Random Key

[Apocalyps]

Does anyone know how to make a 15 CHARS random string in ASM with numbers, so it can be used as input for a keygen ?

[quosego]

Once fastly put this together;

.data
 x		  DWORD	362436069
crry	   DWORD	1234567 mov ebx,0
NUMBER:
call MWC32
cmp al, 30h
jl NUMBER
cmp al, 39h			// between 30 - 39 (so numbers)
jg NUMBER
mov BYTE ptr[edi], al	  // that's were I put the serial. 
inc ebx
inc edi
cmp ebx,4					// how many numbers do you want.. (it's 4 now)
jne NUMBER

 MWC32	  PROC	 STDCALL
		   mov	  eax,x
		   mov	  edx,2083801278
		   mul	  edx	; a*x in edx:eax
		   mov	  ecx,crry; get crry
		   add	  eax,ecx; ax+c in eax
		   adc	  edx,0; if carry, increment edx
		   mov	  crry,edx; store new crry
		   mov	  x,eax; store new x
		   ret
MWC32	  ENDP

The latter I stole from the web but provides me with eax full of (semi)random numbers..

It works but there are prolly better methods..

quosego

Edited March 18, 2008 by quosego

[evlncrn8]

i think if you play with the code a little you'll find its not truly random

[syk071c]

generate a seed with GetTickCount then xor it with something and store the result .. then use the stored result again instead of calling GetTickCount.. will be slightly more random..

.data

seed dd 12345678h

randomnumber db '012345678912345',0

.code

xor edi,edi

mov esi, offset randomnumber

nextone:

cmp edi,0fh

je yay

call GetTickCount

xor eax, seed

mov seed, eax

and eax,0ffh

compareagain:

cmp al,030h

jl addstuff

cmp al,039h

ja substuff

mov byte ptr ds:[randomstuff+edi],al

inc edi

jmp nextone

addstuff:

add al,07h

jmp compareagain

substuff:

dec al,07h

jmp compareagain

yay:

erm.. not sure if it will work yet.. havent really tried it.. but it may give you some ideas..

Edited March 18, 2008 by syk071c

[quosego]

i think if you play with the code a little you'll find its not truly random

Yeah I know.. but what is..

[HVC]

Or use the nrandom function of masmlib, initializing the nrandom_seed at the entry point of your application with something like the value returned by GetTickCount.

Use the value returned by nrandom (modulo 9) and add 0x30 to it, looping though this as many times as you want the string long.

God, i love pre-cooked code.

Anyway, you don't need cryptographically strong PRNGs in a keygen, that's a necessity for the authors implementing PKC in their protectors.

Edited March 18, 2008 by HVC

[Ox87k]

Also this one is good:

In the .data

szString		db 	   20 dup(0)
szTable		 db		"1234567890123456"
				db		"7890123456789012"
				db		"3456789012345678"
				db		"9012345", 0

And now in the .code

invoke RtlZeroMemory, ADDR szString, SIZEOF szString
xor esi, esi
_randomchars:
		rdtsc
		mov ebx, eax
		invoke GetTickCount
		xor eax, ebx
		ror eax, 04h
		and eax, 1Fh
		mov al, byte ptr[szTable+eax]
		mov byte ptr[szString+esi], al
		inc esi
		cmp esi, 0Fh
	jnz _randomchars

:happy:

[Ufo-Pu55y]

@Ox87k:

I like urs :cool:

Tho I guess for a keygen this would be enough:

.data?
szOutput db 16 dup (?)
.code
xor ecx,ecx
mov cl,15
.while ecx
	rdtsc
	and eax,1111b
	imul eax,eax,10
	shr eax,4
	add al,'0'
	dec ecx
	mov byte ptr[szOutput+ecx], al
.endw
; mov byte ptr[szOutput+16], 0

Then u don't need any tables and function calls

/EDIT

The same for 15 hex chars:

.data?
szOutput db 16 dup (?)
.code
xor ecx,ecx
mov cl,15
.while ecx
	rdtsc
	and eax, 1111b
	.if al > 9
		add al,'A'-10
	.else
		add al,'0'
	.endif
	dec ecx
	mov byte ptr[szOutput+ecx], al
.endw
; mov byte ptr[szOutput+16], 0

Edited March 18, 2008 by Ufo-Pu55y

[rendari]

@Ox87k:

Seems like that one is quite popular

[starzboy]

he he , so much issue for a lil keygen , i wonder what he would do if it were some security lolz

no offense tough.

