Jump to content
Tuts 4 You

[keygenme] keygenme 2


mudlord

Recommended Posts

yeah, that looks like a off-by-4 bug to me, too.

Looks like you are comparing the return address instead of the serial dword.

e.g.

 

 

00402929                         .  3985 9CFCFFFF                 CMP DWORD PTR SS:[EBP-364],EAX

 

stack:

 

0012F554      2A323106 //value that is in eax, too0012F558      E9988CC8 //actual part of serial0012F55C      77F16BF2  RETURN to GDI32.77F16BF2 //some return addresss

state/pane:

 

EAX=2A323106Stack SS:[0012F55C]=77F16BF2 (GDI32.77F16BF2)

 


Or mybe it`s just a nifty trick? ;)


 

Link to comment

looks like you are running into issues with the obfu/antidebug (used BeaJunker macros ported to C) :< If people prefer, I could leave the packing code as-is and remove the obfu in the checking code? Not sure why it would be interfering though.


Edited by mudlord
Link to comment

For my hardware


mudlord


N+NGKVDLDk+8pESolBZYNNvZVQHqd6oNQTpQn+Mf2Gs=


 


was intending the crackme to be HWID based, should have added a HWID label in the crackme :<


Edited by mudlord
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...