Page 1 of 3 123 LastLast
Results 1 to 15 of 34

Thread: very mini project :-D

  1. #1
    the analyst / ucf
    Guest

    very mini project :-D

    hello all,

    i think i got something for you to work on.
    i coded a rather easy crackme.
    the goal is to enter a serial and to get the good boy message..
    however , it is not as easy as it seems
    i never seen such a crackme, and i wonder how would you guys
    use your reversing skill to complete that one
    NO PATCH allowed :-P
    use your brain and have fun ;-)
    every one can try it and it is not that hard
    i will give some hints if needed ;o)

    file : http://www.abfiles.cjb.net/weird.zip

    regards,

    the analyst / ucf

    ps: as strange as it may look, this crackme introduces you guys at something that many reverse engineers do nowadays
    good hunt
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    S4v4G3
    Guest
    Hello All...

    Oki... Lets give it a try...
    But This iz wierd =)
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #3
    the analyst / ucf
    Guest
    S4v4G3 (07-11-2001 09:26):
    Hello All...

    Oki... Lets give it a try...
    But This iz wierd =)
    indeed
    i just wonder how you guys are going to face that app
    i once thought about writing such a protection.
    but there are many things to test to make a good protection out of this .
    you will see what i mean once you try it
    it is not obvious to see my point anyway.
    hope this is not too boring for everyone, but try it to see

    regards,

    the analyst
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    CoDe_InSiDe
    Guest
    Hi Analyst,

    Damnit, why did you use that Borland crap ? ;D

    Hmm..... first is fake..... Second lot's o checks heh
    err... ?

    Cya...

    CoDe_InSiDe
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    Kythen
    Guest
    Very clever scheme analyst!

    I think I had a bit of an unfair advantage in solving this one though as I read a book on the subject recently

    Interesting to finally be able to get a feel for how one of these things actually works.

    Thanks!

    PS: a rather cryptic hint - The weakness of the code is it's strength
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    the analyst / ucf
    Guest
    CoDe_InSiDe (07-11-2001 11:31):
    Hi Analyst,

    Damnit, why did you use that Borland crap ? ;D

    Hmm..... first is fake..... Second lot's o checks heh
    err... ?

    Cya...

    CoDe_InSiDe

    how far are you mate ?
    heh u gotta love those checks
    later,

    the analyst
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    the analyst / ucf
    Guest
    Kythen (07-11-2001 11:59):
    Very clever scheme analyst!

    I think I had a bit of an unfair advantage in solving this one though as I read a book on the subject recently

    Interesting to finally be able to get a feel for how one of these things actually works.

    Thanks!

    PS: a rather cryptic hint - The weakness of the code is it's strength

    hehehe
    the code is quite small isn't it ?
    hmm mail me ur solution , i wonder how you did it
    i may have a different way to crack it
    regards,

    the analyst
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #8
    I have solved too It was really fun.There is more serial than you can imagine

  9. #9
    the analyst / ucf
    Guest
    LaptoniC (07-11-2001 19:38):
    I have solved too It was really fun.There is more serial than you can imagine
    i know
    heh, this is my all days work btw
    for those who succeed, write me a mail , and show me how you did it
    it is nice to see that reversers use their knowledge to face not so common problems

    regards,

    the analyst

    hint : "c'est la goute qui a fait deborder le vase"
    go figure it out ;-)
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  10. #10
    the analyst / ucf
    Guest
    hey guys

    i got only 2 answers..
    2 guys succeed.. no questions ...
    is my project not interesting ?
    it introduces to one of the most used form of RE in the application side btw
    get your hand on it..
    if yu got some questions , i can answer..

    best regards,

    the analyst
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  11. #11
    Raven58
    Guest
    Downloaded your project. I first used get file type on this and learned it was a dos executable and not packed. I then ran the program using inctrl5 and learned nothing of interest there. Using wdasm,I noticed delphia and attempted to use dede, had trouble opening it, proceeded anyway and noticed a run time package(?). Nothing under any of the headings using dede was found.Under wdasm is a good boy string message with some possible patch points noted but this was not the intended way to go. Also used apispy on this. Broke in sice on hmencpy but could not f12 into the program or code. Will attempt to use sice and break on api's noted in the apispy program. Used procdump, looked at sections and nothing rang a bell. So you see that two reversers solved this but this newbie had no luck. Perhaps some hints are in order or perhaps I am way off base. Thanks for your time and effort in bringing the project to us. This beginner is always learning something new, although I am lost here.

    Raven58
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  12. #12
    tony b.
    Guest
    Interesting one... thanks analyst. I also have been reading about the subject so it hit me pretty quickly.

    Maybe a hint: if you load this into IDA there seems to be no way to get to the congrats message... so how can you make a way without a patch?

    regards,

    tony
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  13. #13
    the analyst / ucf
    Guest
    Raven58 (07-12-2001 18:51):
    Downloaded your project. I first used get file type on this and learned it was a dos executable and not packed. I then ran the program using inctrl5 and learned nothing of interest there. Using wdasm,I noticed delphia and attempted to use dede, had trouble opening it, proceeded anyway and noticed a run time package(?). Nothing under any of the headings using dede was found.Under wdasm is a good boy string message with some possible patch points noted but this was not the intended way to go. Also used apispy on this. Broke in sice on hmencpy but could not f12 into the program or code. Will attempt to use sice and break on api's noted in the apispy program. Used procdump, looked at sections and nothing rang a bell. So you see that two reversers solved this but this newbie had no luck. Perhaps some hints are in order or perhaps I am way off base. Thanks for your time and effort in bringing the project to us. This beginner is always learning something new, although I am lost here.

    Raven58
    ok mate,

    this doesn't use delphi.
    but borland C++
    you saw a good boy string , but if you look around, you see that there aren't any references to it .
    so what ?
    let me give some helpful hints :

    look the size of the max name length.
    play with name length.

    i will publish a solution later i guess.
    do i need to publish it already ? or you prefer me to do it on monday?

    best regards,

    the analyst
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  14. #14
    the analyst / ucf
    Guest
    tony b. (07-12-2001 19:38):
    Interesting one... thanks analyst. I also have been reading about the subject so it hit me pretty quickly.

    Maybe a hint: if you load this into IDA there seems to be no way to get to the congrats message... so how can you make a way without a patch?

    regards,

    tony
    ehe
    you got it too im sure
    i wish more ppl would have looked this one.
    it is either too weird, or maybe not interesting
    the best hint ever is :
    "c'est la goute qui fait deborder le vase"

    it is way enuf to get it

    regards,
    the analyst
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  15. #15
    neo
    Guest
    Its interesting but its also hard to find the right one ...because the the analyst made a good job by doing it... and like we all know he is good at a lot of thing ... i think that most of ppl are quite because they are trying like me ..

    Lenght you say... i will see about that ...

    NeO'X'QuiCk
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. need some help on a project...
    By Hero in forum Advanced Reversing and Programming
    Replies: 16
    Last Post: November 10th, 2007, 03:32
  2. project Dg l*ked usb app
    By RaX in forum The Newbie Forum
    Replies: 5
    Last Post: May 1st, 2007, 03:35
  3. time for a new mini project?
    By figugegl in forum Mini Project Area
    Replies: 1
    Last Post: March 14th, 2002, 04:57
  4. A little mini project
    By Raven59 in forum Mini Project Area
    Replies: 35
    Last Post: April 30th, 2001, 05:07

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •