i had suspended idea for Guess-me toy.
when i read +Fravias swansong, i remembered this idea &
planned to build this crackme for him as gift..
but so quick cames death..

so it is now only In_Memoriam.

You should trace & watch this guess-me in debugger. (i put INT3 for catch)

1. So you must guess, what it means..
2. if you guess, then exact "object" name need! (need some proof in that space..)

OK, I'm a sucker. I counted the spacing on the stack between CS(0x1B) values (84,3,5,3,55,3,5,3,.....). I converted them to binary and tried to rearrange them. I even squinted my eyes and stared at the stack display to see if I could see a big "+F" or something... zip, nada, nothing, diddly-squat. Some cryptic cypher? Morse Code?

The order of the PE sections are "backwards". fs:[0] is wiped. Neither seem to be significant.

Anybody else got ideas?

as of PE-order, it is RosAsm compiled executable.
FS:0 fiped for rid exception on INT3.
that all not matters.

>>You should trace & watch this guess-me in debugger. (i put INT3 for catch)
that all you need. 2 or 3 time. than imagine, what it means..

watched it, but have no idea
I suppose it's simple, but didn't get it at all
all I see is it jumps in one place for a while, then jumps at another,
but that might just be olly's window not being big enough...

Hi Guys

I see a lot of JMP's, a lot of RET's and a lot of 004060.. on Stack starting on 0012F684 ending 0012FFC0. Is there something hidden ?

Presumably, but not code per se, what you see is what you get. I haven't figured it out yet either

It's a piano on the stack, I guess.
Unfortunately I know nothing about these do, mi, sol, etc
and can't to name the melody

neviens.. they all are so far from F+...
show to someone how knows "disasm"

OK, can anybody "disasm" this one (attached)?

Well, that is either Gounod's Ave Maria or the C Major Prelude from Bach's Well Tempered Clavier, Book 1. They both have the same arpeggiated figure, the Gounod version just adds a melody on top of it. My guess is that the Gounod version is the intended "target" though the Bach is just as appropriate. Now my curiosity is stirred so I will have to look at the original guessme and check it out for myself

EDIT: By the way, there are a two wrong notes in the tune, will try to look at the crackme in the near future to figure out if the "errors" are in the guessme or in the interpretation. But still, pretty cool!

wrong 2 notes > disasm-failure

yo, neviens, you wrote:
Unfortunately I know nothing about these do, mi, sol, etc

and now than give us assembled midi-file?!

As someone said " only are blind who does not want to see " I icluded. So many F's and B's and D's the hint of the swansong, Mute Swan...

it's the madness of the reversecode always bytes

there is a possibility for know who song is? I think only a musician can do this.

ricnar

After disasm the "piano" concept, and build little .midi. I think the music is Mahler "Adagietto".

Reggards,

Shaddy.

Here is that I mean...

Adagietto - Mahler (.mid)

http://www.8notes.com/school/midi/french_horn/mahler_adagietto.mid

Reggards,

Shaddy.

So now we have two completely different midi files? Both can't be right (or perhaps they can). I guess I will indeed have to look into this myself, just have to find time!!
And yes, that is the Adagietto from Mahler's 5th Symphony, but please don't listen to a midi version of it!! Yuck! Here's a link to a "real" version: http://www.youtube.com/watch?v=duSL3y2LASI
I performed the work with colleagues for a dear friend's memorial service and can attest to the music's power, which words are incapable of conveying or capturing. So enjoy...
Now to find time to see what really is in there

xenakis:

Thanks for the clip. The music is, indeed, both quite beautiful and powerful.

If you care to "share," what instrument did you play?

Regards,

Glad you enjoyed the clip, it's truly incredible music. To answer your question, I am a violist by trade. It's a wonderful job: I play music and at the end of my work day my "clients" stand up and applaud!!

not understood you guys: where you see mahler's music??

Then isnt mahler music?

Only hearing, and having not pauses and times of each note is very difficult say if a song is right or not.

Shaddy,
i not put mahler in my puzzle.
neviens solved puzzle on main first step; xenakis discovered name exactly.

now you show me your 'disasm', how you discovered mahler's music.

(Excuse my english..) Well, i was disassembling your code and transforming it to listening notes with "RETN" & "RETF" jumps... after that i was building a .midi file where the result was like "neviens" .midi file but with some different notes.. however in esence the result is same.

After that and hearing it often and reading some songs from Fravia+, i tought about Mehler and his 5ª symphony... but before that i didnt read this forum.. and its just a mistake. I Guess Adagietto from Mahler can be a memorandum of Fravia+ too . Listen Harp "arpeggio" on this and test it .

Shaddy.

I put the guess-me in the monthly contest of crackslatinos, and Shaddy try to resolve, when he ask me if mahler was a good solution, i send to this link for ask to the author. My english is bad and was not clear for me if the solutions presented till the moment are right or not.

ricnar