首页
社区
课程
招聘
问答 CTF 排行榜 知识库 工具下载 峰会 看雪商城 证书查询
  1. 社区
  2. CTF对抗
    3. 发新帖
[讨论]诚邀密界高手破解一个CrackMe
发表于: 2007-8-28 19:54 4682

[讨论]诚邀密界高手破解一个CrackMe

steelc 活跃值
2007-8-28 19:54
4682
诚邀密界高手破解一个CrackMe

小弟写了一个CrackMe,放在看雪论坛上已经三天了,仍无人能破!!!故特诚邀密界高手来试试小弟的这个CrackMe!

这个CrackMe没有高深莫测的算法,也没有什么强硬的Anti Debug,驱动和 虚拟机保护功能,只是一些简单的加减乘除和逻辑运算。

小弟自信:七天之内,这个CrackMe无人能破。90%以上的兄弟坚持不到一个小时就会败下阵来,主动放弃。

有兴趣者,请访问:http://bbs.pediy.com/showthread.php?t=50419  (主题:你能看见这个动画吗? - 我的一个CrackMe )

特别说明:

  小弟只在寻求一种新的软件保护方式,让Cracker望而却步!并没向各位前辈、大侠挑战的意思!!!

    有兴趣者不防试一试,并欢迎公开讨论如何破解这个CrackMe

如果两个星期之后,仍无人能破,小弟将公开这个CrackMe的注册机和注册算法,届时请兄弟们评价一下小弟的这种软件保护方式到底咋样!敬请关注

-------------------------------------------------------------------------------------------------------

如果所有软件作者都采用这种软件保护方式,可能看雪论坛就没有这么好玩了!!!

[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课

收藏
免费 0
支持
分享
最新回复 (5)
CrakeBoy
雪    币: 200
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
2
我估计是高手没有出手!
2007-8-28 20:10
0
Bughoho
雪    币: 1946
活跃值: (263)
能力值: (RANK:330 )
在线值:
发帖
回帖
粉丝
私信
3
这个cm已经强大到一定程度了,古有孔明八卦阵,今有LZ迷踪川妹脚。
2007-8-28 20:14
0
一个刀客
雪    币: 209
活跃值: (10)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
私信
4
很好,很强大
2007-8-28 20:22
0
十三少
雪    币: 226
活跃值: (15)
能力值: ( LV6,RANK:90 )
在线值:
发帖
回帖
粉丝
私信
5
很好,很强大。刀客请我吃必胜客啊。
2007-8-28 22:33
0
KuNgBiM
雪    币: 817
活跃值: (1927)
能力值: ( LV12,RANK:2670 )
在线值:
发帖
回帖
粉丝
私信
6 
00407FA4 >  55                    push ebp                              ; OEP?
00407FA5    8BEC                  mov ebp,esp
00407FA7    6A FF                 push -1
00407FA9    68 C09F4000           push Dumped_.00409FC0
00407FAE    68 2A814000           push Dumped_.0040812A
00407FB3    64:A1 00000000        mov eax,dword ptr fs:[0]
00407FB9    50                    push eax
00407FBA    64:8925 00000000      mov dword ptr fs:[0],esp
00407FC1    83EC 68               sub esp,68
00407FC4    53                    push ebx
00407FC5    56                    push esi
00407FC6    57                    push edi
00407FC7    8965 E8               mov dword ptr ss:[ebp-18],esp
00407FCA    33DB                  xor ebx,ebx


