lena151 Posted July 7, 2006 Posted July 7, 2006 Here is a challenge for all. Some time ago, I coded an (freeware for medical purposes) application which was never cracked. Too stupid, not worth bothering or too difficult ?!? Dunno ... but I hope you'll tell me. BTW, a registration scheme was only implemented to keep track of people's use (free registration). To comply with forum rules, I have grabbed the registration scheme and made a ReverseMe from it. Everything is allowed : serialfishing, patching, brute forcing ... the ultimate goal is a keygen. The only nag in the real stuff is when clicking the "Register" button. This reverseMe has more to make it easier. Each time an action is required, the registration scheme is rerun internally to decide on acting or not. It's clear that killing the nags and About Box is NOT helping. BTW, in a valid solution, the goodboys are shown. If you have a solution, please explain in a couple of words. I'm leaving on vacation right now, I'll have a look when returning. I built some useless code around the reverseme to make it the normal size of the software. ReverseMe is not packed nor encrypted, but I doubt it's easy. Have fun lena151 ReverseMe_2_by_lena151.rar
GEEK Posted July 8, 2006 Posted July 8, 2006 (edited) you could have done tht without replying here as it is understood that everybody will do it when they have time. Edited July 8, 2006 by GEEK
winndy Posted July 9, 2006 Posted July 9, 2006 (edited) you could have done tht without replying here as it is understood that everybody will do it when they have time.Oh!But I think It's polite to post a reply.After we read a post, It' OK to give a response.Everyone has his own way.I think It's out of topic.So we should stop discuss here.Regards Edited July 9, 2006 by winndy
SUB Z3R0 Posted July 13, 2006 Posted July 13, 2006 (edited) To Lena : It wasn't a Nice CrackMe ( by my idea ) !It seem you have written this CrackMe by an AutorunMaker/AutoIt Or ....and you haven't written by C++ (MFC).Cracking these files are a little more than easy ! but nags and unregistered labels can be removed easily.( Success ... Registration SuccessFull ... Thanks for your support !!!! ) Edited July 13, 2006 by SUB Z3R0
lena151 Posted July 23, 2006 Author Posted July 23, 2006 Just back from vacation ... . Thanks for trying this SUB_Z3RO and all the others. ... nags and unregistered labels can be removed easily. Sure they can, but this doesn't register the application.( Success ... Registration SuccessFull ... Thanks for your support !!!! ) The "goodboys" you found are diversion code : these are never used, not in unregistered nor in registered.I believe it is virtually impossible without more hints though : Hints : 1. For the application to be registered, it must say "REGISTERED" on the registration window. Again though, the obvious "REGISTERED" text in the strings is NOT used and is diversion code too, seek elsewhere ! 2. This "reverseme" is in fact part of an application which has twenty (20 !) checks and doublechecks. If any of these fail, you are sent in the woods to go play with Robin Hood. In this case, the real serial is never calculated (only a diversion serial is calculated). BTW, assume anything by "checks and doublechecks", ie if the length of a certain part of the serial is wrong --> go see Robin in the woods. 3. This reverseme is part of a real application : at startup, it verifies for "was I previously registered or not ?". If it was registered before, the registration scheme is not shown in the real application. BTW, the reverseme shows the goodboy at startup when registered before (because there is no "application" here). 4. Anybody found the ring0 debugger checks (find them all !) ? --> else go see Robin 5. Anybody found the ring3 debugger checks (find them all !) ? --> else go see Robin 6. Anybody found the anti-tracing ? --> else go see Robin 7. ALL detecting is silent : if anything suspicious is detected --> go see Robin 8. Expect some more tricks, hehe, probably these being the most important factor of faillure of all It should be a walk in the park with this info ? Or not ? Success lena151
Sigma Posted July 24, 2006 Posted July 24, 2006 Holy crap woman, that is nuts! I'll take a look, but i dn;'t see a point! what is it coded with?
lena151 Posted July 24, 2006 Author Posted July 24, 2006 Holy crap woman, that is nuts! I'll take a look, but i dn;'t see a point! what is it coded with?Hehe, yeah, I know. Just call it "overkill" but it was kind of fun to code all the protecting.
lena151 Posted July 24, 2006 Author Posted July 24, 2006 And it was for a freeware app correct? Yep. I fear I amused myself more with the protection then with the app itself. Let's blame reversing for that
npad69 Posted July 26, 2006 Posted July 26, 2006 hi lena, ever considered writing a protector based on this method?
Killboy Posted July 26, 2006 Posted July 26, 2006 That's really tough, at least for me... I encountered several debugger detection tricks, waitforsingleobject and the winice.dat check but all in all very good... Im close to what looks like the serial check routine, and i found several places to circumvent the bad boys, but no good boy in sight...
lena151 Posted July 26, 2006 Author Posted July 26, 2006 @KillBoy : good work so far. Don't give up. @npad69 : do you mean to code this registration scheme in a dll to be called by "a third-party-program" and sell the library for that purpose ? It could be done in very little time but I decided long ago to stick with reversing.... BTW, this protection is not unbreakable but can easily be made many times harder !
npad69 Posted July 27, 2006 Posted July 27, 2006 ..It could be done in very little time but I decided long ago to stick with reversing.... whew, thank god!!
lena151 Posted July 7, 2007 Author Posted July 7, 2007 Here is a solution. Thanks to all who tried proving anything is crackable.Perhaps it can now be solved with this new info and as many serials as you like ...ReverseMe_2_by_lena151_Keygen.rar
MulleDK19 Posted December 12, 2008 Posted December 12, 2008 (edited) Hey.. I just found this reverseme about an hour ago... I'm a newbie, and I'm almost finished with your tuts.. Thanks lena.. I'm trying with this one... Currently I've only managed to change the "Not registered :=)" to another message I make up, in the nags Possible spoiler: http://www.treesoft.dk/RCE/ReverseMe_Morten_Hot_xD_p2.PNG I'm getting closer! I won't look at your solution, before I give up! PS: I'm a fast learner... Edited December 12, 2008 by MulleDK19
Teddy Rogers Posted December 14, 2008 Posted December 14, 2008 The [crackme] tag has been added to your topic title.Please remember to follow and adhere to the topic title format - thankyou![This is an automated reply]
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now