File: Crackme v3.0 by By KiNgGaTsO [LC98]

1.  The purpose of this tutorial is to show that there is ALWAYS more than one way to crack
a program's protection.  In this case, the answer to all of questions are in the file itself.
As a habit, the first thing that I do when I start cracking is to check the program out with PEEK.
PEEK allows the cracker to view information without the MultiBytetoWide format.  Thus you can search for
certain keywords such as 'Registered', 'Sorry, wrong code', etc..

2.  In this case, we check crackme3, and notice the following code:

00008FFC: YOUGOTIT. <----the name of the key (yougotit.key)
00009010:  CRACK ME v3.
00009025: °BY KiNgGaTsO [LC98]
00009048:  Press
00009056:  to EXIT.
0000906B: CRACKED 1/
0000909C: Yoy have created the right key <----message after you create the key but not the right size.
000090BE: filename BUT with the WRONG8
000090DE: filesize!
000090EC: CONGRATULATIONS
00009100: (SO FAR)
0000912F: PixyLkilyo <----hmmmm
0000913F: CRACKED-
00009152: You have created the right key
00009174: file, with the right bytes
00009194: CONGRATULATIONS
000091AC: CRACKED 3/
000091C3: filename and filesize but the
000091E5: bytes in this file are wrong!
00009209: UNCRACKEDT
0000921E: Missing KEY file. Figure out
0000923E: the name of the key file and
0000925E: the bytes to be placed in it



3.  Some things that you will notice are:

	a.  'CRACKED 1/  CRACKED 3/  UNCRACKEDT  PixyLkilyo' all have 10 bytes.  Programmer hint maybe?
	b.  PixyLkilyo is the only set of characters that really don't belong there.

4.  To register, all you have to do is create a 10 byte file called yougotit.key, and enter the characters:
PixyLkilyo.

CONCLUSION

5.  I REALLY doubt that you will ever get the keyfile routine unencrypted, or with the clear algorithm, but
it never hurts to look for the obvious first.

Cheers

Sanhedrin

05 Apr 99