@0x87k

hey naughty , nice to see ya

[Ox87k]

@Ox87k:

I like urs :cool:

Tho I guess for a keygen this would be enough:

.data?
szOutput db 16 dup (?)
.code
xor ecx,ecx
mov cl,15
.while ecx
	rdtsc
	and eax,1111b
	imul eax,eax,10
	shr eax,4
	add al,'0'
	dec ecx
	mov byte ptr[szOutput+ecx], al
.endw
; mov byte ptr[szOutput+16], 0

Then u don't need any tables and function calls

Well done but

- your code generate always the same number (in my case a string with only '5' and '0')

- you can optimize this code in this way:

lea ecx, byte ptr[0Fh]
_looped:
	rdtsc
	ror eax, 4
	and eax,1111b
	imul eax,eax,10
	shr eax,4
	add al,'0'
	mov byte ptr[szOutput+ecx], al
loop _looped

:cool:

hey naughty , nice to see ya

Hey bro, is it all ok? Nice to see you too here! :happy:

Edited March 19, 2008 by Ox87k

[Ufo-Pu55y]

your code generate always the same number (in my case a string with only '5' and '0')

Why :? Is it CPU specific or something with this RDTSC ? Never used it before :'X

Coz I never get same numbers with that code: Blank.rar

Any idea :?

[qOdbOp]

; Example for RandomChar

; by n0p-6o-n0p

http://filepatio.com/7943

[Ox87k]

@Ufo:

I injected my code into your appz but look the differences!
/>http://www.mediafire.com/?g0d4eoz11q1

[Ufo-Pu55y]

@Ufo:

I injected my code into your appz but look the differences!

http://www.mediafire.com/?g0d4eoz11q1

Yea thx

Well, did anybody ever try on a keygen requesting mouse-movement for

truly randomizing a part of a serial jk

[MOID]

I always just use CryptGenRandom, then mask out how much bits I want. If the number is too big, try again. That's about as random as it gets:

1. CryptGenRandom is almost theoretically perfect. It's much better than rolling your own and it has good entropy.

2. Throwing away stuff you don't want is better than trying to fit it in a range, because it won't introduce bias.

Of course practically even crap random numbers will do, but I like my keygens to be theoretically perfect.

BTW here is a nice snippet to convert AL from 0–15 to '0'–'F':

CMP   AL, 10
SBB   AL, 69h
DAS

Edited March 21, 2008 by MOID

[Ufo-Pu55y]

CryptGenRandom

Kewl ! Some days ago I was wondering about all this advapi's crypt functions.

But that one wasn't listed in my API-Guide.. found it in win32.hlp now ofc.

CMP   AL, 10
SBB   AL, 69h
DAS

asm in it's leet... thx for the useful hints :>

[Angel-55]

Why using a hard and unsure way to generate randomly the chars ??

you know MASM includes a random function you can use it in away to get perfectly what you want ^^

i got that algo to work and modified to get a mix between numbers and chars at the same time XD

include masm.incincludelib masm32.lib

As For The Generation Routine Use This Procedure.....

