|
| Author |
Message |
.:hybrid:.
Asta GFX Team
Joined: 13 Mar 2008
Posts: 3902
Location: ♀
|
 |
|
| Hmm I looked at mine an it shows the correct serial if you enter an uneven number in the serial box, and is not the same length or longer then the username. Wierd, i'll try to fix it. |
_________________
|
|
 Date Posted:Mon Apr 27, 2009 7:51 pmThanks: 1376Thanked 2541 Times In 1014 Posts
|
| Author |
Message |
Kripton
FOFF Team
Joined: 30 Aug 2008
Posts: 331
Location: In Bed Usually
|
| |
|
| KenTheFurry wrote: |
@RAiN_:
Like I thought at first but I thought that you would of read the rules and known you can not pack your challenges or solutions..
|
I don't think there is any rule about packing solutions. Why would there? To protect against all the rippers on this forum? I don't think so  |
_________________
..::Buy any software you will use longer than the trial::..
 |
|
Date Posted:Mon Apr 27, 2009 8:07 pmThanks: 16Thanked 47 Times In 40 Posts
|
| Author |
Message |
Saduff
Special Member
Joined: 08 Dec 2008
Posts: 218
Location: CALL 0040627C
|
| |
|
@hybrid:
I don't get a serial as well. I checked out your self-keygen. It's because the serial gets deleted from edx in your self-keygen. Have a look how I did it.
The call after: MOV EDX,DWORD PTR SS:[EBP-8] deletes the serial from edx so there's nothing to display in the message box, you should nop that call and always jump to the badboy (change JNZ to JMP) and when the serial is still stored in DWORD PTR SS:[EBP-8], then mov it to the messagebox (MOV EAX,DWORD PTR SS:[EBP-8].
This way you don't have to enter anything in the textbox as well. |
_________________
|
|
Date Posted:Mon Apr 27, 2009 8:11 pmThanks: 51Thanked 48 Times In 38 Posts
|
| Author |
Message |
KenTheFurry
Special Member
Joined: 11 Apr 2008
Posts: 408
Location: Michigan
|
|
Date Posted:Mon Apr 27, 2009 8:13 pmThanks: 11Thanked 50 Times In 32 Posts
|
| Author |
Message |
Kripton
FOFF Team
Joined: 30 Aug 2008
Posts: 331
Location: In Bed Usually
|
| |
|
Oh.
*Silently packs bags and leaves thread*
 |
_________________
..::Buy any software you will use longer than the trial::..
|
|
Date Posted:Mon Apr 27, 2009 8:14 pmThanks: 16Thanked 47 Times In 40 Posts
|
| Author |
Message |
RAiN_
Member
Joined: 26 Apr 2009
Posts: 35
|
| |
|
| Quote: |
@RAiN_:
Like I thought at first but I thought that you would of read the rules and known you can not pack your challenges or solutions.. |
I packed by instinct .. Not happenin' again.  |
|
|
Date Posted:Mon Apr 27, 2009 8:36 pmThanks: 0Thanked 0 Times In 0 Posts
|
| Author |
Message |
.:hybrid:.
Asta GFX Team
Joined: 13 Mar 2008
Posts: 3902
Location: ♀
|
| |
|
| Saduff wrote: |
@hybrid:
I don't get a serial as well. I checked out your self-keygen. It's because the serial gets deleted from edx in your self-keygen. Have a look how I did it.
The call after: MOV EDX,DWORD PTR SS:[EBP-8] deletes the serial from edx so there's nothing to display in the message box, you should nop that call and always jump to the badboy (change JNZ to JMP) and when the serial is still stored in DWORD PTR SS:[EBP-8], then mov it to the messagebox (MOV EAX,DWORD PTR SS:[EBP-8].
This way you don't have to enter anything in the textbox as well. |
Is there a link/tutorial that specifically discusses the meaning/translation of the code in Olly? Because where you look at the code and see that its deleting stuff and whatnot I just see meaningless junk.
Or am i gonna get pointed to lennas tuts, if so, which one? Or is it just something that comes natuarally over time? |
_________________
|
|
Date Posted:Mon Apr 27, 2009 8:58 pmThanks: 1376Thanked 2541 Times In 1014 Posts
|
| Author |
Message |
Kripton
FOFF Team
Joined: 30 Aug 2008
Posts: 331
Location: In Bed Usually
|
| |
|
| I find all Asm books and tutorials completely useless so I'm not gonna direct you there. I just find over time you pick it up. If you know how to prgram in other languages it helps too. Most of the time I just translating ASM to Delphi in my head if I'm confused, but again I suppose this comes with practice with both languages. |
_________________
..::Buy any software you will use longer than the trial::..
|
|
Date Posted:Mon Apr 27, 2009 9:05 pmThanks: 16Thanked 47 Times In 40 Posts
|
| Author |
Message |
Saduff
Special Member
Joined: 08 Dec 2008
Posts: 218
Location: CALL 0040627C
|
| |
|
Here's some ASM code in the KeygenMe:
| Code: |
004551E8 |. 8B55 F8 MOV EDX,DWORD PTR SS:[EBP-8] // Move serial to EDX
004551EB |. E8 48F7FAFF CALL 00404938 // Deletes the serial in EDX
004551F0 |. 75 25 JNZ SHORT 00455217 // Checks if serial is correct (jumps to badboy if incorrect)
004551F2 |. B8 9C524500 MOV EAX,0045529C ; ASCII "Good job now keygen me!"
