Sean's KeyGenMe - Simple Tricks

I coded a keygenme, simple tricks.

I hope you enjoy your time trying to solve this!

File Information

Submitter lovejoy226

Submitted 12/31/2021

Category KeygenMe

View File

Example keys:

Spoiler

washi: B604404A000831E195B4291B3F35A23F5B6B7592
tuts4you: DD6850E979CB255113546C9F0045C863B63CE83100497814DD6850E900497814

Approach:

Spoiler

Problem with this keygenme is that the input serial key is compared to the correct serial key directly using string comparison. This means the app generates a correct serial itself, which means the "only" thing to do is finding this algorithm in a decompiler and copy it for a keygen.

• Open in Ghidra, notice it's an MFC app so no "obvious" entrypoint
• Run app, notice app shows a message box after a bad input was put in.
• XRef for MessageBoxW calls and find function FUN_004019b0 which contains both the serial generation algorithm , as well as the two good and bad boy messagebox calls.
• Algorithm is pretty simple: For every character c, compute c^5 * j, where j is any number between 1 and 0x91. The results are concatenated using an uppercase hex format. Final string is reversed. If any of these j's work, then it is a valid serial.
• For a keygen, just pick a random j and do exactly the same to produce a serial:
• keygen.py

 

Edited January 1, 20223 yr by Washi

Washi. Conratulations. You fully analyzed the algorithm of my keygenme. Thank you for your attention.

regards.

sean.