SecureArtisan

My Road to Digital Forensics Excellence

Crackme Solution

Posted by Paul Bobby on July 5, 2009

While I enjoy downloading and understanding the various samples at crackmes.de, I’ll be publishing my code and analytical samples here.

Here’s one sample and the python source code for making the keygen.
Download crackme

#Length check
while (1):
    userID = raw_input("Please enter the user ID (at least 6 characters): ");   
    uLength = len(userID);
    if (uLength > 5):
        break;

#UserID passes test
counter = 1;
serial = "";
while (counter < uLength):
    a = ord(userID[counter-1]) * (counter + 1);
    a = abs(a – (ord(userID[counter])*counter));
    while (a < 100):
        a += 100;
    while (a >= 1000):
        a -= 100;
    serial += repr(a);
    counter += 1;

print "Serial: " + serial;

This crackme was developed using Delphi 7. Not sure if this is typical for Delphi programs, but it appears that all the windows calls were statically compiled in to the executable, and so as I was starting to reverse, I had to walk through all sorts of code.

Loading the crackme in to Ida Pro made things a little easier; the flirt capability of IDA Pro was able to identify a lot of the builtin functions.

I still have not identified the definitive approach to reversing simple GUI based crackmes. I don’t want to rely on searching for strings in the code and going backwards up the call tree, I’d prefer the executable to run, and understand where the message handler routine starts. I’ll get there one day.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: