[keygenme] Anti Olly 1.0...

[Teddy Rogers]

Seeing as a few people seem to be "anti Olly'ing" recently I thought this crackme from crackme.de may be of interest to a few people here.

A little crackme just for fun.

1) bypass the anti debug / junk

2) bruteforce / keygen

3) write a tut

rulez : use only a 'standard' version of OllyDbg (or it's not fun)

no HideDebugger plugin or OllyIce or things like that.

enjoy!

Difficulty: 3 - Getting harder

Platform: Windows

Language: Borland Delphi

http://crackmes.de/users/magik/anti_olly_1.0/

Anti_Olly.zip

Ted.

[Teddy Rogers]

The [keygenme] tag has been added to your topic title.

Please remember to follow and adhere to the topic title format - thankyou!

[This is an automated reply]

[Apuromafo]

crackme nice.

I solved some years ago (2007) in this year try to do something new,

in this year, (because in English a little better)

i will try first in spanish and post in english..

 

attach my keygen beta 1, was tested in 3 pc, 
if can test and work (, can improve more funtions as random for keygen value)
if some bug please PM me, 
atached keygen+value keygen 
the value keygen is an analisis of 9mill of numbers tested and taked the valid key
as math(number ingresed - magic value= valid key when 0f08 ) 
the tutorial is in work for can be released.

keygen spanish for antiollydbg 1.0 by Apuromafo.zip

greetings Apuromafo

update:

this is a great crackme,
some years old post this.. 
was analized with more detail, and checked 9 millon of serial and in more that 1 pc.., i was understanded the algo and do the values corrects..if some one wana a keygen i was have in write text 4 but are in spanish..

1) bypass the anti debug / junk ->done
2) bruteforce / keygen->
keygen in excel and masm 
3) write a tut
->
http://ricardonarvaja.info/WEB/CURSO%20NUEVO/TEORIAS%20NUMERADAS/1101-1200/1173-antiolly%20parte%201%20de%204%20Apuromafo.7z

http://ricardonarvaja.info/WEB/CURSO%20NUEVO/TEORIAS%20NUMERADAS/1101-1200/1174-antiolly%20parte%202%20de%204%20Apuromafo.7z
http://ricardonarvaja.info/WEB/CURSO%20NUEVO/TEORIAS%20NUMERADAS/1101-1200/1175-antiolly%20parte%203%20de%204%20Apuromafo.7z
http://ricardonarvaja.info/WEB/CURSO%20NUEVO/TEORIAS%20NUMERADAS/1101-1200/1176-antiolly%20parte%204%20de%204%20Apuromafo.7z


 

Edited January 27, 2016 by Apuromafo
Updated

[requizm]

I can't bypass anti-debug stuff. I'd do:

-IsDebuggerPresent bypass: easy

-"Debugger Detected" messagebox bypass:

00477B12   . 74 1D          JE SHORT Anti_Oll.00477B31                                        ; important conditial jump, i have to jump 0x477B31 to bypass
00477B14   . BB E8030000    MOV EBX,0x3E8
00477B19   > 8D55 F0        LEA EDX,DWORD PTR SS:[EBP-0x10]                           
00477B1C   . B8 987C4700    MOV EAX,Anti_Oll.00477C98
00477B21   . E8 C6DFFFFF    CALL Anti_Oll.00475AEC
00477B26   . 8B45 F0        MOV EAX,DWORD PTR SS:[EBP-0x10]                                   ; eax = ASCII "Debugger Detected ! "
00477B29   . E8 5635FBFF    CALL Anti_Oll.0042B084                                            ; create message box, and wait till user input (click ok button)
00477B2E   . 4B             DEC EBX                                                           ; ebx always greater than 1
00477B2F   .^75 E8          JNZ SHORT Anti_Oll.00477B19                                       ; so this is basically infinite loop

-OutputDebugString bypass: I made the start of the function 'ret 4'.

 

But ı'm stuck here.