004551F7 |. E8 BC38FDFF CALL 00428AB8 // Non-interesting code beginning
004551FC |. 8B87 FC020000 MOV EAX,DWORD PTR DS:[EDI+2FC]
00455202 |. E8 1182FDFF CALL 0042D418
00455207 |. 8B87 FC020000 MOV EAX,DWORD PTR DS:[EDI+2FC]
0045520D |. 8B10 MOV EDX,DWORD PTR DS:[EAX]
0045520F |. FF92 C4000000 CALL DWORD PTR DS:[EDX+C4]
00455215 |. EB 23 JMP SHORT 0045523A // Non-interesting code end
00455217 |> B8 BC524500 MOV EAX,004552BC ; ASCII "Invalid Information" // If serial is incorrect, the jnz lands here
|
Now to make a self-keygen for this:
| Code: |
004551E8 . 8B55 F8 MOV EDX,DWORD PTR SS:[EBP-8] // Moves serial to EDX
004551EB . 90 NOP
004551EC . 90 NOP
004551ED . 90 NOP
004551EE . 90 NOP
004551EF . 90 NOP
004551F0 . EB 25 JMP SHORT 00455217 // Forced jump to badboy message to avoid these calls
004551F2 . B8 9C524500 MOV EAX,0045529C ; ASCII "Good job now keygen me!"
004551F7 . E8 BC38FDFF CALL 00428AB8
004551FC . 8B87 FC020000 MOV EAX,DWORD PTR DS:[EDI+2FC]
00455202 . E8 1182FDFF CALL 0042D418
00455207 . 8B87 FC020000 MOV EAX,DWORD PTR DS:[EDI+2FC]
0045520D . 8B10 MOV EDX,DWORD PTR DS:[EAX]
0045520F . FF92 C4000000 CALL DWORD PTR DS:[EDX+C4]
00455215 . EB 23 JMP SHORT 0045523A
00455217 > 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8] // The jmp lands here. Instead of moving "Invalid Information" in the msgbox, we move the serial there. MOV EAX,DWORD PTR SS:[EBP-8] or MOV EAX,EDX - both are correct if you nop the call, but the 1st variant is better.
|
The main idea of this is to keep the serial stored somewhere until you move it to the msgbox.
If you don't nop that call at 004551EB, then the serial gets deleted from EDX and you won't be able to use MOV EAX,EDX.
You'll still be able to use MOV EAX,DWORD PTR SS:[EBP-8] though. |
_________________
Last edited by Saduff on Mon Apr 27, 2009 9:45 pm; edited 1 time in total |
|
Date Posted:Mon Apr 27, 2009 9:22 pmThanks: 51Thanked 48 Times In 38 Posts
|
| Author |
Message |
.:hybrid:.
Asta GFX Team
Joined: 13 Mar 2008
Posts: 3902
Location: ♀
|
| |
|
| Thanks thats very clear, I think I will study some asm or whatever its called, only one problem in your code though, how do you get to the goodboy if its always jumps it, arn't you meant to leave it as a jnz? |
_________________
|
|
Date Posted:Mon Apr 27, 2009 9:33 pmThanks: 1376Thanked 2541 Times In 1014 Posts
|
| Author |
Message |
Saduff
Special Member
Joined: 08 Dec 2008
Posts: 218
Location: CALL 0040627C
|
| |
|
It doesn't matter whether it's the goodboy or the badboy where the serial is displayed. If you change jnz to jmp it will always display the serial in the msgbox. But if you leave it as jnz, then when you enter a correct serial, you'll see a "Good job now keygen me!" msgbox and not the serial. This just makes sure it always displays the serial.
In some real apps you may want to leave it as is so you could still register the app. |
_________________
|
|
Date Posted:Mon Apr 27, 2009 9:38 pmThanks: 51Thanked 48 Times In 38 Posts
|
| Author |
Message |
Saduff
Special Member
Joined: 08 Dec 2008
Posts: 218
Location: CALL 0040627C
|
| |
|
I tried the code rip method for the first time with this KeygenMe and I succeeded in generating the correct serial,
but in some cases it wasn't correct and threw some exceptions. But thanks to MA1201 I got the ASM fixed. Here's my keygen:
| Your download link: |
| Code: |
| http://www.mediafire.com/?2mzwjl2jmuk |
|
I think I'll rather not use the code ripping method in future KeygenMe's (depends on the KGM), as it seemed a lot harder. |
_________________
|
|
Date Posted:Mon Apr 27, 2009 10:58 pmThanks: 51Thanked 48 Times In 38 Posts
|
| Author |
Message |
Dysfunction
FOFF Team
Joined: 25 Sep 2007
Posts: 458
Location: Australia
|
| |
|
| Saduff wrote: |
| I think I'll rather not use the code ripping method in future KeygenMe's (depends on the KGM), as it seemed a lot harder. |
yeah seeing as this can be coded in 3-4 lines in delphi in this case
but as u said depends on the KGM |
_________________
The important thing is not to stop questioning what is unknown. |
|
Date Posted:Tue Apr 28, 2009 11:08 amThanks: 0Thanked 108 Times In 47 Posts
|
Astalavista Forum Index :: Crack Me's and Challenges :: KeyGenMe - Simple; Early Learners Only
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
