solved new crackme

2024-09-27 16:14:38 +08:00 · 2024-09-27 16:14:38 +08:00 · 32ce48838b
commit 32ce48838b
parent 3173667ab8
4 changed files with 103 additions and 0 deletions
--- a/b_crk4/B-Crk475.exe
+++ b/b_crk4/B-Crk475.exe
--- a/b_crk4/B-Crk475_Mod.exe
+++ b/b_crk4/B-Crk475_Mod.exe
--- a/b_crk4/BuLLeT.nFO
+++ b/b_crk4/BuLLeT.nFO
@ -0,0 +1,38 @@
                                               _,-,_        ______
     ,--,      ____ _,-----,_      _,--,_    __\   /___,---,\    /_
    |    |   _|    |    _/   |    |    _/   |         |           |
  _/     |  (_     |    |    |_   |    |    |      ___|           |_
 (__     |____|    |    |    __)  |    |    |       |_|_____|      |_
    |         |    |    |    |____|    |____|      _//'     |      __)
    |    |    |_        |         |_        |         |    _|     |
    |__    ___//'_______|___    __//'_______|__     __|   `\\_____|
      /____\     ascii     /____\     by      /_____\   dyingsoul
                                                            October 26 - 1998
 Hey !
 Well here it is...CrackMe v4.75 by me ;)
 First i'd like to say that if you're an average cracker don't even unZIP this.
 This crackme is made for newbies (hardcoded serial), so if you have other
 things to do, do them first :P Anyway...to everyone who want's to give this
 a try: DON'T EDIT/HIEW/READ the B-CRK475.EXE, this will be considered as
 CHEATING since the serial is hardcoded in the file. If you can't resists and
 do it anyway always keep in mind: "I'M A CHEATER - I'M A CHEATER....and so on"
 I want you to think that every time you even just SEE the file. OK ??
 Hehehe...just kidding...but plz try to do it without EDIT or similar appz.
 NOTE: This does only count for the serial-part. I can't forbid you to use
      HIEW when patching.
 All for now...(Y@
 Signed
 BuLLeT
 ------------------- i MaY Be SLoW - BuT i'M DeaDLy aS HeLL -------------------
 Written by -=[BuLLeT]=-
 E-Mail: BuL_LeT@hotmail.com
 ------------------- i MaY Be SLoW - BuT i'M DeaDLy aS HeLL -------------------
--- a/b_crk4/solve.md
+++ b/b_crk4/solve.md
@ -0,0 +1,65 @@
 ```
 INFO: This crackme is actually split on two. First you need to find the serial,
           then you have to change the ERROR message. This can be done both
           in W32Dasm and SoftIce. If you're a newbie *cough cough* I would
           advice you to try both in order to get the best out of this crackme.
 RULEZ: You have to patch in such a way that if you enter a WRONG serial, 
              the CORRECT one will be shown on the screen. 
              (Instead of the: "Wrong serial....."   you must see the REAL serial)
 ```
 1. 寻找Serial
   可以看出，Serial是 `This program must be run under Win32`
   ```
   004408C4 | 55               | push ebp                       |
   004408C5 | 8BEC             | mov ebp,esp                    |
   004408C7 | 6A 00            | push 0                         |
   004408C9 | 53               | push ebx                       | ebx:&"绬B"
   004408CA | 8BD8             | mov ebx,eax                    | ebx:&"绬B", eax:&"绬B"
   004408CC | 33C0             | xor eax,eax                    | eax:&"绬B"
   004408CE | 55               | push ebp                       |
   004408CF | 68 29094400      | push b-crk475.440929           |
   004408D4 | 64:FF30          | push dword ptr fs:[eax]        |
   004408D7 | 64:8920          | mov dword ptr fs:[eax],esp     |
   004408DA | 8D55 FC          | lea edx,dword ptr ss:[ebp-4]   |
   004408DD | 8B83 D0020000    | mov eax,dword ptr ds:[ebx+2D0] | eax:&"绬B", [ebx+2D0]:"$褸"
   004408E3 | E8 BC14FEFF      | call <b-crk475.GetText>        |
   004408E8 | 8B45 FC          | mov eax,dword ptr ss:[ebp-4]   | [ebp-04]:User input
   004408EB | BA 3C094400      | mov edx,b-crk475.44093C        | 44093C:"This program must be run under Win32"
   004408F0 | E8 3732FCFF      | call <b-crk475._LStrCmp>       | Check
   004408F5 | 75 0F            | jne b-crk475.440906            |
   004408F7 | B2 01            | mov dl,1                       | Success
   004408F9 | 8B83 D8020000    | mov eax,dword ptr ds:[ebx+2D8] | eax:&"绬B", [ebx+2D8]:&"绬B"
   004408FF | E8 9013FEFF      | call b-crk475.421C94           |
   00440904 | EB 0D            | jmp b-crk475.440913            |
   00440906 | B2 01            | mov dl,1                       | Fail
   00440908 | 8B83 D4020000    | mov eax,dword ptr ds:[ebx+2D4] | eax:&"绬B", [ebx+2D4]:"S嬝艭I"
   0044090E | E8 8113FEFF      | call b-crk475.421C94           |
   00440913 | 33C0             | xor eax,eax                    | eax:&"绬B"
   00440915 | 5A               | pop edx                        | edx:&"绬B"
   00440916 | 59               | pop ecx                        |
   00440917 | 59               | pop ecx                        |
   00440918 | 64:8910          | mov dword ptr fs:[eax],edx     | edx:&"绬B"
   0044091B | 68 30094400      | push b-crk475.440930           |
   00440920 | 8D45 FC          | lea eax,dword ptr ss:[ebp-4]   |
   00440923 | E8 782EFCFF      | call <b-crk475._LStrClr>       |
   00440928 | C3               | ret                            |
   00440929 | E9 3229FCFF      | jmp b-crk475.403260            |
   0044092E | EB F0            | jmp b-crk475.440920            |
   00440930 | 5B               | pop ebx                        | ebx:&"绬B"
   00440931 | 59               | pop ecx                        |
   00440932 | 5D               | pop ebp                        |
   00440933 | C3               | ret                            |
   ```
 2. 修改错误提示
   原先的错误提示: `Wrong serial.....try again ;)`
   使用Resource Hacker修改RCData TForm1中Panel2的Caption
   如果修改后的程序在Memo1.Lines.Strings提示无效属性值，请手动处理一下Lines.Strings值