Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

r00t0's KeygenMe

r00t0
r00t0
in KeygenMe

Featured Replies

Posted

Difficulty : 8
Language : C/C++
Platform : Windows 32bit
OS Version : Windows 7+
Packer / Protector : UPX 3.91

Description :

The goal is to write a keygen for it without patching the file. Key must have 5 characters.

Screenshot :

i9BXmX1wQw2v6VuqmJWroA.png

Download :

keygenme.zip

Edited by r00t0

Solved by SmilingWolf

Go to solution 
One correct key: ajjag

Last letter appears to be unused, the sum of the indexes of the first 4 letters inside the alphabet 

abcdefghijklmnopqrtuvwxyz

must equal the index of letter "t" inside said alphabet.

In the serial above:
a = 0 + j = 9 + j = 9 + a = 0 -> 18
Alpha[18] = t
Serial check passed.

How is this a difficulty 8 KeygenMe? Is that some kind of bait? Am I missing something?

    • Like 2
    • Author

    It's not a bait, maybe difficult is 2. And it's not one correct key.

    You correctly solved how to work algorithm. Good work.

    Edited by r00t0

    • Solution

    Yeah, I meant it as "one correct key (among the many possible ones)".

    Attached my keygen in python 2.7
    Some more sample keys: 

    cbdmn
aaatj
gaama

    In general anything that can be solved by hand like that shouldn't get a difficulty rating above 2.

    If I may and you're willing to, can I ask you now to explain how/why my keygen works? :)

    keygen.py

    Edited by SmilingWolf

    • Like 1
    • Author

    Keygen randomize 4 character from pattern (max array length / 3) from array and append to empty array, 5 character are randomized because is not used.

    I understood the question well ?

    There's my algorith to checking key

    Spoiler 
    
	fgets(read,5,stdin);
	int key = 0;
	for (int i=0; i<5; i++)
		for (int j=0; j<25; j++)
			if (read[i] == array2[j])
				key+=j;


     

    Edited by r00t0

    Yeah you got the question.

    I'm generating the first 3 characters randomly, making sure that the sum of their indexes doesn't exceed 18 by simply using indexes between 0 and 6 (len(alpha) - 1 = 18; 18 / 3 = 6). This way the worst case scenario is that I've got 6 + 6 + 6 = g + g + g.
    Then I'm subtrating from the max allowed index (18) the sum of the first three. This way, if the sum was 18 here I simpy get 0, which means "a" gets chosen as fourth letter.

    You said the serial should be 5 letters long, but there's actually no check on the serial's length. Moreover, fgets(char * str, int num, FILE * stream) only memorizes num - 1 entered characters and appends a null byte at the end, which means the last iteration of the loop always checks a null byte instead of a letter, so my keygen would do just as well generating only 4 letters. This totally slipped past me :P

    Edited by SmilingWolf

    • Like 1
    • Thanks 1

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.