Results 1 to 10 of 10

Thread: windev crackme

  1. #1
    newbcrk
    Guest

    windev crackme

    lol

    I have any difficulties with target wich has been written with windev .
    I have find only one tuto with windev .It si poor althougth
    windev target don't miss .Was somebody be able to give me any crack windev tutos ?

    I want to crack this windev crackme
    If somebody is interrested he should to download the two missing .dll (WD553EXE.dll , WD553WDW.dll) at http://www.alltheweb.com in the ftp part . Otherwise the crackme is bigger to attach .

    I will Softice and windasm .

    Attached Files Attached Files
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    newbcrk
    Guest
    I have done this

    bpx sendmessageA

    hwnd crackme1
    Window Handle hQueue SZ QOwner Class Name Window Procedure
    03C8(1) 2E27 32 CRACKME1 WDRBF 1427:00000BE8
    03CC(2) 2E27 32 CRACKME1 Button 1427:00000B7A
    03D4(2) 2E27 32 CRACKME1 Button 1427:00000B7A
    03D8(2) 2E27 32 CRACKME1 Static 1427:00000BA6
    03DC(2) 2E27 32 CRACKME1 Edit 1427:00000BD2
    03C4(1) 2E27 32 CRACKME1 WDRBF 1427:00000AB4
    03C0(1) 2E27 32 CRACKME1 WDBULLE00520EDE 1427:00000A88

    bmsg 3c8 wm_gettext
    bmsg 3cc 202 ;; 202 code when I press the button

    Then , what have I to do ?
    Sometimes bpr breakes .
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #3
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    Hi newbcrk,
    to catch wm_gettext seems to be one of the best ways to approach the target.
    Then , what have I to do ?
    Then, you have to step each line! From what I have seen, the interesting code is all inside WD553EXE.dll but I can be wrong. I solved this crackme in a different way, using SoftIce's 's' command. Look around for some interesting texts, you will find your serial

    Best regards,
    ZaiRoN

  4. #4
    newbcrk
    Guest
    lol
    before and after this call 100CCF84 call 10124580 there is a loop .
    There is the bad way .

    It seems to be around (or inside) this call .Right ? (So I can begin a analyse)
    A bpr lands inside this code .But yet I fail to put my bpr .Strange isnít it ?

    If I am right .Could you tell me which methods you have used to compare with mine ?

    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    Hi,
    I started with bmsg on wm_settext and, as I said before, after that I have not putted breakpoint...

    Sorry but I stepped only few lines and I don't know whether the addresses you gave me are good or bad. I don't have the crackme on this machine and I can't check but if I recall correctly the serial is not visible in the files but its only visible at runtime...

    ZaiRoN

  6. #6
    newbcrk
    Guest
    Thanks (I will find)
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    newbcrk
    Guest
    I have found .Mos tof time I find without understanding the code
    I have use only bpx sendmessageA and F10-F12
    I will try with the bmsg in the purpose to understand

    d eax
    :u 100F9A38 L FF
    0167:100F9A38 EBD2 JMP 100F9A0C
    0167:100F9A3A 8B4111 MOV EAX,[ECX+11] ;;HERE d EAX give the serial number 123456ABCEF
    0167:100F9A3D 33D2 XOR EDX,EDX
    0167:100F9A3F 40 INC EAX
    0167:100F9A40 51 PUSH ECX
    0167:100F9A41 894111 MOV [ECX+11],EAX
    0167:100F9A44 8A50FF MOV DL,[EAX-01]
    0167:100F9A47 FF149538EA1310 CALL [EDX*4+1013EA38]
    0167:100F9A4E 83C404 ADD ESP,04
    0167:100F9A51 8B4D08 MOV ECX,[EBP+08]
    0167:100F9A54 EBE4 JMP 100F9A3A
    0167:100F9A56 8BFF MOV EDI,EDI
    0167:100F9A58 009A0F10CD99 ADD [EDX+99CD100F],BL
    0167:100F9A5E 0F10CD MOVUPS XMM1,XMM5
    0167:100F9A61 99 CDQ
    0167:100F9A62 0F1000 MOVUPS XMM0,[EAX]
    0167:100F9A65 9A0F109E990F10 CALL

    Bye
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #8
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    Well done! ;-)

    Btw, to play with a program written with windev is not so unusual, you have used the same approaches and the same SoftIce's commands that you use with another program written with something different from WinDev. Am I wrong?

    ZaiRoN

  9. #9
    newbcrk
    Guest

    Thumbs up

    You are right .I have used bpx sendmessageA looking in the user 32.hlp .
    The most important is to understand the hwnd command and what she gives .
    I watch the handle , do F5 to make a breake .As soon as I have seen the handle number of edit BOX (hwnd gives it) , I have begin to trace with F10 .
    I have understand too why my bpr refuses to breake .I had to localise before the sendmessageA API of the edit then I could to put a breaking bpr .
    I can't explain this but it's breakes .Memory reasons ?

    you have used the same approaches and the same SoftIce's commands
    Realy I have learn , find a rational approach .I am only newbie
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  10. #10
    DalKiT
    Guest
    Hello everybody

    If you have difficulties to find serial for windev crackme, thalos wrote a tutorial. You find it on my web site.

    Bye

    DalKiT
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. crackme made with windev
    By developper in forum Mini Project Area
    Replies: 1
    Last Post: November 11th, 2006, 15:28
  2. windev and api's
    By gentilevil in forum The Newbie Forum
    Replies: 0
    Last Post: January 19th, 2005, 18:22
  3. Need help with crackme
    By lucid_dream in forum The Newbie Forum
    Replies: 4
    Last Post: January 12th, 2005, 04:32
  4. A little crackme
    By raven58 in forum Advanced Reversing and Programming
    Replies: 1
    Last Post: February 14th, 2001, 18:19

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •