anyone interested in cracking crackme's?
Goto page 1, 2  Next  :||:
Networking/Security Forums -> Programming and More

Author: White ScorpionLocation: The Netherlands PostPosted: Mon Oct 04, 2004 11:26 pm    Post subject: anyone interested in cracking crackme's?
    ----
hi all,

at the moment i'm learning secure coding, meaning create a secure (hard to crack) serial routine to use in programs. at the same time i'm learning ASM.
and during this study, i thought it might be nice to create some crackme's and let other people (try to) crack them, and ask them to let me know how they did this.

this way the "cracker" learns something from it, and me too Wink

if anyone has gotten interested, the crackme's can be found on my site.

if anyone has some nice tut's about this subject, please post the links here so i can learn even more Wink

Author: 0megaLocation: In Front of My Computer PostPosted: Mon Oct 04, 2004 11:43 pm    Post subject:
    ----
OK, cracked the first two... (I emailed you accordingly...) still working on the next ones... nice idea.

Cheers,
0mega

Author: ryansuttonLocation: San Francisco, California PostPosted: Tue Oct 05, 2004 2:52 am    Post subject:
    ----
rather Simple, you could say it's EaSyCrAcKiNg, did the first 3 in 3 mins but nice job anyways Wink

Author: White ScorpionLocation: The Netherlands PostPosted: Tue Oct 05, 2004 7:46 am    Post subject:
    ----
Quote:
rather Simple, you could say it's EaSyCrAcKiNg, did the first 3 in 3 mins but nice job anyways Wink
i know, anyone can do the first 3 with strings.exe or with a hexeditor. but after that it gets a little harder, since the password isn't a complete string anymore...

but i wanted it to be useful for complete newbies too. so they also would be able to solve a couple.

there will be more, and they of course will be harder then this ones.

look at it this way: the higher the number of the crackit, the more difficult it gets...

Author: 0megaLocation: In Front of My Computer PostPosted: Tue Oct 05, 2004 2:02 pm    Post subject:
    ----
ryansutton wrote:
rather Simple, you could say it's EaSyCrAcKiNg

lol Wink I too got the first three in just a couple of minutes...

Cheers,
0mega

Author: Security Hobbit PostPosted: Tue Oct 05, 2004 2:28 pm    Post subject:
    ----
Well, I'm no good at windows app, but from my experience on 68K, with a good debugger and a bit of time to spare then it shouldn't be much of a problem. Again, the whole point is to beat the equation:

time to crack > time cracker is willing to spend on it

The second part of the equation is mostly dependant on how popular/famous the app is.

You don't need all sorts of encryption and things like that, just do the registration check in a completly different part of the application than the registration input routine (in the middle of the game for example), save the results in convoluted ways in 25 different places checked at different times in the application and that should do it in my book. You can also do checks on parts of the resitration at different places and in different ways so that the cracker doesn't know whether the rest of the registration is really checked or not.

Btw, can you explain to me how the DIV works? What is the ASM saving in what part of the Long word?

SH.
PS: don't forget convoluted code checksums on small key parts of the code that do not crash the app but simply do something wicked. Make also sure that the results of the code checksums (equal or not) are not necessarily correct all the time either just to fool people.

Author: White ScorpionLocation: The Netherlands PostPosted: Tue Oct 05, 2004 7:11 pm    Post subject:
    ----
Quote:
Btw, can you explain to me how the DIV works? What is the ASM saving in what part of the Long word?
huh? i don't understand what you mean by this question (sorry, not a native english speaker).

as for the rest of your post. in time it will all come. atm i'm working on an alghorithm for the next crackit's, and i'm also planning to pack some with several different packers.

as for the checksum part, i do not know how to implement this yet, but like i said, in time i will learn.

It would be the ultimate solution to create an md5 checksum of the complete executable and let this be checked in the executable itself. meaning, as soon as something has been altered, the program won't work anymore. but it is impossible to create an md5 checksum from your program and then implement the result in your code, cause this would alter the original checksum again....

Author: KaosuLocation: United States PostPosted: Wed Oct 06, 2004 9:01 am    Post subject:
    ----
Quote:
It would be the ultimate solution to create an md5 checksum of the complete executable and let this be checked in the executable itself. meaning, as soon as something has been altered, the program won't work anymore. but it is impossible to create an md5 checksum from your program and then implement the result in your code, cause this would alter the original checksum again....



False, that would not the the ultimate solution, because if you were to compare this hash in the executeable to prevent it from running when changes are made, you can simply trace the hash in the application, and alter it so it will run with the new modification in place.

If it hashes it inside of the program you can trace the algorithm, and have it generate a new (modified) hash for you. Then you simply change it at the check, or possibly even patch the check itself.

So as you can see checksums do make it a bit more difficult to crack, but it is no "ultimate solution".

Author: White ScorpionLocation: The Netherlands PostPosted: Wed Oct 06, 2004 8:00 pm    Post subject:
    ----
yes you're right, haven't thought about it like that Sad

well, then just forget i've said that Laughing

Author: Security Hobbit PostPosted: Thu Oct 07, 2004 1:01 pm    Post subject:
    ----
lepricaun: the md5 hash idea you had is a code checksum. There's several ways of doing them.

