RE FORUM

[REVERSE ENGINEERING] => Crackmes => Topic started by: DARKER on September 16, 2007, 07:43:41 PM

Title: SCF CrackMe 6 - Back To The Old School
Post by: DARKER on September 16, 2007, 07:43:41 PM

Toto CrackMe je ako spomienka na stare casy. Urcite si vacsina pamata na DOS  (to su tie skarede cierne okna ak niekto neviete co to je :-)

Cielom je najist spravne registracne data.  

Pravidla :
- Kedze patch by bol velmi easy (1 bajt) akceptuje sa len spravna registracia ako riesenie.

PS: V dnesnych mega, giga casosch ma cme iba 5742 bajtov takze aby ste to nevyriesili ? ;-)

blizsie info v Readme_SK.txt
(more info in Readme_EN.txt)

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: Conflict on September 17, 2007, 02:50:39 PM

doufejme ze to neni 16-bitova aplikace, doufejme ze neni packla, doufejme ze nevyuziva vektory preruseni, nezbyva nez doufat

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: llAmElliK on September 17, 2007, 04:10:55 PM

Quote from: Conflict

doufejme ze to neni 16-bitova aplikace, doufejme ze neni packla, doufejme ze nevyuziva vektory preruseni, nezbyva nez doufat

..ackoliv nadeje umira vzdy posledni asi te zklamu uz ted...:p

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: Master on September 17, 2007, 06:03:19 PM

no vzhledem k zajimavy PE,tak sem se zatim moc nikam nedostal :D

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: Z!L0G80 on September 17, 2007, 08:45:12 PM

pascal rulez ! :D

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: Conflict on September 18, 2007, 06:08:33 AM

2llame: prej nadeje, hihi, naprosta beznadej  :p
unpack hotov

Title: Interest
Post by: DARKER on September 18, 2007, 08:45:54 AM

kedze sa uz prezradilo ze target bol pakovany tak pre zaujimavost original exe malo 7376 bytes.

Title: Re: Interest
Post by: llAmElliK on September 18, 2007, 09:47:17 AM

Quote from: DARKER

kedze sa uz prezradilo ze target bol pakovany tak pre zaujimavost original exe malo 7376 bytes.

Po unpacku mam 7232 - jinak nasel jsem uz misto vypoctu - v debuggeru (nastroj neprozradim:)) - akorat nemam time se v tom zorientovat...

Title: Re: Interest
Post by: Z!L0G80 on September 18, 2007, 04:54:50 PM

Quote from: DARKER

kedze sa uz prezradilo ze target bol pakovany tak pre zaujimavost original exe malo 7376 bytes.

aj ten PASCAL se prozradil :DD taky mam to misto kde se pocita(to mi trvalo tak 2 minuty vcetne unpacku) ale co nemam je cas

Title: Re: Interest
Post by: DARKER on September 18, 2007, 06:40:48 PM

Quote from: Z!L0G80

aj ten PASCAL se prozradil :D ...

to som xcel praveze zakecat ...  :)

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: pr0p4g4nd4 on September 19, 2007, 09:58:48 AM

Hm, v com to dubugujete? Alebo mi na to postaci len stary dobry disassembler w32dasm?

BTW: 2DARKER: Dal si toto cme aj na nejake ine fora(weby)?
BTW2: 2DARKER: Ked si mi pisal, ze robis nejake oldschool cme tak som vobec netusil, ze to bude 16bit dosove cme - fakt brutal  :eek: . A ten oldschool bude fakt asi oldschool lebo ja som s RE zacinal okolo roku 2000 a v tej dobe take 16bitove veci uz neboli(teda si aspom nepamatam :rolleyes: ).

Title: Re: Interest
Post by: eraser on September 19, 2007, 04:37:05 PM

Quote from: llAmElliK

v debuggeru (nastroj neprozradim:))

Nebodaj pou?íva? príkaz DEBUG.  :rolleyes:

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: DARKER on September 19, 2007, 06:17:10 PM

Quote from: pr0p4g4nd4

Dal si toto cme aj na nejake ine fora(weby)?
Ked si mi pisal, ze robis nejake oldschool cme tak som vobec netusil, ze to bude 16bit dosove cme - fakt brutal

- je to iba na tomto fore, ste privilegovani ;)
- tak kuva aby ste mali zabavu :)  klasickych cme mate na nete kopec, xce to zmenu -> aspon sa naucite nove veci, "Cracking Hrou"  ;)
- na debug existuje viac alternativ ....

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: llAmElliK on September 19, 2007, 07:43:49 PM

Quote from: pr0p4g4nd4

Hm, v com to dubugujete? Alebo mi na to postaci len stary dobry disassembler w32dasm?

