Log in

View Full Version : VxD Keygen Rip

Kayaker
October 11th, 2001, 13:31
Hiyas,

OK, Less talk, more action. There's always something new to learn, so here's a nice crackme by the_dux that deals with tracing in vxd code.

There's a basic serial routine within the vxd that you need to extract and build a keygen for. This part is fairly straightforward. The interesting part is in understanding how a vxd is accessed by a program, which Win32 and VMM API calls are used to call and load the vxd, and how the basic messaging system within a vxd is constructed.

You don't need to know how to program a vxd (though it would help immensely , but a basic knowledge is helpful. I'd recommend at least 2 items to help:

Iczelion's VxD Tutorials:

http://win32asm.rxsp.com/tutorials.html

The Virtual Machine Manager Services (VMM) Help file. You may be able to find vmm.hlp elsewhere, but I had finally dug it up at a page that no longer works, so I'll upload it here (400k) as well for reference.

A reliable way to break into a dynamically loaded vxd I use is with
BPX VXDLDR_LoadDevice
and trace from there. Or you can find a Win32 API to break on as it's called.


Have fun,

Kayaker
Kayaker
October 11th, 2001, 13:36
And here's the elusive VMM help file...
Clandestiny
October 11th, 2001, 15:26
Hiya,

Hehe. If I didn't know better, I'd say you read my mind Kayaker. Actually, I'd given your query for project ideas some thought in the last couple of days and was going to suggest a .vxd related project myself... was even kicking around the possiblity of coding a small crackme with all of my newfound vxd programming skills. Looks like you beat me to it. LOL, great minds think alike, eh

Cheers,
Clandestiny
Kayaker
October 11th, 2001, 17:25
Quote:
Originally posted by Clandestiny
Hiya,

.. was even kicking around the possiblity of coding a small crackme with all of my newfound vxd programming skills. Looks like you beat me to it. LOL, great minds think alike, eh

Cheers,
Clandestiny


Hi yourself,

Well don't let that stop you, I'd like to see your vxd crackme as well. Make it a mean and nasty one too

K.
Fake51
October 11th, 2001, 19:41
Like the idea of a vxd project, but find it a bit sad that you chose a serial based crackme as target. One can actually crack this target without understanding how a vxd works at all. Took me five minutes to go thru it.
It ofcourse makes it easier, if one can use the live approach, see the key routine in action, but it is still so simple that it is not much of a problem to rip it. Besides, seems that the interesting thing about vxd's is not that it is possible to have the serial scheme inside them, but what it is possible to do with a vxd.
Anyhay, just thought I'd chip in.

Fake