CrackMe® Practices for Newbies
Project 9: CrackMe 2 by Cronos

Solve ?
Tuesday, 30-Mar-99 15:03:30

    This is how the program checks the access code:

    When the User name is read,Each character is multiplied by 2Bh ('+') and stored at 494h (294 was a typing error in the prev posting :( ).This string at 494h ends with a 0.Each time,it is checked weather the key pressed was 0dh or 08h or if there were 100h characters read(maximum length of buffer).The same happens with the access code (it is stored at 594h).

    Then the program checks if the length of the user name is equal with the one of the access code.If they are equal it computes a key number.

    At the begining,the key is 0.Then the program enters in the following loop:

    i=0
    while ([494h+i]!=0)
    {
    key=3*key + 93h + [494h+i] - [594h+i];
    i=i+1;
    }

    key=key*5BFh
    key=key+79DFh

    If after this key==7777h then the code is good and "Access granted" is displayed.

    I couldn't check weather I'm right or not because the algorythm for finding a valid code for a name is not an easy one.But I did get the "Access granted" message after changing the key to 7777h when it was stored only in AX.

    Andy

    Andy


Message thread:

Andy's Thread (Andy) (29-Mar-99 07:03:39)

Back to main board