Jump to content
Tuts 4 You

Simple KeygenMe

Go to solution Solved by Washi,

Recommended Posts

Difficulty : 2 (I guess)
Language : C++ 
Platform : Windows
OS Version : All
Packer / Protector : None

Description :

It is a simple keygenme challenge. Coded in C++, solution is only a working keygen.

Screenshot :



KeygenMe #2.rar

Link to comment
Share on other sites

  • 7 months later...
  • Solution

User: washi

User: tuts4you



Tools used: Started with Ghidra, filled some gaps with IDA as Ghidra sometimes gave me incorrect or incomplete pseudo code.

1. Figure out the serial verification algorithm:

  • Entrypoint looks a lot like a standard entrypoint that calls WinMain. Navigate to the WinMain (FUN_00401690), and notice the call to DialogBoxParamA with the associated DialogFunc (FUN_00401510) referenced.
  • Go to the DialogFunc procedure, and notice the if statements that decide on the messagebox to be shown. From this we find our checkSerial function (FUN_004013b0).
  • Notice that checkSerial repeats the username (including the trailing zero byte) until it is exactly 16 characters long, concatenates this with a hash computed by FUN_00401280, and then finally computes a checksum of the end result. A license is valid if the lower two bytes of this checksum are equal to the last two bytes of the serial hash.

2. Create keygen

  • Recreate the keygenme using C#.
  • Generate a random serial, test for validity and repeat the process if it is not.

I understand that this might be considered cheating, as it's more of a bruteforce method rather than actually reversing the algorithms. I ran out of time, and might do a proper keygen later. Nevertheless, bruteforcing a key is very fast on my machine, usually takes less than a second.



Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...