Results 1 to 5 of 5

Thread: cyclic redundancy code blows

  1. #1

    cyclic redundancy code blows

    okay, i have asked about crc before and found some tuts on it. but i still can not really know what the assembler code for this really looks like. i have been tring to crack a screen saver, but it detects it has been cracked. the ss which is pretty cool, at least i think is called firemagic ( if someone could look at this could give me a little help.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    I dont think that it use classic crc algo.However this programs crc check is easy I guess.Only one reference to error messsage.
    :00409647 E8747D0000              call 004113C0 ;Check file integrity
    :0040964C 85C0                    test eax, eax
    :0040964E 7511                    jne 00409661    ;good boy
    :00409650 50                      push eax
    :00409651 50                      push eax
    * Possible StringData Ref from Data Obj ->"Executable file is damaged (or "
    :00409652 68E8DA4300              push 0043DAE8
    I didnt check reg check.I have just changed one byte and changed above jump.It worked.Be carefull that this crc call is called two times.I guess you can patch your self this one also if needed.

  3. #3
    I dont know how much u know about crc ing but pretty much all it does is XOR a sectionbyte by byte or word by word....(etc.) to ensure that it does not change

    normally in the following fashion of somesort

    * This C code snippet Wont show u what an *
    * asm code will look like but will let understand *
    * the theory behind it... I hope *

    int i=0;
    char *SectionToBeChecked;
    char GoodCheck = WhateverIsValueOfGoodCheck;
    char XORValue = 0;

    * iterate through the section Byte by Byte
    * XOR'ing the value of each byte with the
    * current XORValue variable and storing it there
    * so any one different byte should change the
    * final value of the variable

    /* test the variable agianst the good */

    if(XORValue == GoodCheck) // passed the CRC
    else /* DOH!!!!!!!! But Ma-arge! */

    anyway... find a tiny loop that is just XOR-ing a String and you should have found a CRC procedure
    then u got all sorts of ways to fix your problem

    gl hope i helped
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    Off course in this call there is a xor and shift operations.I mean classic CRC32 or CRC16 standard. like this for example
    CRC32 proc lpbuffer:DWORD, lsize:DWORD
    	uses	ebx, esi, edi
    	mov	esi, lpbuffer
    	mov	ebx, lsize
    	xor	ecx, ecx
    	lea	eax, [ecx-1]
    	mov	edi, 0EDB88320h
    @@m1:	xor	edx, edx
    	mov	dl, [esi]
    	xor	dl, al
    @@m2:	shr	edx, 1
    	jnc	@@m3
    	xor	edx, edi
    @@m3:	inc	ecx
    	and	cl, 7
    	jnz	@@m2
    	shr	eax, 8
    	xor	eax, edx
    	inc	esi
    	dec	ebx
    	jg	@@m1	
    	not	eax
    CRC32 endp

  5. #5
    i finally know what it is.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Different papers about SMC, polymorph code and anti trace code...
    By OHPen in forum Advanced Reversing and Programming
    Replies: 7
    Last Post: March 29th, 2007, 15:45


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts