SHADOW_UA Posted February 26, 2014 Posted February 26, 2014 My first .NET KeygenMe Protection: AppFuscator The goal is to find a valid key for your name and hardware id. No patching allowed. good luck KeygenMe_SHADOW_1.zip 1
GIV Posted February 27, 2014 Posted February 27, 2014 Obfuscating the keygenme is not a gentle approach. I hate these things. 2
GIV Posted February 27, 2014 Posted February 27, 2014 Then the author must decide: 1. Keygenmeor2. Unpackme Is kinda lame to do such things.
SHADOW_UA Posted February 27, 2014 Author Posted February 27, 2014 As I already stated in topic title it is KeygenMe.
GIV Posted February 27, 2014 Posted February 27, 2014 (edited) Then put the original compiled file. Not obfuscated.What we keygen?We must first unpack.Or someone who knows better these things put the unprotected file. Edited February 27, 2014 by GIV 1
SHADOW_UA Posted February 27, 2014 Author Posted February 27, 2014 Then put the original compiled file. Not obfuscated. What we keygen? We must first unpack. Or someone who knows better these things put the unprotected file. Then unpack it firstly. You are free to do anything to make a keygen. It is the final goal.
GIV Posted February 27, 2014 Posted February 27, 2014 Then unpack it firstly. You are free to do anything to make a keygen. It is the final goal. Lol Lame.
Dreamer Posted February 27, 2014 Posted February 27, 2014 (edited) Edited February 27, 2014 by Dreamer 1
GIV Posted February 27, 2014 Posted February 27, 2014 unpacked KeygenMe-cleaned_fix.rar This is not unpacked. I ran through ded4dot also. Nice try anyway. I see this as a joke. What you understand from this code: Public Shared Function smethod_10(ByVal object_7 As Object, ByVal object_8 As Object) As String ' This item is obfuscated and can not be translated. Dim num2 As Integer = (0 + &H79) Dim obj2 As Object = *?(*Class4.intptr_0((&H79 - &H79)).GetBytes(CStr(object_8))) Dim obj3 As Object = New StringBuilder Dim num As Integer = 0 Label_00FF: num2 = ((num2 And -26) Or 130) If ((num >= obj2.Length) AndAlso ((<Module>.int_2 / &HEE58) <> &H7BA9EBEC)) Then Return obj3.ToString End If Do While True If (-(-268435456 * num) <> -9119) Then End If *?(*?(<Module>.smethod_18((Type.EmptyTypes.Length + &H53D), (SizeOf(Single) + &H78C), (Type.EmptyTypes.Length + &H63)))) If ((((num Mod &H752072) + &H27B) Xor &H400000E4) <> 0) Then num += 1 If (((num / &H10000000) + &H20000000) <> ((&H10 * num) * &H4000000)) Then goto Label_00FF End If End If Loop End Function Public Shared Function smethod_10(ByVal object_7 As Object, ByVal object_8 As Object) As String ' This item is obfuscated and can not be translated. Dim num2 As Integer = (0 + &H79) Dim obj2 As Object = *?(*Class4.intptr_0((&H79 - &H79)).GetBytes(CStr(object_8))) Dim obj3 As Object = New StringBuilder Dim num As Integer = 0 Label_00FF: num2 = ((num2 And -26) Or 130) If ((num >= obj2.Length) AndAlso ((<Module>.int_2 / &HEE58) <> &H7BA9EBEC)) Then Return obj3.ToString End If Do While True If (-(-268435456 * num) <> -9119) Then End If *?(*?(<Module>.smethod_18((Type.EmptyTypes.Length + &H53D), (SizeOf(Single) + &H78C), (Type.EmptyTypes.Length + &H63)))) If ((((num Mod &H752072) + &H27B) Xor &H400000E4) <> 0) Then num += 1 If (((num / &H10000000) + &H20000000) <> ((&H10 * num) * &H4000000)) Then goto Label_00FF End If End If Loop End Function 1
kao Posted February 27, 2014 Posted February 27, 2014 (edited) EDIT: just for kicks - patch to accept any serial. 00002234: 39 2600002235: B4 00EDIT2: ok, it's keygenable. somehow. can't be bothered to spend my time on it. name: kaokao hwid: T4Y-E701F0-0206A7-1C380B sn: I72LEX-A5JGI-IDPWR-HFDLG-RWXOM-5ZGFH-IG1A33 Edited February 27, 2014 by kao 2
GIV Posted February 27, 2014 Posted February 27, 2014 Was the only one who is skilled enough in these things and quick enough to answer.
