CrackMe #1. Can you defeat it?

#1 10-15-2005, 21:49

Hi guys!
I'm not sure where to post this, but here it goes. I hope that it's not too lame for you...

Grab it from:
http://rapidshare.de/files/6307482/anx_CrackMe.zip.html

Enjoy!

hosiminh · #2 10-16-2005, 00:20

crackmes.de ?!

Quote:

00454983 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C]

Stack SS:[0012FDE8]=00962440, (ASCII "45223981423944832649321")
EAX=00000000

MaRKuS-DJM · #3 10-16-2005, 01:13

this is a very easy one. you can sniff serials from the address hosiminh posted. dunno how this improves knowledge...

#4 10-16-2005, 02:31

He, he, that was a fast one!

Good job...

I got my attention on defeating (or at least try to) programs like LordPE dump, DeDe, GUW32, ImpRec, Win32Intro, PEiD unpack.

Try dumping the CrackMe from memory with LordPE or try using it with ImpRec, and you will understand my point.

#5 10-16-2005, 03:08

anorganix

0012FDE8 008D2440 ASCII "4239498145623523235352"
0012FDEC 008D3B9C ASCII "2535323253265418949324"
0012FDF0 008D4AE8 ASCII "4239498145623523235352"

=)

#6 10-16-2005, 15:50

i use imprec for dump and import rebuilding and have no problems ???
edit :
oh ok i dump and rebuild at oep so your anti imprec doesn't work
anti-xxx by FindWindow

Code:

008D2450                          47 55 57 33 32 20 76 31          GUW32 v1
008D2460  18 00 00 00 2B 00 00 00 00 00 00 00 19 00 00 00  ...+..........
008D2470  5B 20 4C 6F 72 64 50 45 20 44 65 6C 75 78 65 20  [ LordPE Deluxe
008D2480  5D 20 62 79 20 79 6F 64 40 00 00 00 37 00 00 00  ] by yod@...7...
008D2490  00 00 00 00 25 00 00 00 44 65 44 65 20 33 2E 35  ....%...DeDe 3.5
008D24A0  30 2E 30 32 20 28 63 29 20 31 39 39 39 2D 32 30  0.02 (c) 1999-20
008D24B0  30 32 20 62 79 20 44 61 46 69 78 65 74 00 00 00  02 by DaFixet...
008D24C0  1B 00 00 00 00 00 00 00 0A 00 00 00 50 45 69 44  ...........PEiD
008D24D0  20 76 30 2E 8C 00 00 00 47 00 00 00 00 00 00 00   v0.Œ...G.......
008D24E0  37 00 00 00 49 6D 70 6F 72 74 20 52 45 43 6F 6E  7...Import RECon
008D24F0  73 74 72 75 63 74 6F 72 20 76 31 2E 36 20 46 49  structor v1.6 FI
008D2500  4E 41 4C 20 28 43 29 20 32 30 30 31 2D 32 30 30  NAL (C) 2001-200
008D2510  33 20 4D 61 63 6B 54 2F 75 43 46                 3 MackT/uCF

#7 10-17-2005, 04:36

Looks like my "DetectDumper" does not work at all...

Stay alert, I'm gonna release CrackMe #2 soon

Best Regards.

#8 10-17-2005, 17:10

take time

your anti dumper must be in the loader of the packer to be effective (a little bit

)
and before the decompression to prevent dumping.
You can modify pe header too.
Read tuts about antiXXX

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
How to defeat the CRC's in Obsidium	New Tiger	General Discussion	0	10-20-2020 23:51
How to defeat Enigma protector External Files Checkup?	benney	General Discussion	1	08-20-2016 02:13
How to defeat Password Reminder 1.6 ? (An unknown protector)	Newbie_Cracker	General Discussion	17	02-17-2005 04:49