
----(Author)----
FireWorx
FireWorx@as-if.com
www.fireworx.itgo.com

----(Target)----
Keygenme#1 by analyst

----(Tools)----
W32Dasm
Some asm knowledge (not needed, since i keygenned this fucker and i´m st00pid at asm =P )
A inline asm compatible compiler (vc++ in my case, can be delphi too =P hehe...)

----(Tutor)----
well well, hehe, i did this keygen with some help from the author
him self =P
Was on a lesson in school and had nothing to do, so i did this
with w32dasm and vc++...

Let´s start shall we?!
Start by checking the keygenme out... start it..
3 editboxes, 1 disabled, 1 button...
Guess you get the idea =) hehe...
Type in any dumb shite in the first two editboxes...
Bang  'Incorrect code...'

Hmmmz, fire up w32dasm with the keygenme...
When done, press the SDR (next to the printerbutton on the toolbar)
Rigth there you should see:
"Congratulations! IF this number "
Double-click it to get to that part of the code...
Well there you should see:
* Possible StringData Ref from Data Obj ->"Congratulations! IF this number "
                                        ->"comes *FROM YOUR* keygen, Write "
                                        ->"a tutorial dude ;)."
                                        
                                        
Heheh, nice and easy now =P
Check the above code:
// Snippet //
:0040110C 0FBE840D48FFFFFF        movsx eax, byte ptr [ebp+ecx-000000B8]  <- Move the ascii value + position to eax
:00401114 41                      inc ecx				  <- Increase to get next char next time	
:00401115 33C1                    xor eax, ecx				  <- Xor the ascii value+pos with the pos
:00401117 03D8                    add ebx, eax				  <- add the result with ebx
:00401119 3B4DD8                  cmp ecx, dword ptr [ebp-28]		  <- compare if all the chars in name has been "taken"
:0040111C 75EE                    jne 0040110C				  <- If not, then take next char
:0040111E 6BC006                  imul eax, 00000006			  <- Multiply eax with 6
:00401121 C1E307                  shl ebx, 07				  <- Shift Left ebx with 7
:00401124 03C3                    add eax, ebx				  <- Add value of eax with ebx and store in eax	
:00401126 8945C8                  mov dword ptr [ebp-38], eax		  <- Move the real serial to ebp-38
:00401129 FF75C8                  push [ebp-38]				  <- Save ebp-38 to stack

Hmmz, this shouldn´t be a problem to keygen rigth? =P
Heeell no, i hear all the way here... =)

Open up vc++ or whatever you uses and just "ripoff" the above code =P
heheh, lame, but it works, and that´s what it´s all about right?


well, i´mma give you my code to this keygenme#1

----(Sample Code)----
#include < string.h >
#include < stdio.h >
#include < iostream.h >

void main()
{
	unsigned long serial;
	int len;
	char name[50];

	printf("Enter a name : ");
	scanf("%s", name);

	len=strlen(name);

	__asm
	{

xor eax, eax;
xor ecx, ecx;
xor ebx, ebx;


mu:	movsx eax, byte ptr[name+ecx]
		inc ecx;
		xor eax, ecx;
		add ebx, eax;
		cmp ecx ,[len];
		je algo;
		jmp mu;


algo:	imul eax, 006;
		shl ebx, 7;
		add eax, ebx;
		mov [serial], eax;
		
		
	}

	printf("Your serial is : %lX", serial);

}

----(Greets)----
analyst, icecream, dnnuke, warezpup, seifer, RiZZa, koe, nchanta(tykne fan),phreakie, sinn0r, 
Noodlespa, hackwizzard +  all in pgc and c4n
damn, i hate writing greet lists, i always miss all the other kewl guys =)

----(End   )----
I hope you learnt atleast something, if not: mail me at FireWorx@as-if.com
and i´ll give ya a private lesson (only $59.95/h =P ) hehe... naah... well well..
i´m out, i think this target was easy to keygen, but also a good target to pratice on..

Fat Greets to analyst for this kewl keygenme!

----(Real end)----

This is our algo =))