----(Author)---- FireWorx FireWorx@as-if.com www.fireworx.itgo.com ----(Target)---- Keygenme#1 by analyst ----(Tools)---- W32Dasm Some asm knowledge (not needed, since i keygenned this fucker and iīm st00pid at asm =P ) A inline asm compatible compiler (vc++ in my case, can be delphi too =P hehe...) ----(Tutor)---- well well, hehe, i did this keygen with some help from the author him self =P Was on a lesson in school and had nothing to do, so i did this with w32dasm and vc++... Letīs start shall we?! Start by checking the keygenme out... start it.. 3 editboxes, 1 disabled, 1 button... Guess you get the idea =) hehe... Type in any dumb shite in the first two editboxes... Bang 'Incorrect code...' Hmmmz, fire up w32dasm with the keygenme... When done, press the SDR (next to the printerbutton on the toolbar) Rigth there you should see: "Congratulations! IF this number " Double-click it to get to that part of the code... Well there you should see: * Possible StringData Ref from Data Obj ->"Congratulations! IF this number " ->"comes *FROM YOUR* keygen, Write " ->"a tutorial dude ;)." Heheh, nice and easy now =P Check the above code: // Snippet // :0040110C 0FBE840D48FFFFFF movsx eax, byte ptr [ebp+ecx-000000B8] <- Move the ascii value + position to eax :00401114 41 inc ecx <- Increase to get next char next time :00401115 33C1 xor eax, ecx <- Xor the ascii value+pos with the pos :00401117 03D8 add ebx, eax <- add the result with ebx :00401119 3B4DD8 cmp ecx, dword ptr [ebp-28] <- compare if all the chars in name has been "taken" :0040111C 75EE jne 0040110C <- If not, then take next char :0040111E 6BC006 imul eax, 00000006 <- Multiply eax with 6 :00401121 C1E307 shl ebx, 07 <- Shift Left ebx with 7 :00401124 03C3 add eax, ebx <- Add value of eax with ebx and store in eax :00401126 8945C8 mov dword ptr [ebp-38], eax <- Move the real serial to ebp-38 :00401129 FF75C8 push [ebp-38] <- Save ebp-38 to stack Hmmz, this shouldnīt be a problem to keygen rigth? =P Heeell no, i hear all the way here... =) Open up vc++ or whatever you uses and just "ripoff" the above code =P heheh, lame, but it works, and thatīs what itīs all about right? well, iīmma give you my code to this keygenme#1 ----(Sample Code)---- #include < string.h > #include < stdio.h > #include < iostream.h > void main() { unsigned long serial; int len; char name[50]; printf("Enter a name : "); scanf("%s", name); len=strlen(name); __asm { xor eax, eax; xor ecx, ecx; xor ebx, ebx; mu: movsx eax, byte ptr[name+ecx] inc ecx; xor eax, ecx; add ebx, eax; cmp ecx ,[len]; je algo; jmp mu; algo: imul eax, 006; shl ebx, 7; add eax, ebx; mov [serial], eax; } printf("Your serial is : %lX", serial); } ----(Greets)---- analyst, icecream, dnnuke, warezpup, seifer, RiZZa, koe, nchanta(tykne fan),phreakie, sinn0r, Noodlespa, hackwizzard + all in pgc and c4n damn, i hate writing greet lists, i always miss all the other kewl guys =) ----(End )---- I hope you learnt atleast something, if not: mail me at FireWorx@as-if.com and iīll give ya a private lesson (only $59.95/h =P ) hehe... naah... well well.. iīm out, i think this target was easy to keygen, but also a good target to pratice on.. Fat Greets to analyst for this kewl keygenme! ----(Real end)---- This is our algo =))