Wednesday, April 23, 2014 Login · Register
    Login
Username

Password


Remember Me

Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.

 

    Users Online
  • · Members on IRC: 53   
  • · Total Members: 14,551
  • · Newest Member: bhughes
  •  

     

        Related Ads
     

     

     

        Top 10 Forum Posters
    UserPosts
    bluechill1411   
    madf0x1277   
    cruizrisner1057   
    Qwexotic1034   
    Null Set869   
    auditorsec603   
    Override602   
    godofcereal599   
    TurboBorland585   
    Teddy469   
     

        Affiliates




  • iExploit


  • iExploit


  • WeChall





  • Thisislegal.com

  •  

        Related Ads
     

    View Thread
         
    Security Override » Hacking Challenges » Software Cracking Hacking Challenges
    software cracking 2
    Register FAQ Members List Today's Posts Search

    Print Thread
    01-22-2010 11:47 AM software cracking 2
    well eventually someone had to ask on this one so... I need help
     
    Offline
    01-22-2010 12:16 PM RE: software cracking 2
    You have to use ollydbg or another decompiler to decompile the code into Assembler and then set a Breakpoint so that you can see the password in a Register......

    That great video by CrashOverron will help you to learn the Basics Wink.
    http://infinityexists.com/videos/underground3/
    Join our IRC channal! irc.evilzone.org #Evilzone #SecurityOverride

    "The quieter you become the more you are able to hear."

    "With great power comes great responsibility"
     
    Offline
    03-09-2010 03:20 PM RE: software cracking 2
    I have looked at the video and I think I have a general understanding I have found the congratulations but cannot identify the "wrong serial" part as the program does not give this kind of message so I am not sure what I am jumping to where if you see what I mean!
    "The higher you climb the more you can see"
     
    Offline
    03-10-2010 09:40 AM RE: software cracking 2
    Any views on this?
    "The higher you climb the more you can see"
     
    Offline
    03-10-2010 09:43 AM RE: software cracking 2
    You have to set a breakpoint somewhere and then when the program arrives at the breakpoint the pwd is stored in a register.
    Join our IRC channal! irc.evilzone.org #Evilzone #SecurityOverride

    "The quieter you become the more you are able to hear."

    "With great power comes great responsibility"
     
    Offline
    03-10-2010 11:12 AM RE: software cracking 2
    I think I need to go back and watch the video again
    "The higher you climb the more you can see"
     
    Offline
    03-10-2010 11:17 AM RE: software cracking 2 | Edited by Teddy 03-10-2010 11:17 AM
    Maybe that video help to learn the basic of using olly:
    http://www.youtube.com/watch?v=Ve6aSCeKRNQ
    Also it would be a good idear to learn the basic of assembler (if u do not know allready)?? Like what a register is, what they store ...................
    Join our IRC channal! irc.evilzone.org #Evilzone #SecurityOverride

    "The quieter you become the more you are able to hear."

    "With great power comes great responsibility"
     
    Offline
    03-10-2010 05:30 PM RE: software cracking 2
    thanks for the help I have completed
    "The higher you climb the more you can see"
     
    Offline
    08-19-2010 03:02 PM RE: software cracking 2
    I have watched both videos numerous times, ran the program with tracer in Ollydbg...attempted to put breakpoints in at what I assumed were the correct locations, ...I know it is right in front of my face...but for the life of me I just can't seem to get it!
    I know I need to put a breakpoint somewhere, but I don not think it is above the 'serial' string with the cmp above...that is not working for me...any guidance is appreciated.
    BTW...this is an awesome site!
     
    Offline
    08-20-2010 01:12 AM RE: software cracking 2
    hancoma wrote:
    I have watched both videos numerous times, ran the program with tracer in Ollydbg...attempted to put breakpoints in at what I assumed were the correct locations, ...I know it is right in front of my face...but for the life of me I just can't seem to get it!
    I know I need to put a breakpoint somewhere, but I don not think it is above the 'serial' string with the cmp above...that is not working for me...any guidance is appreciated.
    BTW...this is an awesome site!


    multiple breakpoints are aloud, if you are unsure of which spot it is then set multiple breakpoints. then hit run and when it reaches the first breakpoint check the registers for the password, if its not there, hit run again and it will stop at the next breakpoint, again check registers. etc etc
     
    Offline
    08-20-2010 04:38 AM RE: software cracking 2 | Edited by auditorsec 08-20-2010 04:41 AM
    hancoma wrote:
    I have watched both videos numerous times, ran the program with tracer in Ollydbg...attempted to put breakpoints in at what I assumed were the correct locations, ...I know it is right in front of my face...but for the life of me I just can't seem to get it!
    I know I need to put a breakpoint somewhere, but I don not think it is above the 'serial' string with the cmp above...that is not working for me...any guidance is appreciated.
    BTW...this is an awesome site!


