CiN1 Team - Cracking Is Number 1  

Cracking Is Number 1

Go Back   CiN1 Team - Cracking Is Number 1 >
~~ Learning Cracking ~~
> Free Talk About Cracking > CrackMe's

Nội qui diễn đn - Forum Rules Must Read

Search kỹ trước khi post bi


Reply
 
Thread Tools Display Modes
Old 24-06-2016, 11:41 AM   #1
User Profile
kechocgian

 
kechocgian's Avatar
 
Join Date: Mon Jun 2016
Posts: 16

Cấp bậc: 2 [cin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1team]
Sức sống: 0 / 43
Hoạt động: 5 / 153
Kinh nghiệm: 74%


Thanks: 34
Thanked 9 Times in 4 Posts
Default 150-ulock crackme

Two step related to solve this crackme.
Simply rename it to .exe file.
Second: there is an encrypted section by itself, so skim it slowly. thx @cachito
Quote:
[Only registered and activated users can see links. ]

Last edited by kechocgian; 01-07-2016 at 11:26 AM.
  Reply With Quote
The Following User Says Thank You to kechocgian For This Useful Post:
Old 25-06-2016, 04:31 AM   #2
User Profile
cachito

 
cachito's Avatar
 
Join Date: Wed Nov 2015
Posts: 35

Cấp bậc: 4 [cin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1team]
Sức sống: 0 / 92
Hoạt động: 11 / 471
Kinh nghiệm: 68%


Thanks: 22
Thanked 39 Times in 24 Posts
Default

@kechocgian
This crackme is not compressed. Doing the expand command is the same as renaming the file to .exe....

EDIT: Just checked a bit, it has encrypted section. That section is being decrypted by xoring with an X value. That X value is obtained by doing some math over unlock code. X value must be 0x25
I have no more free time. I will check this again sometime, seems like a nice crackme/keygenme :D

EDIT2: I couldn't resist :P
Serial for 0x3004 is "21137D5FCAAC07F9"

Last edited by cachito; 25-06-2016 at 05:42 AM.
  Reply With Quote
The Following 3 Users Say Thank You to cachito For This Useful Post:
Old 28-06-2016, 03:40 AM   #3
User Profile
cachito

 
cachito's Avatar
 
Join Date: Wed Nov 2015
Posts: 35

Cấp bậc: 4 [cin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1team]
Sức sống: 0 / 92
Hoạt động: 11 / 471
Kinh nghiệm: 68%


Thanks: 22
Thanked 39 Times in 24 Posts
Default

Mmmm was going to dig deeper into it but I hate when they use ah. I don't program in asm so have to write some hacky code to keygen...
Some tips to patch it

00401337 XOR DL,BYTE PTR DS:[403318] -> XOR DL,0x25 // To decrypt
004011E8 -> Serial generation routine, you can serial fish.
0040129D - > just nop to get good boy.

Cachito
9D293ECBD06D720F
  Reply With Quote
The Following User Says Thank You to cachito For This Useful Post:
Old 29-06-2016, 12:27 AM   #4
User Profile
Serial_Killer

 
Serial_Killer's Avatar
 
Join Date: Mon Jan 2011
Posts: 237

Cấp bậc: 14 [cin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1team]
Sức sống: 0 / 334
Hoạt động: 79 / 6464
Kinh nghiệm: 39%


Thanks: 11
Thanked 714 Times in 229 Posts
Default

alibi, cachito :D

use shift (right/left) to reach what you need
then put all back













Chữ k c nhn của Serial_Killer CRACK REQUESTS in PM will land on shitlist!!

  Reply With Quote
The Following 2 Users Say Thank You to Serial_Killer For This Useful Post:
Old 29-06-2016, 07:14 AM   #5
User Profile
cachito

 
cachito's Avatar
 
Join Date: Wed Nov 2015
Posts: 35

Cấp bậc: 4 [cin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1team]
Sức sống: 0 / 92
Hoạt động: 11 / 471
Kinh nghiệm: 68%


Thanks: 22
Thanked 39 Times in 24 Posts
Default

Yeah, it was just an excuse I made, I didn't want to work :P
With the rcl opcode I had problems once and I needed 1 flag for some other command, that one was hard to "translate".

