[KeygenMe] KeyGen Me #3

[GioTiN]

hi All People Of This Board & All Crackers iN The World

I Supply KeyGen Me #3 For You

Note : Not Allow To Serial Fishing Or Patching , Just Written KeyGen

Link :

http://rapidshare.com/files/129396297/KeyG...H_Team.rar.html

Regards , GioTiN - Under SEH Team

KeyGen_Me__3_Under_SEH_Team.rar

Edited August 19, 2008 by HVC
Keygenme attached on topic

[DrPepUr]

DrPePUr

GuShsX52040638UnderSEH

[GioTiN]

Not Allow To Serial Fishing

[DrPepUr]

Here.... next plz

Keygen3.rar

Edited July 13, 2008 by DrPepUr

[sama]

GioTin,

this one is easier then previuos one

anyway, tnx for it.

[qOdbOp]

filepatio.com/8200

[enhzflep]

[EDIT] (really badly formatted) Source removed.

Added as attachment. Anybody got an idea why this function doesn't run properly when it's compiled into a winGui project? Works fine in the console, but sux serious a$$ when used to provide the string for a messagebox or an edit control..

_GioTiN__KeyGen_Me__3.zip

Edited July 15, 2008 by enhzflep

[Short-Circuit]

Here's My Keygen

Cesar Cipher + Simple Math + Hardcoded

Laterz,

Short-Circuit

UnderSEHKGNME.Keygen.zip

[planethax]

I am stuck;

not sure how to calculate middle section, I see it changes by how many characters there are in name?

1 1234567890

2 -1825831516

3 -591263626

4 643304264

5 1877872154

6 52040638

7 1286608528

8 -1773790878

9 -177379087

10 -539222988

11 695344902

12 1929912792

Can some one point me in the correct direction here?

Thanx

[DrPepUr]

Length of name * 1234567890d

Doc

[planethax]

Length of name * 1234567890d

Doc

I still cant find it

2 * 1234567890 = 2469135780 not -1825831516

probably so simple, but I just dont get it?

[xsp!d3r]

where is the D char ?!

and the result is 2 * 1234567890 = 2468ACF121A and not 2469135780 !! do you know why cuz you calculate it in Decimal value O_o so that it's Hexadecimal !!

[HVC]

Length of name * 1234567890d

Doc

I still cant find it

2 * 1234567890 = 2469135780 not -1825831516

probably so simple, but I just dont get it?

The tool:

http://nfotemple.free.fr/site_cryptokg/too...scalculator.zip

You might want also to check differences between signed/ unsigned integers.

http://en.wikipedia.org/wiki/Integer_(computer_science)

Good luck.

Edited August 14, 2008 by HVC

[planethax]

Thanx HVC for that link and 32 bit Calc.

I have alsoread that page (twice) but still not completely comprehending it.

Could some one explain how to use this Calc? (32 bit) Can only input 8 characters.

I have tried 1 character at a time, and every option.

Thanx for the help guyz.

[enhzflep]

The calculator's operand inputs are in hexidecimal, so being 32bits n all, you can only enter 8 chars

e.g FFFFFFFF

It is used to show the numerical/bit result of using any of the instructions, without having to use a debugger

or your head/a calculator. Also, note that the decimal displays of all numbers are in signed notation so FFFFFFFF = -1, not 4294967295, like you may expect.

[planethax]

Ok, I am getting closer

1234567890 to hex = 499602D2

499602D2 *(len of name - eg 20 characters) 20 to hex = 14

499602D2h * 20h = BFB83868

32BIT calc -01078445976d

I am asuming -01078445976d is Decimal

However, is I use my calculator

499602D2h * 14h = BFB83868

Now if I convert BFB83868 to Decimal I get 3216521320

not -1078445976

So it must not be decimal??

I am getting closer, just not there yet.

Thanx

[DrPepUr]

Put down your calculator, and use the one HVC gave you.

Here is source for keygen, if u notice after the multiplication it calls wsprintf with format string "%d"

if you switch that to "%lu" it will line up with results from your calculator. Which would be wrong.

here is a link to msdn about the wsprintf function http://msdn.microsoft.com/en-us/library/ms647550(VS.85).aspx

use in conjunction with the wiki page above and things should clear up.

