home *** CD-ROM | disk | FTP | other *** search
-
- What's needed to keygen gPs Crackme 2
- by SiFLyiNG
-
-
- Sorry i haven't got time to write a tut, but i'll just explain the
- calculation routine of the crackme.
-
- Protection : VB5 crackme based on a Name/Vorname/Code protection.
- Tools to use : Smartcheck + SoftIce
-
- Here is the algo of the keygen :
-
- X1 = lenght(Name) * 3 * lenght(vorname) * 5 * 5 * 6 / 6
- = lenght(name) * lenght(vorname) * 75
- X2 = lenght(vorname) * 13
- X3 = lenght(name) * 12
- X4 = 123 (this never vary, X4 is also a constant)
- X5 = len(name) * len(vorname)
-
- then the crackme append all the parts together
-
- and the temporary serial become : X1X2X3X4X5
-
- Then this temporary serial is multiplied with a 'magic' value. This value
- depends on the first char of the name. Here is the table of these value (in
- hexadecimal) :
-
- a A 17
- b B EA
- c C 07
- d D 1D
- e E 2C
- f F 0C
- g G 3F
- h H 16
- i I 1A
- j J 1F
- k K 0D
- l L 60
- m M 4A
- n N 2F
- o O 49
- p P 20
- q Q 47
- r R 11
- s S 52
- t T 1C
- u U 62
- v V 59
- w W 36
- x X 2D
- y Y 49
- z Z 22
-
- and Σ 2D
- ⁿ 33
- ÷ 0E
-
- for all the others chars this value will be 0. So if the name begin with '-'
- or '=' you won't have to calculate because X1X2X3X4X5 * 0 = 0 and the code
- will be 0 !!!
-
- I hope this is understandable. Let's try with an example :
-
- Name : 'SiFLyiNG'
- Vorname : 'Crackme_Cracked'
-
- X1 = lenght(Name) * 3 * lenght(vorname) * 5 * 5 * 6 / 6
- = lenght(SiFLyiNG) * lenght(Crackme_cracked) * 75
- = 8 * 15 * 75 = 9000
-
- X2 = lenght(vorname) * 13
- = lenght(Crackme_cracked) * 13 = 15 * 13 = 195
-
- X3 = lenght(name) * 12
- = lenght(SiFLyiNG) * 12
- = 8 * 12 = 96
-
- X4 = 123 (this never vary, X4 is also a constant)
-
- X5 = len(name) * len(vorname)
- = len(SiFLyiNG) * len(Crackme_cracked)
- = 8 * 15 = 120
-
-
- So the temporary serial is :
- X1X2X3X4X5 = 900019596123120
-
- and let's look for the magic value in the table. We see:
-
- s S 52h = 82
-
- So the code will be :
-
- 900019596123120 * 82 = 7.38016068820958E+16
-
- yes it should be written like that !!! that's because it's a VB proggy...
-
- But we could try another example, more simple :)
-
- Name : -=CrackeR=-
- VorName : Toto
-
- and without any calculation, we get :
- Code : 0
-
- you understand why, i hope... if not remember the table of the magic values
- here the name begins with '-' so the magic value is 0 because '-' doesn't
- appear in the table...
-
-
- That's all folks. I hope this was enough to understand the serial
- calculation. If there is a problem, just mail me, i'll answer.
- You can now make your own keygen. I've included mine with these
- explanations with some source in VB. I wanted to try in winasm but i'm not
- good enough...
-
- SiFLyiNG
- siflying@ifrance.com
-
- PS : could someone send me some Win32asm sources or tutorials please ?
- NB :this crackme might not be obvious to code in win32asm :
- remember the serial we had got : 7.38016068820958E+16. That's because
- it's a VB crackme, but this is not really interested to code, i think, in win32asm.
-
-
-
-
-