Randomd Proc   INVOKE Sleep,10								
   INVOKE GetTickCount							  
   INVOKE nseed,EAX							   
   INVOKE nrandom,0FFFFFFFFh					
   INVOKE nseed,EAX ;// Don't Ask :P							
   Again:
   INVOKE nrandom,39h;// Max Is "9"							 
   CMP EAX,31h;// Min Is "0"								   
   JL Again1
   JMP ENDN								
   Again1:
   INVOKE nrandom,5Ah ;// Max Is "Z"							
   CMP EAX,41h ;// Min Is "A"								  
   JL Again
ENDN:									  
   RET
Randomd EndPGenerate PROC hWnd: HWND  PUSH EDI
  PUSH ESI
  PUSH EBX  INVOKE Randomd ;// Get Random Value		 
  PUSH EAX			;// Save It In Stack For Later Usage
  INVOKE Randomd		   
  PUSH EAX				
  INVOKE Randomd
  PUSH EAX
  INVOKE Randomd		   
  PUSH EAX				
  INVOKE Randomd
  PUSH EAX
  INVOKE Randomd		   
  PUSH EAX				
  INVOKE Randomd
  PUSH EAX  
  INVOKE Randomd		   
  PUSH EAX				
  INVOKE Randomd
  PUSH EAX  
  INVOKE Randomd		   
  PUSH EAX  PUSH OFFSET sFormat;// %c%c%c%c%c%c%c%c%c%c	 
  PUSH OFFSET sChars 
  CALL wsprintf			  INVOKE SetDlgItemText,hWnd,IDC_RANDOMCHARS,ADDR sChars  POP EBX
  POP ESI
  POP EDI  RET
Generate ENDP

I hope it works as supposed to Cheers......

Originaly Written By "Canterwood [N-GEN]" Modified By "Angel-55 [FOFF]" !

[azmo]

thank you all for the code

very helpfull indeed :biggrin:

azmo

[Apocalyps]

Thnx for helping me out with a solution!

[F0X]

Why using a hard and unsure way to generate randomly the chars ??

you know MASM includes a random function you can use it in away to get perfectly what you want ^^

i got that algo to work and modified to get a mix between numbers and chars at the same time XD

include masm.incincludelib masm32.lib

As For The Generation Routine Use This Procedure.....

Randomd Proc   INVOKE Sleep,10								
   INVOKE GetTickCount							  
   INVOKE nseed,EAX							   
   INVOKE nrandom,0FFFFFFFFh					
   INVOKE nseed,EAX;// Don't Ask :P							
   Again:
   INVOKE nrandom,39h;// Max Is "9"							 
   CMP EAX,31h;// Min Is "0"								   
   JL Again1
   JMP ENDN								
   Again1:
   INVOKE nrandom,5Ah;// Max Is "Z"							
   CMP EAX,41h;// Min Is "A"								  
   JL Again
ENDN:									  
   RET
Randomd EndPGenerate PROC hWnd: HWND  PUSH EDI
  PUSH ESI
  PUSH EBX  INVOKE Randomd;// Get Random Value		 
  PUSH EAX		;// Save It In Stack For Later Usage
  INVOKE Randomd		   
  PUSH EAX				
  INVOKE Randomd
  PUSH EAX
  INVOKE Randomd		   
  PUSH EAX				
  INVOKE Randomd
  PUSH EAX
  INVOKE Randomd		   
  PUSH EAX				
  INVOKE Randomd
  PUSH EAX  
  INVOKE Randomd		   
  PUSH EAX				
  INVOKE Randomd
  PUSH EAX  
  INVOKE Randomd		   
  PUSH EAX  PUSH OFFSET sFormat;// %c%c%c%c%c%c%c%c%c%c	 
  PUSH OFFSET sChars 
  CALL wsprintf			  INVOKE SetDlgItemText,hWnd,IDC_RANDOMCHARS,ADDR sChars  POP EBX
  POP ESI
  POP EDI  RET
Generate ENDP

I hope it works as supposed to Cheers......

Originaly Written By "Canterwood [N-GEN]" Modified By "Angel-55 [FOFF]" !

Haha, Angel-55 your still kicking, I like it, you can even use it with gfx, random particles

good work mate!

[diablo2oo2]

generate random number between 100 and 200

invoke random_number,100,200random_number proc uses ecx edx _min_number:dword,_max_number:dword
	@@:
	rdtsc	mov ecx,_max_number
	.if ecx!=0FFFFFFFFh
		inc ecx
	.endif	xor edx,edx
	div ecx
	mov eax,edx	cmp eax,_min_number
	jl @B	ret
random_number endp

[xsp!d3r]

that's sounds nice thx mate 4 share