Saturday, May 2, 2009

Indomit's solution to my KeyGenMe #5

CrackMe Location :: KeyGenMe #5 @ Crackmes.de.
Solution Location :: Solution by indomit.

So, the main goal of crackme is win the game. As we knew in the Tic-tac-toe game (3x3 grid) the best strategy of both parties leads to a draw. So, to beat the computer there must be a weakness in algorithm. And there it is! If we put "X" in center, the computer always bring to a draw; If we put "X" in any side but not corner, the computer always win; But if we put "X" in corner, there is one weakness that helps us win:

After we put "X" in corner, computer always put "O" in center:
X - -
- O -
- - -

Then, if we want win, the best way is put "X" in an opposite corner:
X - -
- O -
- - X

After this, the best computer move is put "O" at any side (not corner!), but in crackme it moves into corner:
X - O
- O -
- - X

At this point we have already won ;). Just put "X" in empty corner and there is fork :)
X - O
- O -
X - X

Now, computer can't do anything to win or draw :)
This was the main logic. Read the complete solution (in my box or from crackmes.de) for further details.

Friday, May 1, 2009

Solution to indomit's The Cattle Crackme

CrackMe Location :: indomit's The Cattle Crackme @ Crackmes.de.
Solution Location :: Solution @ Crackmes.de by me.

MY RATING :: Quite Nice !
PLATFORM :: WINDOWS
LANGUAGE :: .NET
DIFFICULTY :: 3 [ Getting harder ]
TOOL(S) USED :: Reflector

Overview:
=-=-=-=-=
(*) Lots of tedious equation solving and a bit of number theory make it a nice crackme to solve.

Read the solution to find more about it. :)

KeyGenMe #6 :: .NET :: Difficulty : 4 [HARD !]

KeyGenMe Location : KeyGenMe #6 @ Crackmes.de
Solution Location : Not Solved Yet.

One of my hardest KeyGenMes yet !! KeyGenMe #5. It's coded in VB.NET. Features :
(*) NOT Packed
(*) NOT Encrypted
(*) Kool GFX 'n' SFX

The Rules :
(*) NO Patching
(*) NO Brute-forcing

The Tasks :
1. Find the algorithm for the computations involved.
2. Try to get Status as ":-)".
3. Make keygen to VALID Key for ANY name. Please note that VALID KEYS EXIST FOR ALL NAMES.
Keygens able to generate multiple keys for each name will be preferred.
4. Write a descent tutorial. ;)

The Hint :
==========---
It's .NET, you've the source code ! So, no hints.. ;-)

Readers, if you solve this, please upload your solution to CrackMes.de.

Saturday, April 25, 2009

KeyGenMe #5 :: .NET :: Difficulty : 4 [HARD !]

KeyGenMe Location : KeyGenMe #5 @ Crackmes.de
Solution Location : Solution by indomit.

One of my hardest KeyGenMes yet !! KeyGenMe #5. It's coded in VB.NET. Features :
(*) NOT Packed
(*) NOT Encrypted
(*) Kool GFX

The Rules :
(*) NO Patching
(*) NO Brute-forcing

The Tasks :
1. Try to get Status as "VALID".
2. Find the algorithm for the computations involved.
3. Make keygen to VALID Key for ANY name. Please note that VALID KEYS EXIST FOR ALL NAMES.
4. Write a descent tutorial. ;)

The Hint :
==========---
Think about MID(KEY,2,3) where KEY is ANY VALID KEY. ;-)

Readers, if you solve this, please upload your solution to CrackMes.de.

Friday, April 24, 2009

Downloading Source Codes

I will upload the source codes of the CrackMes / KeyGenMes that are solved. But, the sources will be packed in password-protected zips. If anyone wants to download and use them, contact me :
t0rnad0.b0rn.2.c0de@gmail.com; crackme.de members can PM me a request for the password.

Hope the source codes will be helpful to some. :)

Happy cracking...

CrackMe #1 Ver.2.00 :: C++ :: Difficulty : 2

KeyGenMe Location : CrackMe #1 Ver.2.00 @ Crackmes.de
Solution Location : Not Solved Yet

So, here is my first CrackMe. It's coded in ANSI C++. Features :
(*) NOT Packed
(*) NOT Encrypted
(*) Nice Konsole look with Double Sided Arrow Animation.

The Rules :
(*) NO Patching
(*) NO Brute-forcing

The Tasks :
1. a) Find the secret code that would pass security phase 1.
b) Find the secret code that would pass security phase 2.
2. Reverse the complete algorithm for checking the code.
3. Write a descent tutorial.

Readers, if you solve this, please upload your solution to CrackMes.de.

Tuesday, April 21, 2009

KeyGenMe #4 :: C++ :: Difficulty : 4 [HARD !]

KeyGenMe Location : KeyGenMe #4 @ Crackmes.de
Solution Location : Not Solved Yet.

