|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
dnsi0 I post too much Reputation: 0
Joined: 04 Jan 2007 Posts: 2674
|
Posted: Sun Apr 12, 2009 9:48 am Post subject: Easy Crackme |
|
|
Patch it so that it always give a success message.
|
|
Back to top |
|
|
HolyBlah Master Cheater Reputation: 2
Joined: 24 Aug 2007 Posts: 446
|
Posted: Sun Apr 12, 2009 11:14 am Post subject: |
|
|
Patched the compare
|
|
Back to top |
|
|
pkedpker Master Cheater Reputation: 1
Joined: 11 Oct 2006 Posts: 412
|
Posted: Mon Apr 13, 2009 12:08 pm Post subject: |
|
|
I tried to solve by putting in password but failed
but its if if(EncryptText(Text) = 111) then make thread for win() function with messagebox for win.
IDK if i got it correctly.
Code: |
v2 = ((INPUTT + v4 - 1) & 0xff) ^
((((INPUTT + v4 - 1) << 6) & 0xff) + 1048575) &
((unsigned int)v2 >> (INPUTT + v4 - 1) & 0xff);
|
Code: |
int __fastcall CHECK_PREVIOUS_DWORD(int result)
{
if ( result )
result = *(_DWORD *)(result - 4);
return result;
}
int __fastcall CHECK_ANSWER(int INPUT)
{
int v1; // ebx@1
int v2; // esi@1
int v3; // ST00_4@1
signed int v4; // eax@2
int v6; // eax@1
int INPUTT; // [sp+8h] [bp-4h]@1
int v9; // [sp-Ch] [bp-18h]@1
INPUTT = INPUT;
System____linkproc___LStrAddRef();
v3 = *MK_FP(__FS__, 0);
*MK_FP(__FS__, 0) = &v9;
v2 = 305419896;
v6 = CHECK_PREVIOUS_DWORD(INPUTT);
v1 = v6;
if ( v6 )
{
v4 = 1;
do
{
v2 = *(_BYTE *)(INPUTT + v4 - 1) ^ ((*(_BYTE *)(INPUTT + v4 - 1) << 6) + 1048575) & ((unsigned int)v2 >> *(_BYTE *)(INPUTT + v4 - 1));
++v4;
--v1;
}
while ( v1 );
}
*MK_FP(__FS__, 0) = v3;
return System____linkproc___LStrClr();
}
int __stdcall START_THREADS(int a1)
{
int v1; // ST18_4@1
int INPUT; // [sp+4h] [bp-8h]@1
int v5; // [sp-Ch] [bp-18h]@1
DWORD ThreadId; // [sp+8h] [bp-4h]@3
INPUT = 0;
v1 = *MK_FP(__FS__, 0);
*MK_FP(__FS__, 0) = &v5;
if ( **(_DWORD **)a1 == -827473698 )
{
INPUT = Controls__TControl__GetText();
if ( CHECK_ANSWER(INPUT) == 111 )
CreateThread(0, 0, (DWORD (__stdcall *)(LPVOID))WIN, 0, 0, &ThreadId);
else
CreateThread(0, 0, (DWORD (__stdcall *)(LPVOID))FAIL, 0, 0, &ThreadId);
}
*MK_FP(__FS__, 0) = v1;
return System____linkproc___LStrClr();
}
void __stdcall FAIL(LPVOID a1)
{
MessageBoxA_0(0, "Password Is Fail", "Fail", MB_ICONERROR);
ExitThread(0);
}
void __stdcall WIN()
{
MessageBoxA_0(0, "Password Is Sucess", "Sucess", MB_ICONINFORMATION);
ExitThread(0);
}
|
_________________
|
|
Back to top |
|
|
dnsi0 I post too much Reputation: 0
Joined: 04 Jan 2007 Posts: 2674
|
Posted: Mon Apr 13, 2009 6:09 pm Post subject: |
|
|
pkedpker wrote: | I tried to solve by putting in password but failed
but its if if(EncryptText(Text) = 111) then make thread for win() function with messagebox for win.
IDK if i got it correctly.
