Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[KeygenMe] Introduction To x64

Saduff
Saduff
in KeygenMe

Featured Replies

Posted

I've never seen x64 KeygenMes before, so I thought why not write one.

This is my first x64 code. I hope there are no bugs.

I kept the algo fairly simple and wrote it in MASM.

Rules:

- No patching!

- No bruteforcing in keygen!

Since there aren't any great x64 debuggers available,

please tell me what debugger you used to solve this,

so I could get a small overview of what people use for debugging x64 code.

In case you don't know what debugger to use, I'll give you a starting point.

Consider using FDBG. It's also the debugger I used to test this KGM.

Good Luck! smile.png

KeygenMe x64.zip

Edited by Saduff

Are you absolutely sure this is keygennable?

SPOILER ALERT

.

.

.

We have to divide the end value (2^64-255) by the hash (made of name+part2), but obviously the end value is not always evenly dividable by the hash value. How am I supposed to make sure it's a multiple of the hash?

Or am I totally off track here?

EDIT Please don't tell me you want us to calculate the XOR equations in GF(2) cold2.gif

PPS: I found this nice video while looking up SHRD: http://www.youtube.com/watch?v=EXxNiWnkqMo

It's part of a huge series of videos about x64 ASM and interaction with C++

Edited by Killboy

  • Author

I'm pretty sure it's keygennable. I didn't make a keygen myself, but I calculated a serial using my own tool and windows calculator.

You can try this combo for testing:


Saduff
DEADC0DEDEADC0DE-4931A3254B6E53F7
We have to divide the end value (2^64-255) by the hash (made of name+part2), but obviously the end value is not always evenly dividable by the hash value. How am I supposed to make sure it's a multiple of the hash?

I'm not sure I entirely understood everything here, but I don't think this is the way to go.

P.S Does the KGM run properly on your machine? I've experienced some strange behavior.

After some time, the KGM starts to crash immediately on my machine when run. I have to recompile to fix it.

It doesn't even open up in FDBG.

I'm in a deadlock here doh.gif , will give it another try sometime this week.

Anyway, you made me go and code up a new WTL keygen template. Been on my todo list for some time, never got a good reason to do that.

PS: The exe works like a charm on win7

nice little kgm :)

ps: I wasnt able to debug it, coz im still on my xp sp2. and i only disassembled it with ida64.

oh and.. hope, that keygen is working, couldnt test that too :P

keygen.rar

  • Author

Great job qpt^J for solving it without debugging. smile.png

Keygen works too. Only thing is that

it doesn't work with names that have more than 8 chars.

Looks like that's because of the XOR loop:


00401195  |> /AC				  /LODS BYTE PTR [ESI]
00401196  |. |3207				|XOR AL,[EDI]
00401198  |. |AA				  |STOS BYTE PTR ES:[EDI]
00401199  |.^\E2 FA			   \LOOPD SHORT 00401195

In the KGM is this:

000000013FD6124B			488B94CD01FFFFFF			mov rdx,[rbp+rcx*8-000000FF]

The KGM loads the qword from memory as little endian (I think), but your keygen

XOR's byte by byte, starting from most significant byte (big endian).

So, for example, if there's 5361647566660000 in memory, then rdx will be 0000666675646153.

I'm not sure it's actually because of the XOR loop, as I only had a quick look at the keygen,

but that seems like the most likely place for errors.

Anyway, great job for solving it without debugging. smile.png

I just got the crashes you described...

It crashes somewhere before the entrypoint, I had to redownload the file and replace it.

Maybe Windows puts it into compatibility mode, and replacing it removes the attribtues. Definitely weird...

I'm pretty sure it's keygennable. I didn't make a keygen myself, but I calculated a serial using my own tool and windows calculator.

@ Saduff: Just a thought, why not make a 32 bit version of it so we can all try it and see if it is keygennable, it sounds like fun to try despite all the problems mentioned above. I hate to tell you this, but I am certain that others feel the same way, simply "Left Out" cc_confused.gif

Edited by ChOoKi

I thought x64 machines are pretty common by now, they've been around for 8 years now.

PS: am I on the right track with multiplicative inverse in GF(2^64)? Looks like I need a big num lib then

  • Author

@ChOoKi: Well the whole point of this KGM is that it's 64-bit.

If you're running 32-bit Windows, you can still try it on a VM for example,

or you can solve it without debugging, like qpt^J did. tongue.png

-- EDIT --

PS: am I on the right track with multiplicative inverse in GF(2^64)? Looks like I need a big num lib then

Yup, you're on the right track. And actually, there's no need for a big num lib.

It can be done with just the 64-bit registers, or you could use the 128-bit XMM registers.

I once did it for a 32-bit KGM, where I held the integer 0x100000000 over 2 registers (EDX:EAX).

With DIV and MUL instructions, you can extend the integer over 2 registers, RDX:RAX, making it

possible to do calculations with 128-bit integers, and DIV and MUL is all you need.

Edited by Saduff

So far I got it mostly working, but one question:

I could have a fixed first part but I prefer using random numbers. Not all numbers have a multiplicative inverse in GF(2^64), so what's a good way to make sure the random number does, without 'bruteforcing' (ie. drawing numbers until one is relatively prime to the modulo)?

  • Author
Not all numbers have a multiplicative inverse in GF(2^64), so what's a good way to make sure the random number does, without 'bruteforcing' (ie. drawing numbers until one is relatively prime to the modulo)?

I think that's the only way. That kind of "bruteforcing" is allowed. Not using multiplicative inverse is not allowed.

Took long enough, didn't bother randomizing the first part in the end, but I added a 'nice' image effect lol

Intro x64.7z

is there anything not kegenneble that isn't under a big number encryption cipher cryptext?

  • Author

Good job, Killboy. What debugger did you use?

is there anything not kegenneble that isn't under a big number encryption cipher cryptext?

I don't know and I'm not capable of thinking at the moment. biggrin.png

What debugger did you use?

IDA, all the others suck hard

PS. Keep the keygenmes coming! I know most of the regulars laugh about the diffculty level (no debugging! lol), but for me this is easy enough to grasp with the little maths I know, and still fun to implement in C++ without just blindly using GNU MP or Miracle.

Edited by Killboy

if you`re bored, there`s a x64 version of Themida...

Create an account or sign in to comment

Go to topic listing

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.