Levis Posted March 29, 2012 Share Posted March 29, 2012 (edited) Here is a new keygenme for you. Try to keygen it Patching is not allowed Serial fishing is acceptable Keygen is the best solution Level: 3/10 Language: Delphi Image: Download: http://www.mediafire...b8f11wr9b5a9t9r Good luck! keygenme#2.zip Edited March 29, 2012 by Levis Link to comment Share on other sites More sharing options...
DE! Posted March 29, 2012 Share Posted March 29, 2012 (edited) DE!MCC1E38743884D4444Here's a quick and dirty keygen with Lazarus/Freepascal source included.I think there's a bug in your keygen. In some cases there's an array item that doesn't get filled up but is used in further calculations.. I don't know if its on purpose or not.. that why i manually nserted this value (0x4365F7) into the calculations array (see source).00466E10 |> 8B45 FC /mov eax, dword ptr [ebp-4]00466E13 |. |0FB64438 FF |movzx eax, byte ptr [eax+edi-1]00466E18 |. |8B55 FC |mov edx, dword ptr [ebp-4]00466E1B |. |0FB6541A FF |movzx edx, byte ptr [edx+ebx-1]00466E20 |. |03C2 |add eax, edx00466E22 |. |89849D 10F8FF>|mov dword ptr [ebp+ebx*4-7F0], eax00466E29 |. |43 |inc ebx00466E2A |. |4F |dec edi00466E2B |. |3B5D F0 |cmp ebx, dword ptr [ebp-10]00466E2E |. |74 08 |je short 00466E3800466E30 |. |8B45 F0 |mov eax, dword ptr [ebp-10]00466E33 |. |40 |inc eax00466E34 |. |3BF8 |cmp edi, eax00466E36 |.^\75 D8 \jnz short 00466E1000466E38 |> 8B45 FC mov eax, dword ptr [ebp-4]00466E3B |. 8B55 F0 mov edx, dword ptr [ebp-10]00466E3E |. 0FB64410 FF movzx eax, byte ptr [eax+edx-1]00466E43 |. 8B55 FC mov edx, dword ptr [ebp-4]00466E46 |. 8B4D F0 mov ecx, dword ptr [ebp-10]00466E49 |. 0FB6140A movzx edx, byte ptr [edx+ecx]00466E4D |. 03C2 add eax, edx00466E4F |. 8B55 F0 mov edx, dword ptr [ebp-10]00466E52 |. 898495 10F8FF>mov dword ptr [ebp+edx*4-7F0], eax[/font]Gives :0012EE4C CC 00 00 00 CC 00 00 00 F7 65 43 00 CC 00 00 00 Ì...Ì...÷eC.Ì...Thanks!KeyGenMe#2.rar Edited March 29, 2012 by DE! 1 Link to comment Share on other sites More sharing options...
hepL3r Posted March 29, 2012 Share Posted March 29, 2012 My Keygen is ASM BR hepL3r keygen.rar Link to comment Share on other sites More sharing options...
Levis Posted March 29, 2012 Author Share Posted March 29, 2012 Oh, many thank for trying this, DE!. Really have a bug in my keygenme. But, in my code, i can't realize it . Thank for your information and HepL3R too, all of you did a great job, which incredible speed. Best of luck Link to comment Share on other sites More sharing options...
C0M3ND4D0R Posted March 29, 2012 Share Posted March 29, 2012 My contribution.... @keygenme_00466EAB: MOV EAX, DWORD PTR DS:[EBX] ADD DWORD PTR SS:[EBP-0Ch], EAX LEA ECX, DWORD PTR SS:[EBP-0FC4h] MOV EDX, 1 MOV EAX, DWORD PTR DS:[EBX] CALL @keygenme_00408294 ;<= Jump/Call Address Not Resolved MOV EAX, DWORD PTR SS:[EBP-0FC4h] CALL @keygenme_004044DC ;<= Jump/Call Address Not Resolved ADD DWORD PTR SS:[EBP-018h], EAX LEA ECX, DWORD PTR SS:[EBP-0FC8h] MOV EDX, 1 MOV EAX, DWORD PTR DS:[EBX] CALL @keygenme_00408294 ;<= Jump/Call Address Not Resolved MOV EDX, DWORD PTR SS:[EBP-0FC8h] LEA EAX, DWORD PTR DS:[ESI+031Ch] CALL @keygenme_004044E4 ;<= Jump/Call Address Not Resolved ADD EBX, 4 DEC DWORD PTR SS:[EBP-01Ch] JNZ @keygenme_00466EAB Serial Code: 9530604491346744594333243 332 + 9530604491346744594333243 + 43 33295306044913467445943 DS:[01D22308]=01D2467C, (ASCII "33295306044913467445943") Link to comment Share on other sites More sharing options...