kao Posted February 27, 2014 Posted February 27, 2014 Sorry guys, I was wrong, it is keygennable. My mistake is in trying to be quick.. You just need to rip some code from crackme, and you have the keygen.. 1
SHADOW_UA Posted February 27, 2014 Author Posted February 27, 2014 (edited) EDIT: just for kicks - patch to accept any serial. 00002234: 39 2600002235: B4 00EDIT2: ok, it's keygenable. somehow. can't be bothered to spend my time on it. name: kaokao hwid: T4Y-E701F0-0206A7-1C380B sn: I72LEX-A5JGI-IDPWR-HFDLG-RWXOM-5ZGFH-IG1A33 Sorry, but the valid name and registration key for your hwid are kaokao I72UQX-A5JGI-ILZ0R-GRDLG-RWNCD-5TOQH-IG1I34 Edited February 27, 2014 by SHADOW785
Solution kao Posted February 27, 2014 Solution Posted February 27, 2014 Unless I made a copy-paste mistake, that's the combination that worked for me. Considering that I haven't had my morning coffee yet, it's entirely possible. Here's the patch for self-keygen: 0000236E: 28 26 0000236F: 13 26 00002370: 00 26 00002371: 00 11 00002372: 06 07 3
SHADOW_UA Posted February 27, 2014 Author Posted February 27, 2014 Unless I made a copy-paste mistake, that's the combination that worked for me. Considering that I haven't had my morning coffee yet, it's entirely possible. Here's the patch for self-keygen: 0000236E: 28 26 0000236F: 13 26 00002370: 00 26 00002371: 00 11 00002372: 06 07 Very nice! Marked your answer as Solved.
GIV Posted February 27, 2014 Posted February 27, 2014 No patching allowed. You sayd what is spelled upper. I don't understand. Marked as solved...
ChOoKi Posted February 27, 2014 Posted February 27, 2014 Not sure what to make of this. It started as a "keygenme", soon after it turned to "unpackme", now is marked "answered" after a self-keygen patch? "Confuser"? 2
kao Posted February 27, 2014 Posted February 27, 2014 * The biggest obstacle of this keygenme is Appfuscator. There is no ready-made unpacker and you can't easily find which procedure is responsible for what. * The biggest weakness of the keygenme is that it has code that generates correct serial. * Do you want to spend few hours deobfuscating Appfuscator - and then just rip the code? I don't. That's the reason why I decided to post patches. Patching requires good understanding of obfuscated code, and it's harder than it seems. 1
GIV Posted February 27, 2014 Posted February 27, 2014 * Do you want to spend few hours deobfuscating Appfuscator - and then just rip the code? I don't. That's the reason why I decided to post patches. Patching requires good understanding of obfuscated code, and it's harder than it seems. In your logic no keygenme will ever be keygenned because is harder to find patch spots than "rip" the code into a keygen. 1
kao Posted February 27, 2014 Posted February 27, 2014 There are crackmes which generate correct serial - I call them "CrapMEs". Any trained monkey can rip the code - and won't learn anything in a process.If this crackme required me to actually write some code to solve it, I'd happily do that.
ChOoKi Posted February 27, 2014 Posted February 27, 2014 (edited) Keygenning .net seems to follow one path, one does not need to understand the code fully to make a keygen, copy and paste what you see and you're done. What i don't understand here is why would the author accept and walk away with a patch for his keygenme? was it not worth coding or ....? Edited February 27, 2014 by ChOoKi 1
Dreamer Posted February 27, 2014 Posted February 27, 2014 (edited) Edited February 27, 2014 by Dreamer 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now