Posted April 21, 200619 yr find the correct pass for the crackme !no brute forcing is allowed !http://d.turboupload.com/d/533559/crackme_0.rar.htmlPS : Please do not post you answer here [only one pass] let others try their luck too !Thankyou
April 22, 200619 yr It was easier then what i thought You know binary Edited April 22, 200619 yr by yamraaj
April 23, 200619 yr This doesnt look so easy for me. These are my steps.1) Opened in Peid looked for any sort of packaging.2) Opened in Olly then ran the program to get background information.3) I searched for all referenced strings and found the part where it says Access Granted and so on.4) I follow in dissassembler then I am lost because I see nothing. All I see is a bunch of CALLS and MOV's and JMP's nothing else.Help would be appreciated as I am trying to learn as I go.
April 23, 200619 yr Hybr1d - You know there are two possible outcomes after you type in the serial. Either you get the "Access Granted!" message or you get the "Access Denied!" one. So, at one point in the program, there has to be some kind of conditional jump to decide which one to go to, and the most common way to create a conditional jump is to have CMP x, yJNZ (or JZ) addressLook around in the code for this...Hope this helps
April 23, 200619 yr It was easier then what i thought You know binary Yeh, it's the way to solution... ALiEN.
April 23, 200619 yr Thanks for the Tips guys I got it . The answer was right in front of me...Should of looked at the CMP and followed it through.
April 24, 200619 yr Author i hope all of you like this crackme !I AM LEARNING C++ AND WILL SOON BE MAKING MORE !Regards starzboy !
April 26, 200619 yr Author Make more indeed... Make it abit harder next time for people like me i am still learning and yes....ill try my best to make it harder ! Regards starzboy!
June 3, 200619 yr hmm im having trouble with this. i guess i need more tutorials ... me, too... I know, that there is something in this Call: 0040146C ... but, I can't find the real password. I know, that I can only use numbers for the password. I think, starzboy has converted the number to HEX (my entered number, too) ... an checked them . I'm trying (Nice Crackme starzboy, I love it )
June 6, 200619 yr Author hmmm....this is how "Giga"....explains !0040145D |. C74424 04 01000>MOV DWORD PTR SS:[ESP+4],100401465 |. C70424 60344400 MOV DWORD PTR SS:[ESP],crackme_.004434600040146C |. E8 0F540200 CALL crackme_.0042688000401471 |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8] ; kernel32.7C816D5800401474 |. 3B45 FC CMP EAX,DWORD PTR SS:[EBP-4] <-------------------------------------------BP00401477 |. 75 3A JNZ SHORT crackme_.004014B300401479 |. C74424 04 44004>MOV DWORD PTR SS:[ESP+4],crackme_.004400>; ASCII "Access Granted !"00401481 |. C70424 C0334400 MOV DWORD PTR SS:[ESP],crackme_.004433C000401488 |. E8 E7AC0300 CALL crackme_.0043C1740040148D |. C74424 04 44AF4>MOV DWORD PTR SS:[ESP+4],crackme_.0043AF>00401495 |. 890424 MOV DWORD PTR SS:[ESP],EAX00401498 |. E8 238C0200 CALL crackme_.0042A0C00040149D |. C74424 04 55004>MOV DWORD PTR SS:[ESP+4],crackme_.004400>; ASCII "WELCOME !"004014A5 |. C70424 C0334400 MOV DWORD PTR SS:[ESP],crackme_.004433C0004014AC |. E8 C3AC0300 CALL crackme_.0043C174004014B1 |. EB 38 JMP SHORT crackme_.004014EBand we will have something like this:Stack SS:[0022FF74]=3C34EB12 <----------- Serial in hex formatEAX=00000037and when convert this to Decimal the result is 1010101010serial = 1010101010
June 21, 200619 yr Yup, so true. Different from anything else, is the fact that C++ applications make use of the stack in 95% of the cases No wonder people couldn't find any traces of clues just by looking at the strings Works fast with Olly scripting
July 2, 200619 yr it was kind of hard for me cause im a bit of a noob ey nice job tho, i found out eventually after a while
July 2, 200619 yr Author i recomend that when you are going thro' a C++ app...you should know the details you entered in Hex so that whe you spot the info in hex you will kjnow that you are somewhere close !Justa Tip....thats what i do !
Create an account or sign in to comment