Posted January 16, 201510 yr Here is a KeygenME i put together today when i had some free time. I know some set of people will solve this under 5 minutes. RulesNo rules.Solutions A working keygen : Gold A Working Serial : SilverPatching : BronzeA Tutorial would be appreciated.Please Do Solve. ** Sorry about the Size. Edit : just Fixed the bug reported by xSRTsect, sorry about that and thanks xSRTsect for reporting. Edit2 : Fixed Another Bug (Hopefully the Last ) that made it impossible to get a valid key even through bruteforce). XorRanger's KeygenME #7 Fixed Final.zip Valid Solutions so Far Office Jesus xSRTsect Edited January 17, 201510 yr by XorRanger
January 16, 201510 yr perhaps you should revise this line: if ( ((*(_WORD *)v6 - 0x10) ^ 0x3D) != 0x4C )
January 16, 201510 yr perhaps you should revise this line: if ( ((*(_WORD *)v6 - 0x10) ^ 0x3D) != 0x4C ) well this is the lower problem, ALT+0129,but few checks later i think is not reversible
January 16, 201510 yr No. I am pretty sure you have screwed this up because of the chartset encoding in utf-16 is different from windows charset versions, mine , the latin alphabet contains no char equivalent to 0x81, for example. http://en.wikipedia.org/wiki/Windows-1252 http://en.wikipedia.org/wiki/Windows_code_page
January 16, 201510 yr if the author use unprintable chars, thats not our fault as for info i know what you say. But one option to use the 0x81 (is like a space) just do it the way i said above click and hold the ALT key then on number Key click 0129 == (0x81) cuz this is what he used as dilimiter.
January 16, 201510 yr if the author use unprintable chars, thats not our fault as for info i know what you say. But one option to use the 0x81 (is like a space) just do it the way i said above click and hold the ALT key then on number Key click 0129 == (0x81) cuz this is what he used as dilimiter. I dont think the message is passing. Did you even read what I just say? if there is no char for 0x81 in the char set, windows will get you another char (I think it chooses the closest one) and program simply no longer reads the value it was supposed to in the first place.
January 16, 201510 yr Author perhaps you should revise this line: if ( ((*(_WORD *)v6 - 0x10) ^ 0x3D) != 0x4C ) First post Updated with fixed version.Thanks.
January 16, 201510 yr Author @XorRanger KeygenMe size is big, what IDE you used to code this, DelphiXE5? XE7.
January 16, 201510 yr How you made this skin?Do you used Castalia when coding? Edited January 17, 201510 yr by Nucleus
January 16, 201510 yr Author How you made this skin.Do you used Castalia when coding? They are VCL Skins and yes i use Castalia.
January 17, 201510 yr No offense here, but have you actually tested the crackme, and are you sure you have a working key?
January 17, 201510 yr Well, something is better than nothing, I suppose. Hopefully my message is humorous. Solution.zip
January 17, 201510 yr Author No offense here, but have you actually tested the crackme, and are you sure you have a working key? I just fixed a bug that made it impossible to get a valid key without patching.sorry about that, i have also tested the version i just fixed and have a valid key for it.please download "XorRanger's KeygenME #7 Fixed Final.zip" in the first post and try again.thanks.
January 17, 201510 yr Author Well, something is better than nothing, I suppose. Hopefully my message is humorous. Solution.zip nice solution. lol. please try again with the fixed version. thanks.
January 17, 201510 yr I just fixed a bug that made it impossible to get a valid key without patching.sorry about that, i have also tested the version i just fixed and have a valid key for it.please download "XorRanger's KeygenME #7 Fixed Final.zip" in the first post and try again.thanks. Unbelievable. I mean I try not to be rude, but who the hell makes a keygen.me and doesn't test the damn program after? **NO F.UCKING SENSE**
January 17, 201510 yr Author Unbelievable. I mean I try not to be rude, but who the hell makes a keygen.me and doesn't test the damn program after? **NO F.UCKING SENSE** i did test it but later made some modifications. my bad.
