Acid_Cool_178
presents he's
| #34 Tutorial |
| For Hellforge |
This Text Are Only Ment To Edcucational Purpose And Not To Be Used Illegaly, I Take No Response For Illegal Use Of This Text. Move On On Your Risc.
| Athour Information |
| acid_cool_178@hotmail.com | ||
| Age | 17 | |
| Web Page | http://acidcool.cjb.net/ | |
| Date | Febuary 2K | |
| Member in | Hellforge | Flying Horse Cracking Force |
| Groups Web Page | Hellforge Login | FHCF Login |
| Program Infromation |
| Name | Crackme 2 | Crackme 6 | ||||
| Crackme2.exe | Crackme6.exe | |||||
| Size | 303 KB (Unzipped) | 303 KB (Unzipped) | ||||
| Athour | FireWorx | |||||
| Where to Downlaod | crackmes.cjb.net | |||||
| Tools used | W32Dasm Soft Ice |
Downlaod At | ||||
| 1. Player Tools | ||||||
| 2. Programmer Tools | ||||||
| What kind of a program | Crackme | Shareware | ||||
| Skill | Easy | Not so easy | Hard | X-pert | ||
| Information about the Protection I |
This crackme got one Name and serial to enter. The serial are generated from the Name.
| Before We Start |
Uou need some SI knowlegde
Task1 <-- Crackme 2
Task2 <-- Crackme 6
| The Process |
Task1
Open crackme2exe in W32Dasm and under "string data references" can you find
this string. "Right Code"
Dubbleclick on that string and you will end up here.
00441759 58 pop eax
:0044175A E8E523FCFF call 00403B44
<-- Strange call
:0044175F 7517 jne 00441778
<-- Jump to bad messagebox
:00441761 6A00 push 00000000
:00441763 668B0DD8174400 mov cx, word ptr [004417D8]
:0044176A B202 mov dl, 02
* Possible StringData Ref from Code Obj ->"Right Code"
<-- Good code starts here
|
:0044176C B8E4174400 mov eax, 004417E4
<-- U will land here
:00441771 E802FBFFFF call 00441278
Now, what we need to now what EDX are at the call and there are also the Serial..
run the crackme and fill in the info. I wrote this
Name: Acid_Cool_178
Serial: 2951
Open Soft Ice and put a breakpoint at hmemcpy and close softice.
Click on the "OK button" and you are no in Soft Ice. Press F12 unstil you are in
good code, good code are xxxx:xxxxxxxx
break all breakpoits
Set a breakpoint at the call
Exit soft Ice and you are back again. And now you are at the call, just press D EDX and
you can see you code.
I coult see this Acid_Cool_178Acid_Cool_178625g72
So i changed 2951 with Acid_Cool_178Acid_Cool_178625g72 and that workes just fine for me
:))
Task2
Open crackme2exe in W32Dasm and under "string data references" can you find
this string. "U made it"
Dubbleclick on that string and you will end up here.
:00441800 58 pop eax
:00441801 E83E23FCFF call 00403B44
<--
Your code
:00441806 751A jne 00441822
<--
Jump to the bad messagebox if wrong code
:00441808 6A40 push 00000040
* Possible StringData Ref from Code Obj ->"U made it"
<-- The
start og the good code
|
:0044180A B96C184400 mov ecx, 0044186C
<-- U will land here
Now, what we need to now what EDX are at the call and there are also the Serial..
run the crackme and fill in the info. I wrote this
Name: Acid_Cool_178
Serial: 2951
Open Soft Ice and put a breakpoint at hmemcpy and close softice.
Click on the "OK button" and you are no in Soft Ice. Press F12 unstil you are in
good code, good code are xxxx:xxxxxxxx
break all breakpoits
Set a breakpoint at the call
Exit soft Ice and you are back again. And now you are at the call, just press D EDX and
you can see you code.
I coult see this 8D15-004D-1BF5-3804
So i changed 2951 with 8D15-004D-1BF5-3804 and that workes just fine for me :))
| Greetings |
LaZaRuS, Wajid, Borna Janes, ManKind, Eddie Van Camper, ACiD BuRN, KoRnFLeX, Eternal_Bliss, Potsmoke, DiABLO. Torn@do, ^AlX^ and all the other i have forgotten