    As Cruiz mentioned you can put multiple breakpoints so no harm in doing it. I would say important thing is to learn rather than just completing the challenge by hit and try... (my personal opinion)

    I think you know how it works but am writing this for others.....

    How does a serial entry work
    You put up a serial in the dialog box, then program instructions are executed and the serial you entered is compared to an already stored serial (good serial). there is a conditional statement that if boolean returned is true do this and say something like correct, else say something like try again.
    Normally either good serial is hard coded in program, or it is generated at run time using a user input like username or there is a reference to a third file somewhere.

    Now key point is to find the location in the program where this conditional statement is
    the best options is the ascii text which comes in the program like try again, wrong password ..... etc
    and then try to go up in the program flow to see where the condition is happening...... learning assembly would be helpful because then you can understand what conditional jumps do and how they behave....
    like je, jz, jne, jnz, jl, etc etc

    je /jz– jump if equal,
    jne /jnz– jump if not equal,
    jl – jump if less than, if second parameter is less than the first
    jg – jump if greater than, if second parameter is larger than the first


    so somewhere above this, in program your strings are compared or tested. If you can put a breakpoint just above this compare or test, you can see the real password crystal clear in memory locations.........

    another approach which helps is modifying the jump condition.... when it says jump if equal, change it with jump if not equal.. this validates your wrong entry to to correct...........

    hope this helps...... Smile



    NOTE For Admins: If you find this post as inappropriate or giving out much please remove this....
    Smile....Even IMPOSSIBLE says I m possible.... Smile

    And with knowledge comes responsibility.
     
    Offline
    08-25-2010 07:44 AM RE: software cracking 2
    cruizrisner, auditorsec,
    Many thanks to each of you gentlemen for the valuable insight and information. I realized 2 things...
    1. I can muddle through these and 'figure' them out, but without a clear understanding, or expertise.
    2. In order to progress and achieve true expertise and knowledge, I now need to understand what it is I am muddling through! Like learning to hit a golf ball, I can hit it, but need the skills to achieve control.

    Anyway, somebody referenced in another thread a sight that provides exactly what I am looking for Olly...details, instructions, why's, and hows...

    Thanks!
     
    Offline
    04-02-2013 09:38 AM RE: software cracking 2
    i really can make the congratulations alert appear, but what Securityoverride is asking for?
    cause there is no password on the alert box. Just "Congratulation you passed Crack 2" what to submit??
    hints, tips, explanations will be appreciated. Wink
    Fools ignore complexity. Pragmatists suffer it. Some can avoid it. Geniuses remove it.
     
    Offline
    04-02-2013 04:09 PM RE: software cracking 2
    My guess is you did a jump to get the msg box?
     
    Offline
    04-02-2013 05:46 PM RE: software cracking 2
    you guessed correct zip, any ideas? i think i need to do something more specific more than jumping, whats that? Wink
    Fools ignore complexity. Pragmatists suffer it. Some can avoid it. Geniuses remove it.
     
    Offline
    04-03-2013 04:52 PM RE: software cracking 2
    I jump the msgbox and just recive conlugratulation. Sad
     
    Offline
    12-01-2013 08:57 PM RE: software cracking 2
    132 wrote:
    I jump the msgbox and just recive conlugratulation. :(


    You have to breakpoint before that, at the strcmp() instruction. I found the value quite easily. Solved all 3 in less than an hour lol... I think we need more Reversing, look at the size of all the other categories.

    Download source  Code
    Stack SS:[0028FE8C]=00590FFC, (ASCII "{removed-to-prevent-cheating}")
    EDX=00000000


     
    Offline
    Jump to Forum:
    Forum powered by fusionBoard