DarkWolf
presents:
Essay n║ #2: DaNiEl-RJ's crackme #1
Toolz:
Soft-Ice and Windasm
Download the crackme at my page.
Explain: Oh my god! I'm tired cracking easy crackmes and writting tutorials, but this crackme is a little tricky! Nice shot, autor!.
The Essay:
Well, first of all, get a deshrinker, coz this crackme is packed with Shrinker 3.4. After unpacked, load the unpacked file. Wow, there is nothing! Wrong, click at the File menu. Look at the grey menu called "Damn! Where's the whole thing???". We need to disable it. Don't execute nothing, just click About and click ok. Click that menu again. Wow, the menu is now enabled, click on it and it's shows the crackme. Now, open it on Windasm. Click on refs, search for a string called "Congratz cracker! hehehe".
:0042D556 8D55F8 lea edx, dword ptr [ebp-08]
:0042D559 8B86E0010000 mov eax, dword ptr [esi+000001E0]
:0042D55F E8FCC8FEFF call 00419E60
:0042D564 8B45F8 mov eax, dword ptr [ebp-08] <- Mov your serial
to EAX
:0042D567 8B55FC mov edx, dword ptr [ebp-04] <- Move the correct
serial to EDX
:0042D56A E86163FDFF call 004038D0 <- Compare strings
:0042D56F 750C jne 0042D57D <- Jump if not equal (duh)
* Possible StringData Ref from Code Obj ->"Congratz cracker! hehehe"
|
:0042D571 B8ECD54200 mov eax, 0042D5EC <- U stop here
Its simple. Load SICE's loader.exe, and load ur unpacked file. Bpx on :0042D56A. Now do that things (click in about menu.....) enter any name, serial and click on Check It! Sice gonna break. If not, then u bpx on the wrong place. Just 'd edx' and u gonna c ur generated serial. Easy huh? Congratz cracker! hehehe. Thats it! Easy huh?
Greetz:
MERCUTION, AC_178, Ac|dFuSiO, LaZaRuZ^, Dead-Mike, Termn8r, Macr0, Dead-Mike, SpeedSta (for playing chess :), and all ppl in #c4n and #cracking.uk. If i forgot u, sorry :)