CrackMe® Practices for Newbies
PROJECT 6: caveman by Ghiribizzo

Thanks Andy
Sunday, 28-Feb-99 03:33:28

    Hi Andy,

    I figured the mystery of the 00's after the "$" at the end of the name: The first 2 00h become the calculated key and the 2 00h following are the user's entered key. I am surprised the author let this slip by him and easily he could diprive us of this loophole by checking fo ax = 00. As for changing ah, that is very tricky as you said. Since the username must terminate in "$" this offers an other opportunity to make a keyfile using one or two othe none zero bytes. This would require a little bit of calculation and will make it possible to land on other possitions of the board other than the first possition.
    As for the keygeneration program it must not be very difficult after one creates a valid move table. The one or two bytes after the "$" will be the same and the move table will be the same, but the username might change from one situation to the next. Such a keygen program will provide solutions which are not unique and should quelify as a legitimate keygen.
    Becouse I want to find things for myself I am spent lots of time figuring the leagal moves and what moves when and how. Now I have table for all poosible move to chose from things are moving fast and now I am trying to get the "CC" through the bottleneck. Hope to reach the "F" some time soon. Onec I do that I might try my hand at writing a keygen program. I will try Qbasic, I don't see why that should not do it especiall if I read the move table from a data file. BTW, are there any other tricks after the "F" has been hit? The way I read the assembly code is that once you land on the "F" you get the congrats message. Am I correct in assuming that. I should have statred this project sooner.

    Best regards,

    Joseph


    Joseph


Message thread:

Joseph's Thread (Joseph) (25-Feb-99 04:47:28)

Back to main board