Jump to content
Tuts 4 You

Random Key


Apocalyps

Recommended Posts

Once fastly put this together;

.data
x DWORD 362436069
crry DWORD 1234567 mov ebx,0
NUMBER:
call MWC32
cmp al, 30h
jl NUMBER
cmp al, 39h // between 30 - 39 (so numbers)
jg NUMBER
mov BYTE ptr[edi], al // that's were I put the serial.
inc ebx
inc edi
cmp ebx,4 // how many numbers do you want.. (it's 4 now)
jne NUMBER
 MWC32	  PROC	 STDCALL
mov eax,x
mov edx,2083801278
mul edx ; a*x in edx:eax
mov ecx,crry; get crry
add eax,ecx; ax+c in eax
adc edx,0; if carry, increment edx
mov crry,edx; store new crry
mov x,eax; store new x
ret
MWC32 ENDP

The latter I stole from the web but provides me with eax full of (semi)random numbers.. ;)

It works but there are prolly better methods..

quosego

Edited by quosego
Link to comment

generate a seed with GetTickCount then xor it with something and store the result .. then use the stored result again instead of calling GetTickCount.. will be slightly more random..

.data

seed dd 12345678h

randomnumber db '012345678912345',0

.code

xor edi,edi

mov esi, offset randomnumber

nextone:

cmp edi,0fh

je yay

call GetTickCount

xor eax, seed

mov seed, eax

and eax,0ffh

compareagain:

cmp al,030h

jl addstuff

cmp al,039h

ja substuff

mov byte ptr ds:[randomstuff+edi],al

inc edi

jmp nextone

addstuff:

add al,07h

jmp compareagain

substuff:

dec al,07h

jmp compareagain

yay:

erm.. not sure if it will work yet.. havent really tried it.. but it may give you some ideas..

Edited by syk071c
Link to comment

Or use the nrandom function of masmlib, initializing the nrandom_seed at the entry point of your application with something like the value returned by GetTickCount.

Use the value returned by nrandom (modulo 9) and add 0x30 to it, looping though this as many times as you want the string long.

God, i love pre-cooked code. :P

Anyway, you don't need cryptographically strong PRNGs in a keygen, that's a necessity for the authors implementing PKC in their protectors. :)

Edited by HVC
Link to comment

Also this one is good:

In the .data

szString		db 	   20 dup(0)
szTable db "1234567890123456"
db "7890123456789012"
db "3456789012345678"
db "9012345", 0

And now in the .code

invoke RtlZeroMemory, ADDR szString, SIZEOF szString
xor esi, esi
_randomchars:
rdtsc
mov ebx, eax
invoke GetTickCount
xor eax, ebx
ror eax, 04h
and eax, 1Fh
mov al, byte ptr[szTable+eax]
mov byte ptr[szString+esi], al
inc esi
cmp esi, 0Fh
jnz _randomchars

:happy:

Link to comment

@Ox87k:

I like urs :cool:

Tho I guess for a keygen this would be enough:

.data?
szOutput db 16 dup (?)
.code
xor ecx,ecx
mov cl,15
.while ecx
rdtsc
and eax,1111b
imul eax,eax,10
shr eax,4
add al,'0'
dec ecx
mov byte ptr[szOutput+ecx], al
.endw
; mov byte ptr[szOutput+16], 0

Then u don't need any tables and function calls :)

/EDIT

The same for 15 hex chars:

.data?
szOutput db 16 dup (?)
.code
xor ecx,ecx
mov cl,15
.while ecx
rdtsc
and eax, 1111b
.if al > 9
add al,'A'-10
.else
add al,'0'
.endif
dec ecx
mov byte ptr[szOutput+ecx], al
.endw
; mov byte ptr[szOutput+16], 0
Edited by Ufo-Pu55y
Link to comment

he he , so much issue for a lil keygen , i wonder what he would do if it were some security lolz :)

no offense tough.

@0x87k

hey naughty , nice to see ya :)

Link to comment
@Ox87k:

I like urs :cool:

Tho I guess for a keygen this would be enough:

.data?
szOutput db 16 dup (?)
.code
xor ecx,ecx
mov cl,15
.while ecx
rdtsc
and eax,1111b
imul eax,eax,10
shr eax,4
add al,'0'
dec ecx
mov byte ptr[szOutput+ecx], al
.endw
; mov byte ptr[szOutput+16], 0

Then u don't need any tables and function calls :)

Well done but

- your code generate always the same number (in my case a string with only '5' and '0')

- you can optimize this code in this way:

lea ecx, byte ptr[0Fh]
_looped:
rdtsc
ror eax, 4
and eax,1111b
imul eax,eax,10
shr eax,4
add al,'0'
mov byte ptr[szOutput+ecx], al
loop _looped

:cool:

hey naughty , nice to see ya

Hey bro, is it all ok? Nice to see you too here! :happy:

Edited by Ox87k
Link to comment
your code generate always the same number (in my case a string with only '5' and '0')
Why :? Is it CPU specific or something with this RDTSC ? Never used it before :'X

Coz I never get same numbers with that code: Blank.rar

Any idea :?