Dle naseho porovnani kodu ,ktere jsme delali s Conflictem W32Dasm neco nespravne preklada....nevim zda to muze ovlivnit tvuj usudek nebo ne ale tohle je zjisteni...zkousel jsem par disassembleru a temer shodne vsechny oproti debuggeru "zkreslovali informace"..:)

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: Conflict on September 19, 2007, 08:18:25 PM

k nesrovnalostem dochazelo vzdycky na entry pointu. zajimavym pristupem muze byt taky zkompilovani funkci pro praci s retezci v pascalu a pak porovnat asm kod.

Title: Hall of Fame
Post by: DARKER on September 20, 2007, 07:05:15 PM

Priebezny zoznam riesitelov:

01) Conflict (20.09.2007 15:03) - Reg. data
02) CZerezpiCZkin (20.09.2007 16:46) - Keygen a Postup

Kludne rieste dalej, uzavierka 16.12.2007.

Title: brum brum
Post by: Conflict on September 21, 2007, 03:56:33 PM

casto se u crcME nasmejete nad optimalizaci kodu. Tohle je fakt dobry :D

Code: [Select]

 cs:0528 8B3EE803       mov    di,[03E8]                    
  cs:052C 8A85EB03       mov    al,[di+03EB]                
  cs:0530 8B3EE803       mov    di,[03E8]                    
  cs:0534 3285F703       xor    al,[di+03F7]                
  cs:0538 8B3EE803       mov    di,[03E8]                    
  cs:053C 8885F703       mov    [di+03F7],al                

celkove mi pripada, ze je kod na hrubo skladany a nejednou najdete hluchy instrukce, ktery jsou preskoceny tvrdym jumpem

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: pr0p4g4nd4 on September 25, 2007, 09:34:42 AM

Quote from: DARKER

na debug existuje viac alternativ ....

Co by si mi teda na debuggovanie odporucal?

Quote from: DARKER

Kludne rieste dalej, uzavierka 16.12.2007.

Fujha, som rad ze si dal uzavierku az na december lebo popri tej blbej skole(bohaca vcera som bol v skole prvy den a hned nam dali dve temy na spracovanie :mad: ) fakt nemam cas na re  :mad:  :mad:
Dufam, ze sa k tomu tvojmu cme nejako dostanem a budem mat cas na riesenie  :mad:

Quote from: llAmElliK

Dle naseho porovnani kodu ,ktere jsme delali s Conflictem W32Dasm neco nespravne preklada....nevim zda to muze ovlivnit tvuj usudek nebo ne ale tohle je zjisteni...zkousel jsem par disassembleru a temer shodne vsechny oproti debuggeru "zkreslovali informace"..

Aha, a aky w32dasm ste pouzili? Lebo ja mam doma aj w32dasm modifikovanu verziu od SnD - ale neviem v com je modifikovana lebo som tu modifikovanu verziu moc(vlastne vobec) neskusal..

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: Z!L0G80 on September 25, 2007, 09:52:13 AM

na unpack bych doporucil.. unp,unpklite na dissass.. ida,sourcer na debud.. debug,turbo debugger,soft-ice ;)

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: pr0p4g4nd4 on September 25, 2007, 10:13:12 AM

Quote from: Z!L0G80

na unpack bych doporucil.. unp,unpklite na dissass.. ida,sourcer na debud.. debug,turbo debugger,soft-ice ;)

Super.. Diki za tipy..  :eek:

Title: Re: Hall of Fame
Post by: pr0p4g4nd4 on December 13, 2007, 05:23:50 PM

Quote from: DARKER

Kludne rieste dalej, uzavierka 16.12.2007.

Mam malu prosbu, a sice ze ci by sa nedalo pockat na mna. Nejako mi na to nevysiel cas ako by bolo treba. Ale chcem to poriesit..

Co povies DARKY - predlzis uzavierku? Povedzme napr do 10. januara..  ;)

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: DARKER on December 13, 2007, 06:10:24 PM

Chcel som to uz uzavriet, ale mas ho mat  ;)

Title: Re: SCF CrackMe 6 - Back To The Old School
Post by: pr0p4g4nd4 on January 08, 2008, 10:39:18 AM

Quote from: DARKER

Chcel som to uz uzavriet, ale mas ho mat  ;)

Phew, tak som to nakoniec stihol.. Cme ale dalo zabrat - nie vinou toho ze by bolo take narocne ale vinou toho ze ten Turbo Debugger vobec neviem ovladat..  :eek:  :o