January 17, 201510 yr XR2015-131-0000-XYYYYYYY-46-0Y123456789X here goes a script to calculate the first part y = "aloinE" s = ";@#y!Z" i = 0 l = "" for x in y: l = l + chr(((ord(s[i])- ord(x)) % 94)+32) i = i + 1 print lAnd here is the final part, where the calculations on the genral matrix are made (unfortunate that you don't do anything else with it, aside from hashing). int __fastcall chck_final(int a1, int a2, signed __int32 a3, int a4, int a5, int a6, int a7, int a8, int a9) { signed __int32 v9; // edi@1 int v10; // esi@1 int v11; // ebx@1 int j_; // esi@1 int j; // ebx@2 int v14; // eax@6 __int64 v15; // rax@7 int v16; // ebx@7 unsigned int v18; // [sp-Ch] [bp-3Ch]@1 _UNKNOWN *v19; // [sp-8h] [bp-38h]@1 int *v20; // [sp-4h] [bp-34h]@1 int i; // [sp+Ch] [bp-24h]@1 int x; // [sp+10h] [bp-20h]@2 int *C_; // [sp+14h] [bp-1Ch]@2 int *C; // [sp+18h] [bp-18h]@1 int *C_arr; // [sp+1Ch] [bp-14h]@1 int *KeyArray; // [sp+20h] [bp-10h]@1 int c_arr_cpy; // [sp+24h] [bp-Ch]@1 int *keyArr_cpy; // [sp+28h] [bp-8h]@1 int **M; // [sp+2Ch] [bp-4h]@1 int savedregs; // [sp+30h] [bp+0h]@1 v9 = _InterlockedExchange((volatile signed __int32 *)&M, a3); v10 = a2; v11 = a1; v20 = &savedregs; v19 = &loc_5E9758; v18 = __readfsdword(0); __writefsdword(0, (unsigned int)&v18); System::__linkproc__ DynArraySetLength(3, 3); System::__linkproc__ DynArraySetLength(9, v18); DynArrayMake((int)&KeyArray, (int)&var_11h); System::__linkproc__ DynArraySetLength(9, v18); *KeyArray = v11; KeyArray[1] = v10; KeyArray[2] = v9; KeyArray[3] = a4; KeyArray[4] = a5; KeyArray[5] = a6; KeyArray[6] = a7; KeyArray[7] = a8; KeyArray[8] = a9; copy((int)&keyArr_cpy, (int)KeyArray, (int)&var_11h); DynArrayMake((int)&C_arr, (int)&var_11h); System::__linkproc__ DynArraySetLength(3, v18); *C_arr = 0; C_arr[1] = 1; C_arr[2] = 2; copy((int)&c_arr_cpy, (int)C_arr, (int)&var_11h); j_ = 0; copy((int)&C, c_arr_cpy, (int)&var_11h); for ( i = 0; ; ++i ) { v14 = System::__linkproc__ LStrLen(C); if ( v14 <= i ) break; x = C[i]; copy((int)&C_, c_arr_cpy, (int)&var_11h); for ( j = 0; j < System::__linkproc__ LStrLen(C_); ++j ) { M[x][C_[j]] = j_ + keyArr_cpy[j_]; ++j_; } DynArrayMake((int)&C_, (int)&var_11h); } DynArrayMake((int)&C, (int)&var_11h); v15 = (M[2][1] * *M[1] - *M[2] * M[1][1]) * (*M)[2] + (M[2][2] * M[1][1] - M[2][1] * M[1][2]) * **M - (M[2][2] * *M[1] - M[1][2] * *M[2]) * (*M)[1]; v16 = (HIDWORD(v15) ^ v15) - HIDWORD(v15); __writefsdword(0, v18); v20 = (int *)&loc_5E975F; sub_40A7A8(&C_, &var_11h, 6); DynArrayMake((int)&M, (int)&byte_5E9498); return v16; }
Create an account or sign in to comment