Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

DirectX crackme

A classroom run by newbies for newbies. Gain valuable reversing experience & skills as we explain the in's and out's of RCE.
Silkut
Senior Member
Posts: 579
Joined: Fri Mar 31, 2006 11:29 am

Post by Silkut »

Hmm, I have a question.
When I try to quit the application using ALT+F4 it crashes (not using Escape). You specified this on crackmes.de
Silver
Author
09. Dec, 15:48 One month on, nobody beaten it yet! A reply to people who have asked, if the crackme crashes while you're working on it this is not a bug, it's deliberate.
Is it related ? Because I had no tools loaded.
Still no discussion about it nor solutions..hard time.
Please consider donating to help Woodmann.com staying online (here is why).
Any amount greatly appreciated. Thank you.
Silver
Posts: 570
Joined: Thu May 06, 2004 11:48 am

Post by Silver »

Silkut, when you start the crackme does it load perfectly, switch to full-screen mode, then show a couple of lines of text with a text entry box, a Submit button and a rotating texturemapped cube in the background?

If it shows all these things then the crackme is working on your computer, however it does seem like you've found a legitimate bug if it crashes on Alt-F4.

If you quit using Escape, does it exit properly with no crash? If so then yes, this is a bug, I probably forgot to release an interface when handling the window closing. Apologies for this, please ignore the crash and only use Escape to quit. This is not part of the protection.

The comment on crackmes.de was referring to cracking actions - in other words if you start reversing the app and it starts crashing, this is deliberate and part of the protection.

I think Mr Squeers may be about to provide us with a solution :)
Still here...
Silkut
Senior Member
Posts: 579
Joined: Fri Mar 31, 2006 11:29 am

Post by Silkut »

Yeah all of those things are working, as I said in my report inPM (if you remember i choose to be a victim, with zairon).

_Fullscreen+bouncing.box+entryform+button = Ok
_Quit = Ok
_alt+f4 = crash

Maybe it is possible to provide more information, but I can't use the JIT debugger (because I'm using a student version of VisualStudio blah..) too bad =/

No problem about the bug =) *Damn it's not a part of the protection*
Please consider donating to help Woodmann.com staying online (here is why).
Any amount greatly appreciated. Thank you.
User avatar
Maximus
Posts: 481
Joined: Mon Sep 19, 2005 3:09 am
Location: NDA

Post by Maximus »

? Set Olly as JIT debugger. You can find the option somewhere in menu (much better than IDE, for me...)
I want to know God's thoughts ...the rest are details.
(A. Einstein)
--------
..."a shellcode is a command you do at the linux shell"...
Silkut
Senior Member
Posts: 579
Joined: Fri Mar 31, 2006 11:29 am

Post by Silkut »

Maximus> Thanks for the hint, a moment I forgot that the JIT debugger could be another one that Microsoft's r3 one :o

Here is the instruction where I'm stuck using Olly as JIT debugger.

Code: Select all

00402805  |> /F60401 80     /TEST BYTE PTR DS:[ECX+EAX],80

DS:[00000000]=???
Jump from 0040280F

Access violation when reading [00000000]..
Please consider donating to help Woodmann.com staying online (here is why).
Any amount greatly appreciated. Thank you.
Silver
Posts: 570
Joined: Thu May 06, 2004 11:48 am

Post by Silver »

Oh, yep, that's COM interface reference count fun. I'm going to re-release the crackme with a fix for the backbuffer format (see blabberer's posts), so I'll fix that too.
Still here...
User avatar
ZaiRoN
Posts: 922
Joined: Fri Oct 12, 2001 7:00 am
Location: Italy
Contact:

Post by ZaiRoN »

Waxfordsqueers did it :)
Enjoy his solution: http://www.crackmes.de/users/silver/sil ... ordsqueers
Silkut
Senior Member
Posts: 579
Joined: Fri Mar 31, 2006 11:29 am

Post by Silkut »

Brilliant ! As I thought it was..hu kinda hard.
But still interesting, now i'm waiting Silver's pure DX thingy.
Please consider donating to help Woodmann.com staying online (here is why).
Any amount greatly appreciated. Thank you.
Silver
Posts: 570
Joined: Thu May 06, 2004 11:48 am

Post by Silver »

Ok, here's the pure DX version. Absolutely no extra protection, it's 100% vanilla code. Your task is to PATCH the crackme so it always tells you you've beaten it. The only encryption is for the crackme password, to stop people fishing it.

If a few people could check it works, I think I fixed the caps crash problem and the alt-f4 issue. If it's ok I'll upload it to crackmes.

Cheers guys!
Attachments
silverdxcrackme1pure.zip
(261.2 KiB) Downloaded 306 times
Still here...
Silkut
Senior Member
Posts: 579
Joined: Fri Mar 31, 2006 11:29 am

Post by Silkut »

It works well here, no bugs afaik.
I'll try to solve it =].
Please consider donating to help Woodmann.com staying online (here is why).
Any amount greatly appreciated. Thank you.
User avatar
countryman
Junior Member
Posts: 28
Joined: Fri Jan 07, 2005 6:12 am

For silverdxcrackme1~~~

Post by countryman »

I Think that your crackme has password..
Teach me your crackme password~~~ plz...
Have a nice day.
good luck...
Silkut
Senior Member
Posts: 579
Joined: Fri Mar 31, 2006 11:29 am

Post by Silkut »

Hello,
Did you read the .nfo coming with the .zip ?
Please consider donating to help Woodmann.com staying online (here is why).
Any amount greatly appreciated. Thank you.
User avatar
ZaiRoN
Posts: 922
Joined: Fri Oct 12, 2001 7:00 am
Location: Italy
Contact:

Post by ZaiRoN »

I got another solution at crackmes.de, enjoy:
http://www.crackmes.de/users/silver/sil ... hecolonial
Silver
Posts: 570
Joined: Thu May 06, 2004 11:48 am

Post by Silver »

Thanks Zairon, I'll go take a look now!
Still here...
TheColonial

Post by TheColonial »

Hi everyone,

I realise I'm bringing back to life a thread that has been dormant for the last 4 to 5 years, but I'm hoping that someone here can help me.

I wrote the tutorial/solution to Silver's crackme back in 2007 and published it as a PDF on the crackmes.de website (I blogged about it here). Since then, thanks to various backup failures and issues with webhosts, I have lost my copy of the document.

I tried to get another copy from crackmes.de, but as we all know that site has been taken down. I found a few locations that claimed to have backups/mirrors of the solutions, but none of those online archives are complete and I wasn't able to get my solution from them.

I have tried to scrounge copies from archive.org and from google's cache but to no avail. The last hope that I have is this forum!

Do any of you still happen to have a copy of my solution lying around on their harddrives? I'm not worried about anything else, just the PDf that I wrote as I'd really like to retain a copy and stick it back up on my webserver for other people to digest.

Any help would be greatly appreciated. Thanks to all for listening.

TheColonial.
Locked