My hardest KeyGenMe yet !! KeyGenMe #4. It's coded in ANSI C++. Features :
(*) NOT Packed
(*) NOT Encrypted

The Rules :
(*) NO Patching
(*) NO Brute-forcing

The Tasks :
1. Try to get Status as "VALID :) !".
2. Find the algorithm for the computations involved.
3. Make keygen to VALID Key for ANY name. Please note that VALID KEYS EXIST FOR ALL NAMES.
4. Write a descent tutorial. ;)

The Hint :
==========---
Think about solving a 15-puzzle. ;)

Readers, if you solve this, please upload your solution to CrackMes.de.

My Account @ Box.net

Good news for those who are not registered to Crackmes.de ! :) Now you can download my stuffs from my box !

I have added an swf boxplorer ( box explorer ;) ) below my blog header. You can anonymously download my CrackMes, KeygenMes, their Source Codes and Solutions to other crackmes by me; and I'm not gonna charge you for that, LOL.

So, do check my box for new CrackMes, KeygenMes and Sols.

How To #1 :: Flushing input stream in C++

As I was telling in my last post (CrackMe #1), the solution by DoomsDay forced me to re-check my code for errors. I had not expected negative numbers to be valid secret codes. I had implemented the following method to reject the negative numbers from Test #1 itself. See the code below :
ReEnterCode:
XXXXInKey = getchar();
XXXXwhile( InKey != '\n' )
XXXX{
XXXXXXXXif( ( InKey >= '0' ) && ( InKey <= '9' ) )
XXXXXXXX{
XXXXXXXXXXXX// Key gets accepted and stored
XXXXXXXX}
XXXXXXXXelse
XXXXXXXXXXXXgoto ReEnterCode;

XXXXXXXInKey = getchar();XXXXXXXX// Get the next key from user
XXXX}
XXXXprintf("Test #1 : PASSED");


At first sight of the code, everything seems OK. Gets a char from user, checks if it's a digit. If it is, accepts it; else prompts user for Re-Input. But, this code fails.

Lets see why. Let's analyze for input -8.
Program receives '-'. Does not accept it. Goes to the label ReEnterCode.
There, it gets the next instruction : InKey = getchar();
And what's the next char ? '8'.
So, it continues execution with '8', which gets accepted later.

The problem occurs because the input stream is not flushed before jumping to ReEnterCode. It can be solved this way :
ReEnterCode:
XXXXInKey = getchar();
XXXXwhile( InKey != '\n' )
XXXX{
XXXXXXXXif( ( InKey >= '0' ) && ( InKey <= '9' ) )
XXXXXXXX{
XXXXXXXXXXXX// Key gets accepted and stored
XXXXXXXX}

XXXXXXXXelse
xxxxxxxx{
xxxxxxxxxxxxwhile( ( (InKey = getchar()) != '\n' ) || InKey != EOF );
XXXXXXXXXXXXgoto ReEnterCode;
xxxxxxxx}

XXXXXXXInKey = getchar();XXXXXXXX// Get the next key from user
XXXX}
XXXXprintf("Test #1 : PASSED");


I uploaded Ver.2.00 of CrackMe #1 with this problem corrected.

CrackMe #1 :: C++ :: Difficulty : 1

KeyGenMe Location : CrackMe #1 @ Crackmes.de
Solution Location : Solution by DoomsDay

So, here is my first CrackMe. It's coded in ANSI C++. Features :
(*) NOT Packed
(*) NOT Encrypted
(*) Nice Konsole look with Double Sided Arrow Animation.

The Rules :
(*) NO Patching
(*) NO Brute-forcing

The Tasks :
1. Simply find the "2" secret codes that would pass ALL the tests.
2. Reverse the complete algorithm for checking the code.
3. Write a descent tutorial.

IMPORTANT :: If you happen to find a numeric secret-code that passes Test#3 but is negative, e.g. -8, that won't be accepted. The solution by DoomsDay mentioned above considers -8 as a valid secret-code. But that's NOT acceptable. After receiving solution from DoomsDay, I checked my source code again and found that negative codes get accepted due to a problem with flushing the input.

IMPORTANT :: Explain in your solution, how you found "the" secret code that would pass Test #3. Tests #1, #2 are easy enough. NO BRUTE-FORCING.

Readers, if you solve this, please upload your solution to CrackMes.de.

Monday, April 20, 2009

Solution to haiklr's Saturday Night Crackme

CrackMe Location :: haiklr's Saturday Night Crackme @ Crackmes.de.
Solution Location :: Solution @ Crackmes.de by me.

MY RATING :: Awesome !
PLATFORM :: WINDOWS
LANGUAGE :: Assembler
DIFFICULTY :: 3 [ Getting harder ]
TOOL(S) USED :: OllyDbg 2.0b

Overview:
=-=-=-=-=
(*) Lots of elementary calculations and equation solving to find the Password.
(*) Finding hidden data inside mp3 file by MP3Stego.