DE! Posted March 30, 2012 Share Posted March 30, 2012 (edited) Oh, many thank for trying this, DE!. Really have a bug in my keygenme. But, in my code, i can't realize it . Thank for your information and HepL3R too, all of you did a great job, which incredible speed. Best of luck When you try "fffffff" as registration name this happens : 00466E10 |> 8B45 FC /mov eax, dword ptr [ebp-4] 00466E13 |. |0FB64438 FF |movzx eax, byte ptr [eax+edi-1] 00466E18 |. |8B55 FC |mov edx, dword ptr [ebp-4] 00466E1B |. |0FB6541A FF |movzx edx, byte ptr [edx+ebx-1] 00466E20 |. |03C2 |add eax, edx 00466E22 |. |89849D 10F8FF>|mov dword ptr [ebp+ebx*4-7F0], eax <---- Full up array 00466E29 |. |43 |inc ebx 00466E2A |. |4F |dec edi 00466E2B |. |3B5D F0 |cmp ebx, dword ptr [ebp-10] 00466E2E |. |74 08 |je short 00466E38 00466E30 |. |8B45 F0 |mov eax, dword ptr [ebp-10] 00466E33 |. |40 |inc eax 00466E34 |. |3BF8 |cmp edi, eax 00466E36 |.^\75 D8 \jnz short 00466E10 Initially this buffer has the following content : 0012EE4C AE 0F 3D 00 D0 0A 96 00 F7 65 43 00 80 EE 12 00 0012EE5C 0E 66 43 00 16 66 43 00 1C EF 12 00 20 66 43 00 After the above code you'll get this : 0012EE4C CC 00 00 00 CC 00 00 00 F7 65 43 00 80 EE 12 00 0012EE5C 0E 66 43 00 16 66 43 00 1C EF 12 00 20 66 43 00 The next piece of code will add the last dword to the array : 00466E38 |> \8B45 FC mov eax, dword ptr [ebp-4] 00466E3B |. 8B55 F0 mov edx, dword ptr [ebp-10] 00466E3E |. 0FB64410 FF movzx eax, byte ptr [eax+edx-1] 00466E43 |. 8B55 FC mov edx, dword ptr [ebp-4] 00466E46 |. 8B4D F0 mov ecx, dword ptr [ebp-10] 00466E49 |. 0FB6140A movzx edx, byte ptr [edx+ecx] 00466E4D |. 03C2 add eax, edx 00466E4F |. 8B55 F0 mov edx, dword ptr [ebp-10] 00466E52 |. 898495 10F8FF>mov dword ptr [ebp+edx*4-7F0], eax And your buffer becomes : 0012EE4C CC 00 00 00 CC 00 00 00 F7 65 43 00 CC 00 00 00 0012EE5C 0E 66 43 00 16 66 43 00 1C EF 12 00 20 66 43 00 Those values are then being used in the next part : 00466E59 |> \BB 01000000 mov ebx, 1 00466E5E |. BF 01000000 mov edi, 1 00466E63 |> 8B849D 10F8FF>/mov eax, dword ptr [ebp+ebx*4-7F0] 00466E6A |. 8984BD 40F0FF>|mov dword ptr [ebp+edi*4-FC0], eax 00466E71 |. 8B45 EC |mov eax, dword ptr [ebp-14] 00466E74 |. 2BC3 |sub eax, ebx 00466E76 |. 8B55 FC |mov edx, dword ptr [ebp-4] 00466E79 |. 0FB64402 FF |movzx eax, byte ptr [edx+eax-1] 00466E7E |. 8984BD 44F0FF>|mov dword ptr [ebp+edi*4-FBC], eax 00466E85 |. 83C7 02 |add edi, 2 00466E88 |. 43 |inc ebx 00466E89 |. 8B45 F0 |mov eax, dword ptr [ebp-10] 00466E8C |. 40 |inc eax 00466E8D |. 3BD8 |cmp ebx, eax 00466E8F |.^ 75 D2 \jnz short 00466E63 So this "0x004365f7" is also used within the serial calculation but is never actually initialised If you run this through the keygen without anticipating on this you wil get the following serial : Name : fffffff Serial : 117C06CC66CC6611787066CC66 Which doesn't work. when inserting this value before making our serial calculations you'll get this : Name : fffffff Serial : 43698DCC66CC664365F766CC66 And that one works.. So there's a possible bug It only happens with a small number of names.. @ hepL3r : When entering "fffffff", "ffffffff", "fffffffffff" and so on in your keygen you get "00066" as serial number... The same with "[DE!MCC]".. You'll get "0005B" as serial... Edited March 30, 2012 by DE! Link to comment Share on other sites More sharing options...
hepL3r Posted March 30, 2012 Share Posted March 30, 2012 yeah after testing some other serials I found out that there is a bug but I didn't work on this so much @Levis: waiting for new keygen me Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now