Jump to content
Tuts 4 You

Sean's KeyGenMe - Simple Tricks

Sean Park

By Sean Park
in KeygenMe

 Share

Recommended Posts

Washi

Washi

Posted
Posted (edited)

Example keys:

Spoiler

washi: B604404A000831E195B4291B3F35A23F5B6B7592
tuts4you: DD6850E979CB255113546C9F0045C863B63CE83100497814DD6850E900497814

Approach:

Spoiler

Problem with this keygenme is that the input serial key is compared to the correct serial key directly using string comparison. This means the app generates a correct serial itself, which means the "only" thing to do is finding this algorithm in a decompiler and copy it for a keygen.

  • Open in Ghidra, notice it's an MFC app so no "obvious" entrypoint
  • Run app, notice app shows a message box after a bad input was put in.
  • XRef for MessageBoxW calls and find function FUN_004019b0 which contains both the serial generation algorithm , as well as the two good and bad boy messagebox calls.
  • Algorithm is pretty simple: For every character c, compute c^5 * j, where j is any number between 1 and 0x91. The results are concatenated using an uppercase hex format. Final string is reversed. If any of these j's work, then it is a valid serial.
  • For a keygen, just pick a random j and do exactly the same to produce a serial:
  • keygen.py

 

Edited by Washi
  • Like 2
Link to comment
Share on other sites
Sean Park

Sean Park

Posted
  • Author
Posted

Washi. Conratulations. You fully analyzed the algorithm of my keygenme. Thank you for your attention.

regards.

sean.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...