Contribute  :  Web Resources  :  Past Polls  :  Site Statistics  :  Downloads  :  Forum  
    BiW ReversingThe challenge is yours    
 Welcome to BiW Reversing
 Monday, December 18 2017 @ 02:28 AM CET

Submitted by: detten
File name: detcrackme8.zip
Submitted: 2005-03-01 22:18
Downloads: 1831
File size: 2 kB

Download Now! Detten Crackme 8

Patch this crackme so it is registered for your name
beware for the Self Modifying Code :)



Detten Crackme 8 | 1 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
Solution
Authored by: int21h on Wednesday, December 02 2009 @ 06:17 PM CET
First: Make a dat file for the registration name and serial number: Set a break point @:

00401251   . E9 B8000000    JMP Crackme8.0040130E
Run the program and fill in the user name and password information. Once you hit Register the breakpoint will trigger. When it does assembly the address with nops:

00401251     90             NOP
00401252     90             NOP
00401253     90             NOP
00401254     90             NOP
00401255     90             NOP
Run the program: A dat file is created with your username and password. Restart the program and set a breakpoint @:

0040111B     E9 98000000    JMP Crackme8.004011B8
Run the program till the breakpoint occurs. What I did was change the code @ 0040111B

From:
0040111B     E9 98000000    JMP Crackme8.004011B8
To
0040111B     E9 00000000    JMP Crackme8.00401120
Once you do that you will have access to this code:

00401120   > 33DB           XOR EBX,EBX
00401122   . 66:8B1D 1B1140>MOV BX,WORD PTR DS:[40111B]
00401129   . 66:8B0D 511240>MOV CX,WORD PTR DS:[401251]
00401130   . 66:A1 3B104000 MOV AX,WORD PTR DS:[40103B]
00401136   . 66:0305 5D1140>ADD AX,WORD PTR DS:[40115D]
0040113D   . 66:330D 621140>XOR CX,WORD PTR DS:[401162]
00401144   . 66:031D 681140>ADD BX,WORD PTR DS:[401168]
0040114B   . 66:2B0D 721140>SUB CX,WORD PTR DS:[401172]
00401152   . 66:33D9        XOR BX,CX
00401155   . 66:81C3 AD6E   ADD BX,6EAD
0040115A   . 66:33D8        XOR BX,AX
0040115D   . 66:81FB C67C   CMP BX,7CC6
However you still have one more place to code for the check to work. I had to alter this code also:

From:
00401155   . 66:81C3 ADDE   ADD BX,DEAD
To:
00401155   . 66:81C3 AD6E   ADD BX,6EAD
If you wish you can play with altering other parts to see how it behaves, but for me I found that these altars work the best.
 Copyright © 2017 BiW Reversing
 All trademarks and copyrights on this page are owned by their respective owners.
Powered By Geeklog 
Created this page in 0.06 seconds