Read the solution to find more about it. :)

KeyGenMe #2 Ver.2.00 :: C++ :: Difficulty : 3

KeyGenMe Location : KeyGenMe #2 Ver.2.00 @ Crackmes.de
Solution Location : Solution by obnoxious

My second version of KeyGenMe #2. It's coded in GNU C++. Features :
(*) NOT Packed
(*) NOT Encrypted
(*) C00L console look.

The Rules :
(*) NO Patching
(*) NO Brute-forcing

The Tasks :
1. Find a correct combination of RefID and License-Key.
2. Find the algorithm for Key and RefID calculations
3. Make a KEYGEN.
4. Write a descent tutorial. ;)

Readers, if you solve this [in a different method than obnoxious], please upload your solution to CrackMes.de.

Wednesday, April 1, 2009

KeyGenMe #3 :: VB :: Difficulty : 3

KeyGenMe Location : KeyGenMe #3 @ Crackmes.de
Solution Location : Not Solved Yet

My third KeyGenMe. It's coded in VB 6.0. Features :
(*) NOT Packed
(*) NOT Encrypted
(*) Anti-debug routine by me.

The Rules :
This KeyGenMe has 4 tasks for you.
Rules for Tasks #1, #2, #3 ::: (*) Patching Allowed.
Rules for Task #4 ::: (*) NO Brute-forcing
(*) NO Patching

The Tasks :
1. TASK #1 :: Defeat the Anti-Debugger.
2. TASK #2 :: Patch the app to run instead of closing.
3. TASK #3 :: Find your way to the Validation Section.
[[ HINT :: The form appears BLANK at this test. Make it look better ;) ]]
4. TASK #4 :: Enter correct validation details and pass the validation check.
5. Write a descent tutorial. ;)

Readers, if you solve this, please upload your solution to CrackMes.de.

KeyGenMe #2 :: C++ :: Difficulty : 3

KeyGenMe Location : KeyGenMe #2 @ Crackmes.de
Solution Location : Solution by obnoxious


My second version of KeyGenMe #2. It's coded in GNU C++. Features :
(*) NOT Packed
(*) NOT Encrypted
(*) C00L console look.

The Rules :
(*) NO Patching
(*) NO Brute-forcing

The Tasks :
1. Find a correct combination of RefID and License-Key.
2. Find the algorithm for Key and RefID calculations
3. Make a KEYGEN.
4. Write a descent tutorial. ;)

The Hints :
1. The serial can consists of the entire array of visible chracters, but
only 4 different characters would also be enough.
2. THE 4 different characters are ( 2 * Alphabets ) + ( 2 * Numbers )
3. ANY set of 4 different [ even though they too may be ( 2 * Alphabets )
+ ( 2 * Numbers ) ] characters won't work.
There exists ONLY 1 such set.
4. Most important HINT : Idea of this is inspired by bRaInF**k.

Readers, if you solve this [in a different method than obnoxious], please upload your solution to CrackMes.de.

Friday, March 27, 2009

KeyGenMe #1 :: VB :: Difficulty : 3

KeyGenMe Location : KeyGenMe #1 @ Crackmes.de
Solution Location : Not Solved Yet


So, here is my first KeyGenMe. It's coded in VB 6.0. Features :
(*) NOT Packed
(*) NOT Encrypted
(*) Nice GUI with Color Code + License Key protection

The Rules :
(*) NO Patching
(*) NO Brute-forcing

The Tasks :
(*) Find algorithm for key and color calculations.
(*) Make KeyGen to generate key and color code for a given user-name.
[ The program accepts a particular color out of 9 colors for each user. The 9 colors are : RED, GREEN, BLUE, YELLOW, CYAN, MAGENTA, BLACK, WHITE, GREY. So, either your KeyGen can show the color or it can just name it. Particularly for C/C++ programmers, you can just display the color name. ]
(*). Write a tutorial. ;)

Readers, if you solve this, please upload your solution to CrackMes.de.

My very first blog !!

This is my first ever experience in blogging. So, welcome to my first blog.

Why did I start this blog ?
Haha, nothing special. I got myself registered at www.crackmes.de on 5th March 2009, (yeah recently !). I saw some of the blogs by andrewl.us (RCE Junk blog), obnoxious (obnoxious coder blog) and I was inspired to start one of my own. That's it and here am I -- blogging.

What am I going to blog about ?
I will be mainly blogging about CRACKING (as the title says). I will be discussing about my CrackMes / KeyGenMes submitted to www.crackmes.de. I would discuss about the specialty of each of my work. I would discuss about the solutions to my works. [[ Suggestions by readers are most welcome ]]

I may not be able to maintain the blog regularly because of a wide-range of causes (workload, studies ...). So, just bear with it. ;)

So,.. I guess that was enough introduction. Next post, I will start with my KeyGenMes...