00402260    55                    push ebp                              ; 算法开始?
00402261    8BEC                  mov ebp,esp
00402263    6A FF                 push -1
00402265    68 D0854000           push Dumped_.004085D0
0040226A    64:A1 00000000        mov eax,dword ptr fs:[0]
00402270    50                    push eax
00402271    64:8925 00000000      mov dword ptr fs:[0],esp
00402278    83EC 10               sub esp,10
0040227B    53                    push ebx
0040227C    56                    push esi
0040227D    57                    push edi
0040227E    8BD9                  mov ebx,ecx
00402280    FF15 44D44000         call dword ptr ds:[40D444]
00402286    68 00010000           push 100
0040228B    FF15 34D44000         call dword ptr ds:[40D434]
00402291    8BF8                  mov edi,eax
00402293    897D E8               mov dword ptr ss:[ebp-18],edi
00402296    83C4 04               add esp,4
00402299    68 00010000           push 100
0040229E    FF15 34D44000         call dword ptr ds:[40D434]
004022A4    8945 EC               mov dword ptr ss:[ebp-14],eax
004022A7    83C4 04               add esp,4
004022AA    FF15 40D44000         call dword ptr ds:[40D440]
004022B0    8D4D F0               lea ecx,dword ptr ss:[ebp-10]
004022B3    E8 A05A0000           call Dumped_.00407D58
004022B8    68 00010000           push 100
004022BD    57                    push edi
004022BE    8D8B 400A0000         lea ecx,dword ptr ds:[ebx+A40]
004022C4    C745 FC 00000000      mov dword ptr ss:[ebp-4],0
004022CB    E8 065B0000           call Dumped_.00407DD6
004022D0    BE 1CC44000           mov esi,Dumped_.0040C41C
004022D5    8BC7                  mov eax,edi
004022D7    8A10                  mov dl,byte ptr ds:[eax]
004022D9    8ACA                  mov cl,dl
004022DB    3A16                  cmp dl,byte ptr ds:[esi]
004022DD    75 1C                 jnz short Dumped_.004022FB
004022DF    84C9                  test cl,cl
004022E1    74 14                 je short Dumped_.004022F7
004022E3    8A50 01               mov dl,byte ptr ds:[eax+1]
004022E6    8ACA                  mov cl,dl
004022E8    3A56 01               cmp dl,byte ptr ds:[esi+1]
004022EB    75 0E                 jnz short Dumped_.004022FB
004022ED    83C0 02               add eax,2
004022F0    83C6 02               add esi,2
004022F3    84C9                  test cl,cl
004022F5  ^ 75 E0                 jnz short Dumped_.004022D7
004022F7    33C0                  xor eax,eax
004022F9    EB 05                 jmp short Dumped_.00402300
004022FB    1BC0                  sbb eax,eax
004022FD    83D8 FF               sbb eax,-1
00402300    85C0                  test eax,eax
00402302    0F84 53010000         je Dumped_.0040245B
00402308    8DB3 880A0000         lea esi,dword ptr ds:[ebx+A88]
0040230E    8D8B 000A0000         lea ecx,dword ptr ds:[ebx+A00]
00402314    56                    push esi
00402315    E8 6E5A0000           call Dumped_.00407D88
0040231A    8B06                  mov eax,dword ptr ds:[esi]
0040231C    8B3D 10934000         mov edi,dword ptr ds:[409310]
00402322    68 1CC44000           push Dumped_.0040C41C
00402327    50                    push eax
00402328    FFD7                  call edi
0040232A    83C4 08               add esp,8
0040232D    85C0                  test eax,eax
0040232F    0F84 26010000         je Dumped_.0040245B
00402335    8D45 F0               lea eax,dword ptr ss:[ebp-10]
00402338    8D8B 20010000         lea ecx,dword ptr ds:[ebx+120]
0040233E    50                    push eax
0040233F    E8 445A0000           call Dumped_.00407D88
00402344    8B4D F0               mov ecx,dword ptr ss:[ebp-10]
00402347    68 1CC44000           push Dumped_.0040C41C
0040234C    51                    push ecx
0040234D    FFD7                  call edi
0040234F    83C4 08               add esp,8
00402352    85C0                  test eax,eax
00402354    0F84 01010000         je Dumped_.0040245B
0040235A    8D55 F0               lea edx,dword ptr ss:[ebp-10]
0040235D    8BCE                  mov ecx,esi
0040235F    52                    push edx
00402360    E8 6B5A0000           call Dumped_.00407DD0
00402365    8D45 F0               lea eax,dword ptr ss:[ebp-10]
00402368    8D8B E0000000         lea ecx,dword ptr ds:[ebx+E0]
0040236E    50                    push eax
0040236F    E8 145A0000           call Dumped_.00407D88
00402374    8B4D F0               mov ecx,dword ptr ss:[ebp-10]
00402377    68 1CC44000           push Dumped_.0040C41C
0040237C    51                    push ecx
