њ њ - -- A C i D B U R N - P R O D U C T i O N S -- - м њ њ
А м А м м м А мА А м м олм м А
мллВпплллнмВлппплллнолнолллппплВмоВллпплллмАмВлн пм олллпплллмАВллм олВм
лллн АВллнллл Апппп ппп ллл А лллнллл оллВАВлл А ллнолллн оллВ лллплмлллн
ВллппплллнлллнА АВлнлллнллл А лллнлллпппллмоллл А лллолллппВллм лллн плллн
АВллнА ллл ВллнА лллнлллАВлл Аолллнлллн млллолллнААВллАВллн олллнлллнА лллм
олллнА лллолллнА лллоллВоллл АолллАВллнАолллолллн олллнлллнА лллнлллнА ллВпм
олллнА лллолллнА лллоллВоллл Аолллоллл Аолллолллн олллнлллнААВлл ВллнА ллн
оллВ АоллВпБллмммлллБллВолллммллБпВлллммллллпллллмВлллпВлБм олп АВллл олп
п пА п п п п п п А п п п
њ њ - -- A C i D B U R N - P R O D U C T i O N S -- - њ њ
SRT - CRO
Phrozen Crew Trial Crackme 1: Calculation of a valid Serial!!
Tutorial by ACiD BuRN [Immortal Descendants]
(October 19th, 1999)
Introduction:
Since , this crackme is expired (PC trial crackme 2 is out) , i can writte a tut on
the registration part!
I will only show how to crack the serial / name part , because i didn't look the rest of
the crackme yet and i don't like keyfile though :p
Tools needed:
- Soft ice 3.2x
- Brain (some maths knowledge)
- an hexeditor (serial is not typable)
- calculator (windows one in scientific mode will do ;)
ok , Run the pC crackme , enter name : ACiD BuRN , and serial : 1234
Ctrl+D and u are in soft ice , bpx hmemcpy and then F5...
Press the check button , and you are back in soft ice, trace until you are here:
//Operations on serial:
025F:004020F9 8A18 MOV BL,[EAX]
025F:004020FB C1C308 ROL EBX,08
025F:004020FE 03D3 ADD EDX,EBX
025F:00402100 40 INC EAX
025F:00402101 803800 CMP BYTE PTR [EAX],00
025F:00402104 75F3 JNZ 004020F9
025F:00402106 8BCA MOV ECX,EDX
025F:00402108 33DB XOR EBX,EBX
025F:0040210A 33D2 XOR EDX,EDX
025F:0040210C B83C2E4000 MOV EAX,00402E3C
//Operations on name:
025F:00402111 8A18 MOV BL,[EAX]
025F:00402113 C1CB08 ROR EBX,08
025F:00402116 03D3 ADD EDX,EBX
025F:00402118 40 INC EAX
025F:00402119 803800 CMP BYTE PTR [EAX],00
025F:0040211C 75F3 JNZ 00402111
025F:0040211E C1CA08 ROR EDX,08
025F:00402121 663BD1 CMP DX,CX
025F:00402124 7520 JNZ 00402146
well , i think this asm code it easy enough to understand what 's going on , so
when u are tracing , at 402113 you see: AA5C0993 in EDX.
Trace a bit until u pass the second ROR EDX,8 (40211E) , and you will see : 93AA5C09 in EDX
025F:00402121 663BD1 CMP DX,CX
this compare the value calcultated from your name and the one from your fake serial!
Now , the question is how to get a valid serial ?!!
Easy , hehe..
Lemme explain what's going on!
i entered: 1234 as serial so during the loop on my serial (same loop than for the serial) it is
doing something like this.
1st: loop on serial:
00 00 31 00
+ 00 31 32 00
+ 31 32 33 00
+ 32 33 34 31
-----------
63 96 CA 31 <> AA5C093 so it is not good
Lets call X3, X2, X1, X0, the 4th ascii values of our entered serial...
so it is like this :
00 00 X3 00
+ 00 X3 X2 00
+ X3 X2 X1 00
+ X2 X1 X0 X3
-----------
93 AA 5C 09 <---- The Good value we saw in memory
Here comes the maths!! :
Par identification, on obtient:
X3 = 09
X2 = 93 - X3 = 93 - 09 = 8A
X1 = AA - X3 - X2 = AA - 09 - 8A = 17
X0 = 5C - X3 - X2 - X1 = 5C - 09 - 8A - 17 = FFFFFFB2 (just take B2)
So, the serials is : 09 8A 17 B2
this are the ascii values of the good serial for: ACiD BuRN
but the serial si not typable with the keyboard!!
how to enter it so ??
well , make a new text file for exemple , enter 1234 and save it.
open this file with an hex editor , u will see: 31 32 33 34
this are the ascii of 1234 , we entered in the file.
replace them with our calculated serial :
31 becomes 09
32 becomes 8A
33 becomes 17
34 becomes B2
and save!
If you hexedit this file you must see : 09 8A 17 B2
ok it is good , now open the file selects all the text (crapy text though coz serial is not
typable) press ctrl+c to copy the text in Clipboard and then go in the serial field of the
Crackme!
Paste the serial from clipboard , for this press ctrl+d and the serial appears in the crackme!
it looks like this: " �В"
the good serial is between the "
Name: ACiD BuRN
serial: �В
Enter this information , and you get the message: "Well Done , you have passed The Name / Serial
Strainer! Well done! =)"
Another one cracked :p
Ending:
i hope you have understood all this essay , and if you got any comments , or
questions , just mail me to : ACiD_BuRN@nema.com or acid2600@hotmail.com
you can find all of my tuts at :
Web page URL: http://acidburn2000.cjb.net
Greetings:
group greetings : ID - ECLiPSE - CiA - ODT - EXEC - TiTaNe - PWA - PC - UCF- CORE
Also greetingz to: (no specific order)
R!SC, ^Inferno^, AB4DS, Cyber Blade, Klefz, , Volatility, TORN@DO, T4D
Jeff, [Virus], JaNe , Appbusta , Duelist , tKC , BuLLeT , Lucifer48 ,
MiZ , DnNuke , Bjanes , Skymarshall , afkayas , elmopio , SiFLyiNG ,
Fire Worx , CrackZ , neural_en , WarezPup , _y , SiONIDE , SKORPIEN
Lazarus , Eternal_Bliss , Magic Raphoun , DEZM , Bisoux , Carpathia ,
K17 , theMc , noos , Xmen , TeeJi , JB007 , Arobas , T0AD ,ytc , Kwai_lo ,
Killer_3K, TaMaMBoLo , gizmo , Gota , ExtaBrain , Alpine , WarezPup,
zoltan , [yAtes], TarGon , Icecream , Punkguy2 , Sortof, TRDdonjuan,
Lord Soth, Judged, G-Rom, Quantico...
eheh , i bet i forget some peoples :-/ , sorry !!!
Copyright (c) ACiD BuRN and the Immortal Descendants.
http://www.immortaldescendants.com/