home *** CD-ROM | disk | FTP | other *** search
- *************************************************************************************************
- CeyCey
- *************************************************************************************************
-
- Author: CeyCey
- Protection: Password
- URL:
- Tools: SoftICE v4.05
-
-
- ---> Intro...
-
- Welcome to my next Tutorial !!!
- Ok, now a very hard CrackMe, NOT !!! ;)
- It's hardcoded and you can do this in 2 simple ways.
-
- 1. Using SoftICE trace and find it :)
- 2. Unpack it (UPX) and disassemble and find the string :)
-
- I'm just gonna use SoftICE.
-
-
- ---> Let's Begin...
-
- Ok, open the CrackMe and fill in something i've used:
-
- Password: CoDe_InSiDe
-
- Then get into SoftICE (CTRL+D) and type "bpx hmemcpy", then out of SoftICE (CTRL+D) and press
- the button "Check" and SoftICE should popup.
- Ok, now type "BC *" to disable the breakpoint and press (F12) 12 times and you'll see this:
-
- -------------------------------------------------------------------------------------------------
-
- mov eax, dword ptr [ebp-04] <--- EAX now points to our "Fake" Serial
- mov edx, 0045766C <--- This is the real Serial
- call 00403C8C <--- Compare those 2
- jnz 00457642 <--- If not equal jump over the good Message Box.
-
- -------------------------------------------------------------------------------------------------
-
- Ok, when your on the "call 00403C8C" type "d edx" and you'll see the real Serial it's:
-
- ULTRADMA............................................................
-
- Ok, write it down and get out of SoftICE (CTRL+D) then enter that Serial and press "Check".
- A Message Box pops up saying:
-
- Do not think u r good, Easy huh?
-
- hehe ;P
- That's all.
-
-
- ---> Greetings...
-
- To be honest i'm getting a bit sick of these greetings everytime ;P
- So i'll just say:
-
- Greetings to everyone i know, and to everyone who knows me, and You... ;P
-
-
- Don't trust the Outside, trust the InSiDe !!!
-
- Cya...
-
- CoDe_InSiDe
-
-
- Email: code.inside@home.nl