Code:
        private ushort rcling(ushort value, int n, ref int cf) // rcl command
        {
            value = (ushort)((value << n) | (value >> (16 - n)));
            int temp = value & 1;
            value = (ushort)((value & 0xFFFE) | cf);
            cf = temp;
            return value;
        }
EDIT: I remember, it was for the tsrh keygenme, never finished that one either :P

Last edited by cachito; 29-06-2016 at 07:28 AM.
  Reply With Quote
The Following User Says Thank You to cachito For This Useful Post:
Old 29-06-2016, 07:17 PM   #6
User Profile
Serial_Killer

 
Serial_Killer's Avatar
 
Join Date: Mon Jan 2011
Posts: 237

Cấp bậc: 14 [cin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1team]
Sức sống: 0 / 334
Hoạt động: 79 / 6464
Kinh nghiệm: 39%


Thanks: 11
Thanked 714 Times in 229 Posts
Default

he he, knew you could do it

peace













Chữ k c nhn của Serial_Killer CRACK REQUESTS in PM will land on shitlist!!

  Reply With Quote
Old 01-07-2016, 11:28 AM   #7
User Profile
kechocgian

 
kechocgian's Avatar
 
Join Date: Mon Jun 2016
Posts: 16

Cấp bậc: 2 [cin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1team]
Sức sống: 0 / 43
Hoạt động: 5 / 153
Kinh nghiệm: 74%


Thanks: 34
Thanked 9 Times in 4 Posts
Default

@cachito
how do you know the X value is 0x25?
is it your guess based on epilogue "push ebp"?
  Reply With Quote
Old 01-07-2016, 08:13 PM   #8
User Profile
cachito

 
cachito's Avatar
 
Join Date: Wed Nov 2015
Posts: 35

Cấp bậc: 4 [cin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1team]
Sức sống: 0 / 92
Hoạt động: 11 / 471
Kinh nghiệm: 68%


Thanks: 22
Thanked 39 Times in 24 Posts
Default

Exactly, i guesssed first byte would be 0x55, patched in place i mention above and it worked
  Reply With Quote
The Following User Says Thank You to cachito For This Useful Post:
Old 02-07-2016, 05:58 PM   #9
User Profile
Serial_Killer

 
Serial_Killer's Avatar
 
Join Date: Mon Jan 2011
Posts: 237

Cấp bậc: 14 [cin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1team]
Sức sống: 0 / 334
Hoạt động: 79 / 6464
Kinh nghiệm: 39%


Thanks: 11
Thanked 714 Times in 229 Posts
Default

Just as info here few unlock codes

00000050
00000193
000002B3
0000038A
10000227
ED12FC73

but there exist a lot of more.













Chữ k c nhn của Serial_Killer CRACK REQUESTS in PM will land on shitlist!!

  Reply With Quote
The Following 2 Users Say Thank You to Serial_Killer For This Useful Post:
Old 02-07-2016, 11:06 PM   #10
User Profile
ragdog

 
ragdog's Avatar
 
Join Date: Sun Mar 2010
Posts: 14

Cấp bậc: 2 [cin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1teamcin1team]
Sức sống: 0 / 37
Hoạt động: 4 / 813
Kinh nghiệm: 50%


Thanks: 1
Thanked 12 Times in 7 Posts
Default

Hi

Here is my solution.

Unlock Code :00001037
Name:Ragdog
Serial:7B2A510037E61DCC

It has no a encrypted section is only modify (crypted) code.

Edit: keygen
[Only registered and activated users can see links. ]

Regards,

Last edited by ragdog; 03-07-2016 at 04:42 PM.
  Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +8. The time now is 03:30 PM.


Powered by vBulletin® Version 3.xx
Copyright ©2000 2017, Jelsoft Enterprises Ltd. Help
Licensed to: cin1team.biz