.data 
sFormat db "%d",00
.data?
NameBuffer db 100 dup(?)
SerialBufferX db 100 dup(?)
SerialBuffer db 100 dup(?)
.codeKeygen proc hWnd:DWORDLocal sLen:DWORD
Local sSum:DWORD
Local Local3:DWORD
Local Local4:DWORD
Local Serial1:DWORDinvoke RtlZeroMemory,addr NameBuffer,sizeof NameBuffer *3
	invoke GetDlgItemText,hWnd,IDC_NAME,addr NameBuffer,sizeof NameBuffer
	.if eax
		mov sLen,eax
		mov edi,eax
		.repeat
			add byte ptr ds:[NameBuffer +edi -1],3
			dec edi
		.until edi == 00
		mov eax,sLen
		dec eax
		mov byte ptr ds:[NameBuffer +eax],00
		mov eax,sLen
		mov ebx,499602D2h
		imul eax,ebx
		mov sSum,eax
		invoke wsprintf,addr SerialBuffer,addr sFormat,eax
		invoke lstrcat,addr NameBuffer,addr SerialBuffer
		invoke lstrcat,addr NameBuffer,SADD("UnderSEH")
		invoke SetDlgItemText,hWnd,IDC_SERIAL,Addr NameBuffer
	.endif	Ret
Keygen EndP

[planethax]

I guess my main problem is I do not know Asembly Lang, I work with VB

(I have downloaded and am currently reading a book on ASM)

So I have been trying to figure out how to convert BFB83868 to -1078445976 in VB6

Thanx for all your help guyz, very appreciated!!!

[sciolist]

crack

[redblkjck]

I guess my main problem is I do not know Asembly Lang, I work with VB

(I have downloaded and am currently reading a book on ASM)

So I have been trying to figure out how to convert BFB83868 to -1078445976 in VB6

Thanx for all your help guyz, very appreciated!!!

Here is what you are looking for. UnsignedToLong imul is signed Signed: −2,147,483,648 to +2,147,483,647 vs Unsigned: 0 to +4,294,967,295

.http://support.microsoft.com/kb/189323

Edited August 16, 2008 by redblkjck

[Hoax3r]

it is so simple if a last bit of number be 1 (in sign number) it mean it's negative

so BFB83868h in binary is 10111111101110000011100001101000 the last bit is 1 thus it's negative

for converting to negative decimal we use this algo

mov eax, BFB83868
dec eax
not eax

eax now is 4047C798h and 1078445976 in decimal, and we know it's negative -1078445976

Edited August 16, 2008 by Hoax3r

[planethax]

it is so simple if a last bit of number be 1 (in sign number) it mean it's negative

so BFB83868h in binary is 10111111101110000011100001101000 the last bit is 1 thus it's negative

for converting to negative decimal we use this algo

mov eax, BFB83868
dec eax
not eax

eax now is 4047C798h and 1078445976 in decimal, and we know it's negative -1078445976

Thank you, I have it now.

I am just working out the procedure for the Ceasar Cypher in VB^ and I will post my keygen.

[planethax]

Well, this was pretty easy to fish;

however, Keygenning proved to be difficult for me.

The "Simple" math wasn't so simple for me to grasp.

I think the hardest for me, was coming up with a function in VB6 to handle Hex strings larger than 8 characters.

Ne ways, here is my Keygen.

Please check it out and let me know if it is working for you, I almost gave up lol, this was quite the task for this Newb!

http://rapidshare.com/files/138496693/KeyG...netHax.zip.html

To help out others with this if they use VB6, here is the core of the code used;

DO NOT LOOK IF YOU DONT WANT THE ANSWERS!!!!

Private Sub Command1_Click()
Dim P1 As String
Dim P2 As String
Dim P3 As String
Dim P4 As String
Dim P5 As String
Dim P7 As String
If Text1.Text = "" Then
MsgBox "Entering a Name is required"
Else
P1 = Text1.Text   'name
P2 = Len(P1)	  ' name length
P3 = P2 - 1		' name length - 1
P4 = Mid(P1, 1, P3)	' name - 1
P5 = Ceasar(P4)
P7 = HexMulti(CLng("&H499602D2"), CCur(Len(Text1.Text)))
Text2.Enabled = True
Text2.Text = P5 & P7 & "UnderSEH"
End If
End Sub
Function Ceasar(sText As String) As String
	Dim i As Long
	Ceasar = Space$(Len(sText))
	For i = 1 To Len(sText)
		Mid$(Ceasar, i, 1) = Chr$((Asc(Mid$(sText, i, 1)) + 3) Mod 256)
	Next
End Function
Public Function HexMulti(ByVal Value As Long, ByVal Multiplier As Currency) As Long
	If Value < 0 Then
		Multiplier = (CCur(Value And &H7FFFFFFF) + 2147483648@) * Multiplier
	Else
		Multiplier = Value * Multiplier
	End If
	Do While Multiplier >= 4294967296@
		Multiplier = Multiplier - 4294967296@
	Loop
	If Multiplier >= 2147483648@ Then
		HexMulti = Multiplier - 4294967296@
	Else
		HexMulti = Multiplier
	End If
End Function

KeyGen_Me__3_PlanetHax.zip

Edited August 19, 2008 by planethax