![]() | |
Some extra notes... Friday, 29-Jan-99 18:24:01
Greetings, Here's a few things I've so far found out about this crackme.. :00401039 683B204000 push 0040203B ;Contents of crkme4.dat get ;read into this memory ;location. :00401066 A05B204000 mov al, byte ptr [0040205B] ;Read 33rd byte ;from crkme4.dat :0040106B A271204000 mov byte ptr [00402071], al ;then save this here .... .... .... :00401098 E879000000 call 00401116 :0040109D E81F010000 call 004011C1 :004010A2 83F800 cmp eax, 00000000 ;First check eax=0 if ;decryption fails :004010A5 7440 je 004010E7 ;Jump bad guy :004010A7 90 nop :004010A8 90 nop :004010A9 90 nop :004010AA 90 nop :004010AB 803D4B20400000 cmp byte ptr [0040204B], 00 ;Second Check :004010B2 7433 je 004010E7 ;jump bad guy :004010B4 90 nop :004010B5 90 nop :004010B6 90 nop :004010B7 90 nop :004010B8 6814204000 push 00402014 ->" cORRECT !! :-)" Both conditional jumps must be passed before the program will display that it has been cracked. The data in the crkme4.dat file is an encrypted User Name but in seperate parts?. At memory loaction: :00401066 the 33rd byte from th crkme4.dat is read first before the program goes onto de-cryting the rest of the User name. Time permitting I will fill-in the de-crypting routine.. Regards Sandman The Sandman |
The Sandman's Sand Dune lies here.. (The Sandman) (29-Jan-99 17:21:58) |
|
Copyright © InsideTheWeb, Inc. 1997-1999
All rights reserved.