starzboy Posted April 21, 2006 Posted April 21, 2006 find the correct pass for the crackme !no brute forcing is allowed !http://d.turboupload.com/d/533559/crackme_0.rar.htmlPS : Please do not post you answer here [only one pass] let others try their luck too !Thankyou
yamraaj Posted April 22, 2006 Posted April 22, 2006 (edited) It was easier then what i thought You know binary Edited April 22, 2006 by yamraaj
Hybr!d Posted April 23, 2006 Posted April 23, 2006 This doesnt look so easy for me. These are my steps.1) Opened in Peid looked for any sort of packaging.2) Opened in Olly then ran the program to get background information.3) I searched for all referenced strings and found the part where it says Access Granted and so on.4) I follow in dissassembler then I am lost because I see nothing. All I see is a bunch of CALLS and MOV's and JMP's nothing else.Help would be appreciated as I am trying to learn as I go.
The Old Pirate Posted April 23, 2006 Posted April 23, 2006 @Hybr!d, tip: look at some constant just above string "CRACKME FOR NEWBIE #0 !"
yamraaj Posted April 23, 2006 Posted April 23, 2006 good !and why do you ask .... ? ! Sorry....that was just a lame tip
Guest Tundra Posted April 23, 2006 Posted April 23, 2006 Hybr1d - You know there are two possible outcomes after you type in the serial. Either you get the "Access Granted!" message or you get the "Access Denied!" one. So, at one point in the program, there has to be some kind of conditional jump to decide which one to go to, and the most common way to create a conditional jump is to have CMP x, yJNZ (or JZ) addressLook around in the code for this...Hope this helps
ALiEN Posted April 23, 2006 Posted April 23, 2006 It was easier then what i thought You know binary Yeh, it's the way to solution... ALiEN.
Hybr!d Posted April 23, 2006 Posted April 23, 2006 Thanks for the Tips guys I got it . The answer was right in front of me...Should of looked at the CMP and followed it through.
starzboy Posted April 24, 2006 Author Posted April 24, 2006 i hope all of you like this crackme !I AM LEARNING C++ AND WILL SOON BE MAKING MORE !Regards starzboy !
Hybr!d Posted April 26, 2006 Posted April 26, 2006 Make more indeed... Make it abit harder next time for people like me
starzboy Posted April 26, 2006 Author Posted April 26, 2006 Make more indeed... Make it abit harder next time for people like me i am still learning and yes....ill try my best to make it harder ! Regards starzboy!
Guest Findme Posted May 31, 2006 Posted May 31, 2006 hmm im having trouble with this. i guess i need more tutorials ...
Guest linkin Posted June 3, 2006 Posted June 3, 2006 hmm im having trouble with this. i guess i need more tutorials ... me, too... I know, that there is something in this Call: 0040146C ... but, I can't find the real password. I know, that I can only use numbers for the password. I think, starzboy has converted the number to HEX (my entered number, too) ... an checked them . I'm trying (Nice Crackme starzboy, I love it )
starzboy Posted June 6, 2006 Author Posted June 6, 2006 hmmm....this is how "Giga"....explains !0040145D |. C74424 04 01000>MOV DWORD PTR SS:[ESP+4],100401465 |. C70424 60344400 MOV DWORD PTR SS:[ESP],crackme_.004434600040146C |. E8 0F540200 CALL crackme_.0042688000401471 |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8] ; kernel32.7C816D5800401474 |. 3B45 FC CMP EAX,DWORD PTR SS:[EBP-4] <-------------------------------------------BP00401477 |. 75 3A JNZ SHORT crackme_.004014B300401479 |. C74424 04 44004>MOV DWORD PTR SS:[ESP+4],crackme_.004400>; ASCII "Access Granted !"00401481 |. C70424 C0334400 MOV DWORD PTR SS:[ESP],crackme_.004433C000401488 |. E8 E7AC0300 CALL crackme_.0043C1740040148D |. C74424 04 44AF4>MOV DWORD PTR SS:[ESP+4],crackme_.0043AF>00401495 |. 890424 MOV DWORD PTR SS:[ESP],EAX00401498 |. E8 238C0200 CALL crackme_.0042A0C00040149D |. C74424 04 55004>MOV DWORD PTR SS:[ESP+4],crackme_.004400>; ASCII "WELCOME !"004014A5 |. C70424 C0334400 MOV DWORD PTR SS:[ESP],crackme_.004433C0004014AC |. E8 C3AC0300 CALL crackme_.0043C174004014B1 |. EB 38 JMP SHORT crackme_.004014EBand we will have something like this:Stack SS:[0022FF74]=3C34EB12 <----------- Serial in hex formatEAX=00000037and when convert this to Decimal the result is 1010101010serial = 1010101010
SunBeam Posted June 21, 2006 Posted June 21, 2006 Yup, so true. Different from anything else, is the fact that C++ applications make use of the stack in 95% of the cases No wonder people couldn't find any traces of clues just by looking at the strings Works fast with Olly scripting
Guest slavaa Posted July 2, 2006 Posted July 2, 2006 it was kind of hard for me cause im a bit of a noob ey nice job tho, i found out eventually after a while
starzboy Posted July 2, 2006 Author Posted July 2, 2006 i recomend that when you are going thro' a C++ app...you should know the details you entered in Hex so that whe you spot the info in hex you will kjnow that you are somewhere close !Justa Tip....thats what i do !
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now