One way I know of which is a bit more evolved is by creating a separate file or code resource or whatever with length, positions in code and checksum (whichever you want: md5 hash, CRC16, ...).
You then have a code checksum routine in your main program which loads positions in codes, length, and correct code checksum (or incorrect code checksum if you like and want to play with the cracker a bit) and reacts accordingly. This of course is still crackable, but a lot more of a pain in the @ss to crack. Using false code checksums to thwart off the cracker is a very good way to do it.

The ultimate protection: create the code checksum or reg check routine in a programming language that disassembles into a mess of rubbish which is extremely hard to follow and incomprehensible to the cracker. This of course would make him/her spend way more time tracing routines than he/she is willing to spend. That coupled with the stuff I told you above should do it.

Author: tsh33p PostPosted: Thu Oct 07, 2004 8:56 pm    Post subject: :d
    ----
Dedicated crackers will surely crack that... lol.. although it would piss them off heaps Shocked.

Author: White ScorpionLocation: The Netherlands PostPosted: Thu Oct 07, 2004 11:37 pm    Post subject:
    ----
Security Hobbit wrote:
lepricaun: the md5 hash idea you had is a code checksum. There's several ways of doing them.

One way I know of which is a bit more evolved is by creating a separate file or code resource or whatever with length, positions in code and checksum (whichever you want: md5 hash, CRC16, ...).
You then have a code checksum routine in your main program which loads positions in codes, length, and correct code checksum (or incorrect code checksum if you like and want to play with the cracker a bit) and reacts accordingly. This of course is still crackable, but a lot more of a pain in the @ss to crack. Using false code checksums to thwart off the cracker is a very good way to do it.

The ultimate protection: create the code checksum or reg check routine in a programming language that disassembles into a mess of rubbish which is extremely hard to follow and incomprehensible to the cracker. This of course would make him/her spend way more time tracing routines than he/she is willing to spend. That coupled with the stuff I told you above should do it.


that would indeed be a nice solution, but the biggest problem against it, is that most crackers don't crack for the program but for the challenge to beat it. so in that case it would be best/easiest not to use any protection at all....

but ok, it would still be useful against most people.

i for one have downloaded a trial version of PE explorer 1.95 (since i wanted to test to see if it is worth buying). but while using it i thought: "Wouldn't it be nice to use this program to crack itself?" so i started to do some research and within a couple of minutes i came to the conclusion that they use the same protection scheme as in their earlier versions 1.30 and 1.40. so that is a poor security!
it took my about five minutes to get rid of the neg screens of the trial version and i'm not a good cracker yet!.

so keep this in mind when writing multiple versions of a program, DON"T use the same protection scheme cause when it is cracked once, it can be cracked even more easier the next time...

ps. don't ask me, cause i will NOT tell anyone how i "cracked" this program, i will probabely not buy it cause i do not like it, but i absolutely don't like stealing someone's effort they took in programming this tool so i will NOT give you this info. if you like the program then BUY it, like it should. this also encourages the developers of creating a new version!


PPS, mods, if you think i should remove this piece of text from my post, then say so and i will remove it, but i think just talking about it will not encourage anyone using this application without buying it.

(and i checked right before posting, and i haven't found any cracks for this program, so don't bother looking for it, BUY the program if you like it!)

Author: tsh33p PostPosted: Fri Oct 08, 2004 4:56 pm    Post subject:
    ----
Yeah, this is just basic stuff. Software developers seem to be complete gimps, half of them don't even change the protection. It's been like that since cracking started... And I think it will always be like that. Cracking is not hard, it's just like a high tech crossword puzzle and you are right, most reversers reverse because of the challenge, there are only a few who do it for the software... If your interested in cracking, reverse engineering, etc. be sure to search google for those keywords. Any way, again.. this is just *basic* stuff.

Author: White ScorpionLocation: The Netherlands PostPosted: Fri Oct 08, 2004 7:37 pm    Post subject:
    ----
well, i'm surely interested! i've started RE long before i started programming (strange isn't it?) this because i came across a "hackme" site which has some RE challenges, so after reading a couple of tuts i started to understand how it works (the basic stuff), so now i can crack the most challenges which are just basic, but i want to learn more! i want to be able to completely rewrite the program if necessary, and this will take a big amount of knowledge of ASM, so i'm learning it atm.

and indeed, if software developers would think about it, they would create a lot harder to crack application, but on the other hand, it's the same as hacking a network, if a Network-administrator doesn't think about it (which happens very often) his network is very vulnerable.

so that's why they invented security-forums, for people who do care Wink



[EDIT]crackit_7.exe is now available! this took me all day to code, so i would like to see it get cracked Wink[/EDIT]

Author: Activ PostPosted: Fri Oct 15, 2004 2:40 am    Post subject: Questions
    ----
Hi Guys,

You guys want some real cracking, let me know if you can crack some games.

Author: White ScorpionLocation: The Netherlands PostPosted: Fri Oct 15, 2004 7:39 am    Post subject:
    ----
Quote:
Hi Guys,

You guys want some real cracking, let me know if you can crack some games.
sorry Mate, you're at the wrong forums for this (unless you have written the games yourself), but we do not encourage anything illegal here (like cracking games) and i doubt that anyone will help you!

Buy the game if you like it, don't use a crack!



Networking/Security Forums -> Programming and More


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Goto page 1, 2  Next  :||:
Page 1 of 2

Powered by phpBB 2.0.x © 2001 phpBB Group