Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 33

Thread: Gr. crackme: >>KongFuZi<<

  1. #16
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,479
    Blog Entries
    1
    well, simonzack & wtbw sent me thier ideas.

    wtbw found quite uneasy solution to burn string, but he will unable to fit in KEYsz in this way.

    instead, simonzack, found not-executable but too much easy solution.
    let me say this: this solution is against KongFuZi's description. []

    but i wont restrict this solution.
    so, simonzack, if you like, choose correct text for MsgBox & release your solution as alternative finding.

  2. #17

    Re:

    In the 'recommended' solution, does it jump outside the vm to execute things?
    because 448/4=112, 448/5=89
    this is shorter than the message

    esp can only be changed from a dword in the keyfile

  3. #18
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,479
    Blog Entries
    1
    if want jump out, then only to executable code(not to data)

  4. #19
    So evaluator

    Does the recommended solution actually jump out of the vm, or jump between opcodes
    I just want to know this, because if it does not, I'll stop thinking that way and just focus on the vm opcodes
    Or is this too much of a hint?
    Right now I've figured out another way to write the message, however it is too short

    smk

  5. #20
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,479
    Blog Entries
    1
    you are free to do anything; just satisfy description:

    ; THINK, how to burn non existent string for MsgBox:
    ; "You have found a Black Cat in a Dark Room, although the cat was not even there!"

  6. #21
    Hey eval,

    Having ones like this uncommented in the source but not present in the final exe is CRUEL:

    mov eax esi | jmp esp
    mov ecx esi | jmp esp
    mov edx esi | jmp esp
    mov ebx esi | jmp esp
    mov esp esi | jmp esp
    mov ebp esi | jmp esp
    mov esi esi | jmp esp
    mov edi esi | jmp esp

    Edit: Oh, it's that they're commented out with ;; instead of individually. Well still
    Last edited by wtbw; June 11th, 2010 at 09:25.

  7. #22
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,479
    Blog Entries
    1
    solver should trusts me, when i written, like:
    ; Don't fight with crackme... etc

    he should imagine, best way to do thing, then implement it..

  8. #23
    andrewl
    Guest
    Quote Originally Posted by evaluator View Post
    solver should trusts me, when i written, like:
    ; Don't fight with crackme... etc

    he should imagine, best way to do thing, then implement it..
    haha I fucking love this crackme shit...I am going insane
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #24
    Well is a result going to be published or is this still open? I stopped work on it when you said it was done..

  10. #25
    I found another way to write the message

    Hope you like it better this time, evaluator
    I pm'ed you the key

  11. #26
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,479
    Blog Entries
    1
    this way is quite fun! (even if not that what i want).
    you can submit it as alternative solution, but, hey, MSG should be other!
    ("You have found a Black Cat..)

    after, you can continue to best. (you are nonstoppable)

    now i show, why it is not main solution.
    below string
    >>THINK, how to burn non existent string for MsgBox

    means, that you should NOT deliver Cat in room, even indirectly (crypted).
    bcoz:
    >>cat was not even there!

    delivering a Cat in room is bluff

  12. #27
    Quote Originally Posted by evaluator View Post
    delivering a Cat in room is bluff
    You mean you want us to get the string from the user via an API? Or load the exe directly and use the copy of it in the source?

  13. #28
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,479
    Blog Entries
    1
    that will delivery. so no.
    should be like your case, but in better way.

  14. #29
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,479
    Blog Entries
    1
    alex_ls has posted alternative solution to this crackme. i'm attaching it here.

    it is alternative, bcoz it delivers content e.g. BlackCat (no matter, it is crypted or not).

    same kind solution earlier done by simonzack, also is posted here.

    on correct path are andrewl & wtbw.

    i hope, these alternative can EXTEND their fUnazzie..
    Attached Files Attached Files

  15. #30
    Chanakya
    Guest
    Hey I am newbie and I found a solution to this pblm. Pls Check that
    Attached Files Attached Files
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Need help with crackme
    By lucid_dream in forum The Newbie Forum
    Replies: 4
    Last Post: January 12th, 2005, 04:32
  2. help with this crackme
    By chitech in forum Mini Project Area
    Replies: 2
    Last Post: August 28th, 2002, 11:41
  3. try this crackme
    By SaNGa in forum Mini Project Area
    Replies: 11
    Last Post: June 4th, 2002, 20:13
  4. A little crackme
    By raven58 in forum Advanced Reversing and Programming
    Replies: 1
    Last Post: February 14th, 2001, 18:19

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •