Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

Very Easy CrackMe

A classroom run by newbies for newbies. Gain valuable reversing experience & skills as we explain the in's and out's of RCE.
harmor

Very Easy CrackMe

Post by harmor »

This is for the beginner just starting his venture into cracking.

\*===================================*/
1. Find the real serial number.
2. Alter the code to allow it to accept any serial
/*===================================*\
Attachments
first.zip
(127.78 KiB) Downloaded 4296 times
LLXX
Senior Member
Posts: 981
Joined: Wed Aug 17, 2005 8:37 pm

Post by LLXX »

I was expecting something a bit more complex for that size... but this one was a bit disappointing seeing as a hex editor is all that's needed :(

What the hell was it compiled with? A protection like this doesn't take four-hundred-thousand bytes :eek:
[ ~Litana L.X. Xahanien~ ]
harmor

Post by harmor »

The program has 22 lines and was compiled with Dev C++
User avatar
ZaiRoN
Posts: 922
Joined: Fri Oct 12, 2001 7:00 am
Location: Italy
Contact:

Post by ZaiRoN »

Good enough for real newbies ;)
Silkut
Senior Member
Posts: 579
Joined: Fri Mar 31, 2006 11:29 am

Post by Silkut »

As LLXX said, the valid serial is waiting for us. =/
Please consider donating to help Woodmann.com staying online (here is why).
Any amount greatly appreciated. Thank you.
LLXX
Senior Member
Posts: 981
Joined: Wed Aug 17, 2005 8:37 pm

Post by LLXX »

harmor wrote:The program has 22 lines and was compiled with Dev C++
With "generate most bloated code possible" option enabled. ;)

I've seen entire apps with more complex protections than this in les than 1/10th the size (unpacked)... :rolleyes:
[ ~Litana L.X. Xahanien~ ]
User avatar
countryman
Junior Member
Posts: 28
Joined: Fri Jan 07, 2005 6:12 am

Easy Crack Me~~~

Post by countryman »

Thank you for your Hardwork.
so. later
see you again.
treaxer

Post by treaxer »

19654659119676XXX
User avatar
ZaiRoN
Posts: 922
Joined: Fri Oct 12, 2001 7:00 am
Location: Italy
Contact:

Post by ZaiRoN »

Hmm, nice number. What is it?
begemott
Junior Member
Posts: 16
Joined: Tue Oct 28, 2003 10:22 am
Location: Bulgaria

Post by begemott »

.text:00401429 mov [esp+88h+var_84], offset a19654659119676 ;

BTW: why the generated exe is so large?
Did you make use of template metaprogramming or other code bloating techniques? ? ?
LLXX
Senior Member
Posts: 981
Joined: Wed Aug 17, 2005 8:37 pm

Post by LLXX »

About half of it is useless debug info, 3/4 of the other half is probably std::cout and the rest of the standard bloated library, and of the 1/8th that's left, 1/10th of that would be the code and data contribution that he actually wrote.

Me thinks he decided to link in everything so his serial couldn't be so easily found... though the compiler *does* put the data in its own section...
[ ~Litana L.X. Xahanien~ ]
0xf001
Posts: 601
Joined: Thu Jul 29, 2004 11:00 am
Contact:

Post by 0xf001 »

i dont understand the excitement about size. its obvious why. and its an easy crackme ;)

thanks for posting it :yay:
LLXX
Senior Member
Posts: 981
Joined: Wed Aug 17, 2005 8:37 pm

Post by LLXX »

i dont understand the excitement about size.
You're probably not all that learned in Asm compared to some of us here. Most HLL'ers are that way thinking it really does require over 9000 bytes to do a string comparison and write a few lines to the console, when at most a few hundred is sufficient.

I'd say that learning Asm really does change your perception of programming and software in general, in a revolutionary way (and IMHO positive) way.
[ ~Litana L.X. Xahanien~ ]
0xf001
Posts: 601
Joined: Thu Jul 29, 2004 11:00 am
Contact:

Post by 0xf001 »

hehe,

i tried to get the focus away from this "issue". i thought its not so important for somebody who wants to test his skills against this crackme.

about my perception of asm: i am a bit familiar with it. and i am fully with u about HLLs. about ca 14 years ago i learned asm for i386 after switch from C128 to pc. at that time i used 6510 asm for about 3 years (i started at the age of 13 with it), where i coded my own 4 bit audio sample sequencer (like drum machine), gfx effects, little games, and reversed some games. my 1st programming language on i386 was asm, where i coded intros, gfx effects, little games, and then my first polymorphic, full stealth, resident incfectors, various programs to bypass novell security and custom protectors used at school :devil:
i developed electronic devices using 8051 microcontroller derivates, pic microcontrolllers (before it understood basic :) ), ... in asm of course.
then came pascal, then c, then VB, then linux: shell, perl, javascript, php, ... then VC++, then hp-ux, solaris, aix, then osx reversing.

usually i am quite concerned about size where it matters. like in virus coding for example. however for a beginners crackme just all is fine in my opinion.

regards, 0xf001
goqq2008

Post by goqq2008 »

1. Find the real serial number.
19654659119676414

2. Alter the code to allow it to accept any serial
00401437 . E8 1CAD0300 call 0043C158
0040143C . 84C0 test al, al
0040143E 74 16 je short 00401456 ; nop
00401440 . C74424 04 2C0>mov dword ptr [esp+4], 0044002C ; the serial you entered is correct\n\n
00401448 . C70424 C03344>mov dword ptr [esp], 004433C0
0040144F . E8 44AD0300 call 0043C198
00401454 . EB 1B jmp short 00401471
00401456 > C74424 04 500>mov dword ptr [esp+4], 00440050 ; the serial is incorrect\n\n
Locked