Link to comment

I always just use CryptGenRandom, then mask out how much bits I want. If the number is too big, try again. That's about as random as it gets:

1. CryptGenRandom is almost theoretically perfect. It's much better than rolling your own and it has good entropy.

2. Throwing away stuff you don't want is better than trying to fit it in a range, because it won't introduce bias.

Of course practically even crap random numbers will do, but I like my keygens to be theoretically perfect.

BTW here is a nice snippet to convert AL from 0–15 to '0'–'F':

CMP   AL, 10
SBB AL, 69h
DAS
Edited by MOID
Link to comment
CryptGenRandom
Kewl ! Some days ago I was wondering about all this advapi's crypt functions.

But that one wasn't listed in my API-Guide.. found it in win32.hlp now ofc.

CMP   AL, 10
SBB AL, 69h
DAS

asm in it's leet... thx for the useful hints :>

Link to comment

Why using a hard and unsure way to generate randomly the chars ?? :)

you know MASM includes a random function you can use it in away to get perfectly what you want ^^

i got that algo to work and modified to get a mix between numbers and chars at the same time XD

include masm.incincludelib masm32.lib

As For The Generation Routine Use This Procedure.....

Randomd Proc   INVOKE Sleep,10								
INVOKE GetTickCount
INVOKE nseed,EAX
INVOKE nrandom,0FFFFFFFFh
INVOKE nseed,EAX ;// Don't Ask :P
Again:
INVOKE nrandom,39h;// Max Is "9"
CMP EAX,31h;// Min Is "0"
JL Again1
JMP ENDN
Again1:
INVOKE nrandom,5Ah ;// Max Is "Z"
CMP EAX,41h ;// Min Is "A"
JL Again
ENDN:
RET
Randomd EndPGenerate PROC hWnd: HWND PUSH EDI
PUSH ESI
PUSH EBX INVOKE Randomd ;// Get Random Value
PUSH EAX ;// Save It In Stack For Later Usage
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX PUSH OFFSET sFormat;// %c%c%c%c%c%c%c%c%c%c
PUSH OFFSET sChars
CALL wsprintf INVOKE SetDlgItemText,hWnd,IDC_RANDOMCHARS,ADDR sChars POP EBX
POP ESI
POP EDI RET
Generate ENDP

I hope it works as supposed to ;) Cheers......

Originaly Written By "Canterwood [N-GEN]" Modified By "Angel-55 [FOFF]" !

Link to comment
Why using a hard and unsure way to generate randomly the chars ?? :)

you know MASM includes a random function you can use it in away to get perfectly what you want ^^

i got that algo to work and modified to get a mix between numbers and chars at the same time XD

include masm.incincludelib masm32.lib

As For The Generation Routine Use This Procedure.....

Randomd Proc   INVOKE Sleep,10								
INVOKE GetTickCount
INVOKE nseed,EAX
INVOKE nrandom,0FFFFFFFFh
INVOKE nseed,EAX;// Don't Ask :P
Again:
INVOKE nrandom,39h;// Max Is "9"
CMP EAX,31h;// Min Is "0"
JL Again1
JMP ENDN
Again1:
INVOKE nrandom,5Ah;// Max Is "Z"
CMP EAX,41h;// Min Is "A"
JL Again
ENDN:
RET
Randomd EndPGenerate PROC hWnd: HWND PUSH EDI
PUSH ESI
PUSH EBX INVOKE Randomd;// Get Random Value
PUSH EAX ;// Save It In Stack For Later Usage
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX
INVOKE Randomd
PUSH EAX PUSH OFFSET sFormat;// %c%c%c%c%c%c%c%c%c%c
PUSH OFFSET sChars
CALL wsprintf INVOKE SetDlgItemText,hWnd,IDC_RANDOMCHARS,ADDR sChars POP EBX
POP ESI
POP EDI RET
Generate ENDP

I hope it works as supposed to ;) Cheers......

Originaly Written By "Canterwood [N-GEN]" Modified By "Angel-55 [FOFF]" !

Haha, Angel-55 your still kicking, I like it, you can even use it with gfx, random particles :P

good work mate!

Link to comment
  • 4 months later...

generate random number between 100 and 200

invoke random_number,100,200random_number proc uses ecx edx _min_number:dword,_max_number:dword
@@:
rdtsc mov ecx,_max_number
.if ecx!=0FFFFFFFFh
inc ecx
.endif xor edx,edx
div ecx
mov eax,edx cmp eax,_min_number
jl @B ret
random_number endp
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...