Jump to content
Tuts 4 You

[Keygenme] XorRanger's KeygenMe 2


XorRanger

Recommended Posts

Hello All,

This is My Second KeygenMe in Delphi

Solution: Only Keygens Are Allowed.

A Tutorial Would Be An Added Bonus.

Language: Delphi

Packer: UPX. Simply Use "upx -d " to Decompress

Level: You Decide.

Please Solve. Thanks

http://up.ht/1dPLT9w

Edited by XorRanger
  • Like 2
Link to comment

this was very difficult for me, thanks for challenge.



XorString db 'THERMODYNAMICS',0 .code Gen proc uses edi esi ebx hWnd:HWND
local dwLen: DWORD
local lpRes[64]: BYTE invoke GetDlgItemText,hWnd,IDC_NAME,addr szName,SizeOf szName .if eax
mov dwLen,eax
lea esi, szName
xor ecx,ecx
.while byte ptr[esi] != 0
xor eax,eax
lodsb
xor al, byte ptr[XorString][ecx]
push ecx
invoke wsprintf,addr lpRes,CTEXT("%d"),eax
invoke lstrcat,addr szKey,addr lpRes
pop ecx
inc ecx
.if ecx > 0Dh
xor ecx,ecx
.endif
.endw
invoke lstrlen,addr szKey
invoke CRC16,0, addr szKey, eax invoke wsprintf,addr lpRes,CTEXT("-%X"), eax
invoke lstrcat,addr szKey,addr lpRes
.else
invoke SetDlgItemText,hWnd,IDC_KEY,CTEXT("Name! ?")
ret
.endif
invoke SetDlgItemText,hWnd,IDC_KEY, addr szKey
Ret
Gen endp

 


may be, i did code it the way you thought as in your code is a bug, e.g. if the name is > then the xorstring the next xoring value is taken from nirvana !


but i could be wrong.


Edited by sama
  • Like 1
Link to comment

@sama, Good Job. It Was Not A Bug, It Was Intentional.

Here is The Snippet

Constant := 'THERMODYNAMICS';

if

I < Length(Constant)

then

begin

TempXor := Ord(Name) Xor Ord(Constant);

TempXorString := TempXorString + IntToStr(TempXor);

end

else

begin

TempXor := Ord(Name) Xor Ord(Constant[Length(Name) - Length(Constant)]);

TempXorString := TempXorString + IntToStr(TempXor);

end;

  • Like 1
Link to comment

not need snippet


 


lets say name is 29 chars


constant is 14 chars


 


so now 29 -14 == 15 (hope i calculate right)


 


according to your code now char name[15] is xored with char at constant[15]


but there is nothing except garbage (in this example would be a 00 due the fact that string is zero ended.


 


anyway, as said before, i could be wrong, maybe a specialist like Chooki(we all know of his capabilities) would enlight us.


Edited by sama
  • Like 1
Link to comment

It wasn't a big issue, that's why my solution had already taken care of it by:


 


1) Limiting NameBox to 28 characters.


2) showing message 'Name length should be 1~28'


 


:peace:


  • Like 2
Link to comment

thanks Chooki, now i know why i used this line



if uMsg == WM_INITDIALOG
invoke GetDlgItem,hWnd, IDC_NAME
invoke SendMessage,eax,EM_LIMITTEXT,28,0
Link to comment
  • 4 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...