0040237D    FFD7                  call edi
0040237F    83C4 08               add esp,8
00402382    85C0                  test eax,eax
00402384    0F84 D1000000         je Dumped_.0040245B
0040238A    8D55 F0               lea edx,dword ptr ss:[ebp-10]
0040238D    8BCE                  mov ecx,esi
0040238F    52                    push edx
00402390    E8 3B5A0000           call Dumped_.00407DD0
00402395    8D45 F0               lea eax,dword ptr ss:[ebp-10]
00402398    8D8B A0000000         lea ecx,dword ptr ds:[ebx+A0]
0040239E    50                    push eax
0040239F    E8 E4590000           call Dumped_.00407D88
004023A4    8B4D F0               mov ecx,dword ptr ss:[ebp-10]
004023A7    68 1CC44000           push Dumped_.0040C41C
004023AC    51                    push ecx
004023AD    FFD7                  call edi
004023AF    83C4 08               add esp,8
004023B2    85C0                  test eax,eax
004023B4    0F84 A1000000         je Dumped_.0040245B
004023BA    8D55 F0               lea edx,dword ptr ss:[ebp-10]
004023BD    8BCE                  mov ecx,esi
004023BF    52                    push edx
004023C0    E8 0B5A0000           call Dumped_.00407DD0
004023C5    8B3E                  mov edi,dword ptr ds:[esi]
004023C7    83C9 FF               or ecx,FFFFFFFF
004023CA    33C0                  xor eax,eax
004023CC    F2:AE                 repne scasb
004023CE    8B45 EC               mov eax,dword ptr ss:[ebp-14]
004023D1    F7D1                  not ecx
004023D3    2BF9                  sub edi,ecx
004023D5    8BD1                  mov edx,ecx
004023D7    8BF7                  mov esi,edi
004023D9    8BF8                  mov edi,eax
004023DB    C1E9 02               shr ecx,2
004023DE    F3:A5                 rep movsd
004023E0    8BCA                  mov ecx,edx
004023E2    83E1 03               and ecx,3
004023E5    F3:A4                 rep movsb
004023E7    51                    push ecx
004023E8    8BCC                  mov ecx,esp
004023EA    8965 EC               mov dword ptr ss:[ebp-14],esp
004023ED    50                    push eax
004023EE    E8 D7590000           call Dumped_.00407DCA
004023F3    8B45 E8               mov eax,dword ptr ss:[ebp-18]
004023F6    51                    push ecx
004023F7    8BCC                  mov ecx,esp
004023F9    8965 E4               mov dword ptr ss:[ebp-1C],esp
004023FC    50                    push eax
004023FD    C645 FC 01            mov byte ptr ss:[ebp-4],1
00402401    E8 C4590000           call Dumped_.00407DCA
00402406    C645 FC 00            mov byte ptr ss:[ebp-4],0
0040240A    E8 E14C0000           call Dumped_.004070F0
0040240F    83C4 08               add esp,8
00402412    E8 D9420000           call Dumped_.004066F0
00402417    3D EE44B0DB           cmp eax,DBB044EE                      ; 比较EAX值?3685762286
0040241C    75 09                 jnz short Dumped_.00402427
0040241E    8BCB                  mov ecx,ebx
00402420    E8 4BF2FFFF           call Dumped_.00401670
00402425    EB 34                 jmp short Dumped_.0040245B
00402427    8B0D 2CC74000         mov ecx,dword ptr ds:[40C72C]
0040242D    8D55 F0               lea edx,dword ptr ss:[ebp-10]
00402430    51                    push ecx
00402431    68 54C04000           push Dumped_.0040C054                 ; %d
00402436    52                    push edx
00402437    E8 82590000           call Dumped_.00407DBE
0040243C    8B45 F0               mov eax,dword ptr ss:[ebp-10]
0040243F    50                    push eax
00402440    E8 1B360000           call Dumped_.00405A60
00402445    83C4 10               add esp,10
00402448    8BCB                  mov ecx,ebx
0040244A    6A 40                 push 40
0040244C    68 48C04000           push Dumped_.0040C048                 ; 注册错误!
00402451    68 24C04000           push Dumped_.0040C024                 ; 没关系,再来一次!\n\n 失败乃成功之母!
00402456    E8 69590000           call Dumped_.00407DC4
0040245B    8D4D F0               lea ecx,dword ptr ss:[ebp-10]
0040245E    C745 FC FFFFFFFF      mov dword ptr ss:[ebp-4],-1
00402465    E8 F8570000           call Dumped_.00407C62
0040246A    8B4D F4               mov ecx,dword ptr ss:[ebp-C]
0040246D    5F                    pop edi
0040246E    5E                    pop esi
0040246F    64:890D 00000000      mov dword ptr fs:[0],ecx
00402476    5B                    pop ebx
00402477    8BE5                  mov esp,ebp
00402479    5D                    pop ebp
0040247A    C3                    retn
2007-8-29 02:09
0
游客
登录 | 注册 方可回帖
回帖 表情 雪币赚取及消费
高级回复
返回
//