Code: |
v2 = ((INPUTT + v4 - 1) & 0xff) ^
((((INPUTT + v4 - 1) << 6) & 0xff) + 1048575) &
((unsigned int)v2 >> (INPUTT + v4 - 1) & 0xff);
|
Code: |
int __fastcall CHECK_PREVIOUS_DWORD(int result)
{
if ( result )
result = *(_DWORD *)(result - 4);
return result;
}
int __fastcall CHECK_ANSWER(int INPUT)
{
int v1; // ebx@1
int v2; // esi@1
int v3; // ST00_4@1
signed int v4; // eax@2
int v6; // eax@1
int INPUTT; // [sp+8h] [bp-4h]@1
int v9; // [sp-Ch] [bp-18h]@1
INPUTT = INPUT;
System____linkproc___LStrAddRef();
v3 = *MK_FP(__FS__, 0);
*MK_FP(__FS__, 0) = &v9;
v2 = 305419896;
v6 = CHECK_PREVIOUS_DWORD(INPUTT);
v1 = v6;
if ( v6 )
{
v4 = 1;
do
{
v2 = *(_BYTE *)(INPUTT + v4 - 1) ^ ((*(_BYTE *)(INPUTT + v4 - 1) << 6) + 1048575) & ((unsigned int)v2 >> *(_BYTE *)(INPUTT + v4 - 1));
++v4;
--v1;
}
while ( v1 );
}
*MK_FP(__FS__, 0) = v3;
return System____linkproc___LStrClr();
}
int __stdcall START_THREADS(int a1)
{
int v1; // ST18_4@1
int INPUT; // [sp+4h] [bp-8h]@1
int v5; // [sp-Ch] [bp-18h]@1
DWORD ThreadId; // [sp+8h] [bp-4h]@3
INPUT = 0;
v1 = *MK_FP(__FS__, 0);
*MK_FP(__FS__, 0) = &v5;
if ( **(_DWORD **)a1 == -827473698 )
{
INPUT = Controls__TControl__GetText();
if ( CHECK_ANSWER(INPUT) == 111 )
CreateThread(0, 0, (DWORD (__stdcall *)(LPVOID))WIN, 0, 0, &ThreadId);
else
CreateThread(0, 0, (DWORD (__stdcall *)(LPVOID))FAIL, 0, 0, &ThreadId);
}
*MK_FP(__FS__, 0) = v1;
return System____linkproc___LStrClr();
}
void __stdcall FAIL(LPVOID a1)
{
MessageBoxA_0(0, "Password Is Fail", "Fail", MB_ICONERROR);
ExitThread(0);
}
void __stdcall WIN()
{
MessageBoxA_0(0, "Password Is Sucess", "Sucess", MB_ICONINFORMATION);
ExitThread(0);
}
|
|
Sorta. You got the createthread part. And sorta into the encryption thingy.
|
|
Back to top |
|
|
pkedpker Master Cheater Reputation: 1
Joined: 11 Oct 2006 Posts: 412
|
Posted: Tue Apr 14, 2009 12:06 am Post subject: |
|
|
i gave up anyways but is it possible to pm or or paste here if u dont care the encryption part i wanna see how close I came.
_________________
|
|
Back to top |
|
|
Flyte Peanuts!!!! Reputation: 6
Joined: 19 Apr 2006 Posts: 1887 Location: Canada
|
Posted: Tue Apr 14, 2009 1:29 am Post subject: |
|
|
Well, it isn't exactly the smartest password protection, considering there are an infinite (baring memory restrictions) number of possible passwords.
Here are the first 10 that are 5 characters long:
Code: | ahfcc
ehfcc
hhfcc
aaadc
baadc
caadc
daadc
eaadc
faadc
gaadc |
Here is a program that generates all the passwords for a set string length (for characters a->z only):
Code: | #include <iostream>
#include <string>
using std::cout;
using std::cin;
using std::endl;
using std::string;
void __fastcall Bruteforce(string &lol, int index)
{
if(index >= 0) {
for(char a = 'a'; a < 'z'; a++) {
lol[index] = a;
Bruteforce(lol, index-1);
}
} else {
register int temp = 305419896;
for(int j = 0; j < lol.length(); j++) {
temp = lol[j] ^ ((lol[j] << 6) + 1048575) & (temp >> lol[j]);
}
if(temp == 111) {
cout << lol << endl;
}
}
}
void Generate(int len)
{
string lol;
lol.clear();
lol.resize(len+1);
Bruteforce(lol, len-1);
}
int main()
{
Generate(5);
cin.sync();
cin.ignore();
return 0;
} |
|
|
Back to top |
|
|
dnsi0 I post too much Reputation: 0
Joined: 04 Jan 2007 Posts: 2674
|
Posted: Tue Apr 14, 2009 5:51 pm Post subject: |
|
|
Flyte wrote: | Well, it isn't exactly the smartest password protection, considering there are an infinite (baring memory restrictions) number of possible passwords.
Here are the first 10 that are 5 characters long:
Code: | ahfcc
ehfcc
hhfcc
aaadc
baadc
caadc
daadc
eaadc
faadc
gaadc |
Here is a program that generates all the passwords for a set string length (for characters a->z only):
Code: | #include <iostream>
#include <string>
using std::cout;
using std::cin;
using std::endl;
using std::string;
void __fastcall Bruteforce(string &lol, int index)
{
if(index >= 0) {
for(char a = 'a'; a < 'z'; a++) {
lol[index] = a;
Bruteforce(lol, index-1);
}
} else {
register int temp = 305419896;
for(int j = 0; j < lol.length(); j++) {
temp = lol[j] ^ ((lol[j] << 6) + 1048575) & (temp >> lol[j]);
}
if(temp == 111) {
cout << lol << endl;
}
}
}
void Generate(int len)
{
string lol;
lol.clear();
lol.resize(len+1);
Bruteforce(lol, len-1);
}
int main()
{
Generate(5);
cin.sync();
cin.ignore();
return 0;
} |
|
GJ for reversing it and getting the hashing algorithm X.X
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You cannot download files in this forum
|
|