Cracking 2

home *** CD-ROM | disk | FTP | other *** search

/ Cracking 2 / Cracking II..iso / Texty / crackme / firecm#6.asm < prev next >

Wrap

Assembly Source File | 1999-06-16 | 5.0 KB | 174 lines

; fireworx crackme #6 keygen by R!SC , 16/6/99 ; heya wizzkid! :P ; not a byte wasted, 406 bytes keygen for a 303kb crackme :O .MODEL TINY .CODE .386 ORG 100h start: jmp main db 'R!SC ' main: mov ah, 9 ; print title lea dx, intro ; dx with offset ov text int 21h lea dx, input mov ah, 0ah int 21h mov al, byte ptr [input+1] ; copy length into eax... cmp al, 1 ; is it less than 1? jge go badname: mov ax, 4C00h ; Exit int 21h go: ; start_conversion_of_name int 03 ; incase ya wanna bpint 3 in soft-ice and trace.. lea si, input2 ; name in si (instead of edi..) xor edx, edx xor ecx, ecx mov ebx, 49390305h ; magic number #1 mov edi, 48631220h ; magic number #2 main_loop: mov cl, [si] xor ebx, ecx xor edi, ebx ; do the maths that we borrowed test bl, 01 je loc44173b sar ebx, 1 jns loc441733 adc ebx, 0 loc441733: xor ebx,01200311h jmp done_1 loc44173b: sar ebx, 1 jns done_1 adc ebx, 0 ; replicated byte for byte :) (almost..) done_1: inc si ; point to next letter dec al ; decrease counter jne main_loop ; sorted, keygen over, just gotta convert our serial into ascii :O ;:?ebx ;054F923B 0089100859 "OÆ;" ;:?esi ;3FC7F3B6 1070068662 "?╟≤╢" ;my code, 923B-054F-F3B6-3FC7 ;fix the numbers (copy words into proper locations..) mov [reg1], bx sar ebx, 10h ; shift ebx 16 bits right, 2 bytes.. mov [reg2], bx mov [reg3], di sar edi, 10h mov [reg4], di convert_reg: ; convert the hex words to ascii hex, and add the '-' lea si, tempregend-1 ; temp storing place, starting from the end mov ax, [reg4] ; start with reg4, and we calculate it backwards call loopy_hex mov ax, [reg3] call loopy_hex mov ax, [reg2] call loopy_hex mov ax, [reg1] call loopy_hex conversion_done: inc si ; point to first digit.. inc si lea di, regcode ; where to copy it to copy_number: movsb ; copy it, byte by byte cmp byte ptr [si],0 ; see if we have finished jne copy_number ; if not, loop mov ah, 9 ; print code lea dx, code ; dx with offset ov text int 21h mov ax, 4C00h ; All Done And Exit int 21h loopy_hex: mov dl, 02 hehheh: mov bl, al ; copy 1 byte into bl and bl, 0fh ; clear high nibble add bl, 030h ; 30h is ascii '0' cmp bl, 39h ; is it < ascii '9' jle oki1 add bl, 7 ; if not, it was a letter, so add 7 to get ascii 41h='A' mov byte ptr [si], bl dec si jmp hmmm oki1: mov byte ptr [si], bl dec si hmmm: mov bl, al ; copy same byte into bl shr bl, 04 ; shift it right 4 bits, so we are left with the high nibble add bl, 030h cmp bl, 39h jle oki2 add bl, 7 mov byte ptr [si], bl dec si jmp hmmm2 oki2: mov byte ptr [si], bl dec si hmmm2: shr ax, 08 ; get to the next byte in ax... dec dl jne hehheh mov byte ptr [si], '-' ; add the '-' manually dec si ret ;_______________________________________________________________ intro db 10,13, 'FireWorx Crackme #6 ** kEYGEN bY R!SC ** risc@notme.com **',10 db 10,13, 'eNTER yOUR nAME : ', '$' code db 10,13, 'yOUR rEGCODE iS : ' regcode db 20 dup(20h) regend db '$' tempreg db 20 dup (?) ; temp storing place for the code, as we convert it into ascii tempregend db 0 reg1 dw ? ; yah, contains part 1 of the reg code reg2 dw ? ; yah, contains part 2... reg3 dw ? reg4 dw ? ; but they need converting to hexdecimal ASCii input db 30, 0 ; first byte, size of buffer, second byte will become our length of input input2 db 30 dup(?) ; where the name will be input ;_______________________________________________________________ end start