Sat Nov 22, 2008 3:24 am    Post subject: Reply with quote

Cracking:
Code:
00401079   .^\75 D5         JNZ SHORT CrackMe1.00401050
to
Code:
00401079    ^\74 D5         JE SHORT CrackMe1.00401050

and
Code:
004010CD    ^\75 D5         JNZ SHORT CrackMe1.004010A4
to
Code:
004010CD    ^\74 D5         JE SHORT CrackMe1.004010A4

PW:44064
Back to top
View user's profile Send private message
DoomsDay
Grandmaster Cheater
Reputation: 0

Joined: 06 Jan 2007
Posts: 768
Location: %HomePath%

PostPosted: Sat Nov 22, 2008 11:23 am    Post subject: Reply with quote

This crackme doesn't require patching; the first password is 1000, the second is 36764064 (which is (36720*1000)+44064).
Method: code analysis.


Last edited by DoomsDay on Sun Nov 23, 2008 1:42 am; edited 1 time in total
Back to top
View user's profile Send private message
Overload
Master Cheater
Reputation: 0

Joined: 08 Feb 2008
Posts: 294

PostPosted: Sat Nov 22, 2008 6:07 pm    Post subject: Reply with quote

Okay well I don't think you guys are right. Even DoomsDay Shocked
The password changes everytime apparently. But I did exactly what DoomsDay did Laughing

_________________
Blog

Quote:
Rhys says:
you can be my maid
Rhys says:
ill buy you a french maid outfit
Tyler says:
Sounds good
Rhys says:
ill hold you to that
Back to top
View user's profile Send private message MSN Messenger
igoticecream
Grandmaster Cheater Supreme
Reputation: 0

Joined: 23 Apr 2006
Posts: 1807
Location: 0x00400000

PostPosted: Sun Nov 23, 2008 9:47 pm    Post subject: Reply with quote

Code:
00401028   .  FF15 40204000 CALL DWORD PTR DS:[<&MSVCP90.??5?$basic_>;  <- this function get the password input
0040102E   .  8B4424 0C     MOV EAX,DWORD PTR SS:[ESP+C]                <- move to eax from stack
00401032   .  3D E8030000   CMP EAX,3E8               <- fail... compare with 1000 ;)
00401037   .  7F 5E         JG SHORT CrackMe1.00401097         <- ZF = 1 now, so jump is not taken
00401039   .  69C0 708F0000 IMUL EAX,EAX,8F70            <- multiply 1000d * 8F70h and store on eax
0040103F   .  05 20AC0000   ADD EAX,0AC20            <- eax plus AC20h
00401044   .  8BF0          MOV ESI,EAX               <- store on esi now
00401046   .  EB 08         JMP SHORT CrackMe1.00401050         <- jump to the trickly message
00401048   .  8DA424 000000>LEA ESP,DWORD PTR SS:[ESP]
0040104F   .  90            NOP
00401050   >  8B15 5C204000 MOV EDX,DWORD PTR DS:[<&[email protected]>;
00401056   .  68 48214000   PUSH CrackMe1.00402148                   ; /Arg2 = 00402148 ASCII "Wrong
Try Again
Insert Password: "
0040105B   .  52            PUSH EDX                                 ; |Arg1 => 78505AC8
0040105C   .  E8 DF010000   CALL CrackMe1.00401240                   ; \CrackMe1.00401240
00401061   .  8B0D 64204000 MOV ECX,DWORD PTR DS:[<&[email protected]>;
00401067   .  83C4 08       ADD ESP,8
0040106A   .  8D4424 08     LEA EAX,DWORD PTR SS:[ESP+8]
0040106E   .  50            PUSH EAX
0040106F   .  FF15 40204000 CALL DWORD PTR DS:[<&MSVCP90.??5?$basic_>; <- get again the new input
00401075   .  397424 08     CMP DWORD PTR SS:[ESP+8],ESI          <- fail again, esi is now 230F9A0h ;)
00401079   .^ 75 D5         JNZ SHORT CrackMe1.00401050             <- ZF = 1, jump is not taken
0040107B   .  8B0D 5C204000 MOV ECX,DWORD PTR DS:[<&[email protected]>;
00401081   .  68 6C214000   PUSH CrackMe1.0040216C                   ; /Arg2 = 0040216C ASCII "Ok you win =)
"
00401086   .  51            PUSH ECX                                 ; |Arg1 => 78505AC8
00401087   .  E8 B4010000   CALL CrackMe1.00401240                   ; \CrackMe1.00401240   <- congratz



compare style of crackme reveal so much information... so your friend is wrong, the crackme compare always for the same statics values, the thing that made funny the crack me is the trickly message

_________________
+~
Back to top
View user's profile Send private message
Overload
Master Cheater
Reputation: 0

Joined: 08 Feb 2008
Posts: 294

PostPosted: Sun Nov 23, 2008 11:04 pm    Post subject: Reply with quote

Ah right. Thanks for clearing it up Smile
_________________
Blog

Quote:
Rhys says:
you can be my maid
Rhys says:
ill buy you a french maid outfit
Tyler says:
Sounds good
Rhys says:
ill hold you to that
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites