Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

app 9, close not not good enough


ghost's Avatar
0 0

Okay, I got this far but now what do I do?

Text strings referenced in crackme1:.text Address Disassembly Text string 00401000 PUSH 0 (Initial CPU selection) 00401067 MOV DWORD PTR SS:[EBP-C],crackme1.004030 ASCII "CrackMenu" 0040106E MOV DWORD PTR SS:[EBP-8],crackme1.004030 ASCII "SimpleWinClass" 004010C1 PUSH crackme1.00403010 ASCII "CrackMe #1" 004010C6 PUSH crackme1.00403001 ASCII "SimpleWinClass" 00401151 PUSH crackme1.0040302E ASCII "Name:" 00401156 PUSH crackme1.00403027 ASCII "static" 00401181 PUSH crackme1.0040303B ASCII "edit" 004011BA PUSH crackme1.00403034 ASCII "Code:" 004011BF PUSH crackme1.00403027 ASCII "static" 004011EA PUSH crackme1.0040303B ASCII "edit" 0040121B PUSH crackme1.00403047 ASCII "Try it!" 00401220 PUSH crackme1.00403040 ASCII "button" 00401254 PUSH crackme1.00403010 ASCII "CrackMe #1" 00401259 PUSH crackme1.0040304F ASCII "You need to see what the app does with your name!" 00401272 PUSH crackme1.00403010 ASCII "CrackMe #1" 00401277 PUSH crackme1.00403082 ASCII "Made by lucid_dream for HBH" 004012AD PUSH crackme1.004030E4 ASCII "SwiftNomad" 004012BF PUSH crackme1.004030FD ASCII "whatitisnow" 004012D0 MOV ESI,crackme1.004030E4 ASCII "SwiftNomad" 00401306 MOV EDI,crackme1.00403116 ASCII "A447EC24" 004013ED MOV ESI,crackme1.004030FD ASCII "whatitisnow" 004013FB PUSH crackme1.00403010 ASCII "CrackMe #1" 00401400 PUSH crackme1.004030B8 ASCII "Well done, you did it!" 0040140C MOV EDI,crackme1.00403116 ASCII "A447EC24" 00401411 MOV ESI,crackme1.004030FD ASCII "whatitisnow" 00401455 PUSH crackme1.0040309E ASCII "Password" 0040146A PUSH crackme1.00403010 ASCII "CrackMe #1" 0040146F PUSH crackme1.004030A7 ASCII "Sorry, Try Again"

The User Name and pass I did myself "SwiftNomad" and "whatitisnow"

Blah


ghost's Avatar
0 0

What's that tool you're using?

I don't recognize the output…


ghost's Avatar
0 0

I am using Ollydgb.. I just got the strings than saw that it said look and see what it does to your name.. than I ran the file and refreshed it… and than.. it has my name and password of what I put in there.. I know I am doing something right.. right?


ghost's Avatar
0 0

what do you need it to out put? then make it do that character by charactor


ghost's Avatar
0 0

Its not too hard, I just downloaded it for a quick look and did it.

set a breakpoint on both messages by searching for string references and pressing f2.

Run the app

BIG HINT& (Well i think so). The program has self modifying code so you might need to look around a little if it isnt there when the app starts up.


ghost's Avatar
0 0

OMG that was so easy. You all make it sound so hard. If anyone needs any help, feel free to ask.


ghost's Avatar
0 0

ok, can you help me? ive done all the other apps before this one but im stuck


ghost's Avatar
0 0

i have just got done doing this app, and if you are using Olly, then it will be really easy! it wants you to see what the app does with your name, so in Olly run the program while you decompiled it, and then look in the hex section. learn from how you complete each mission, and dont just do it for the points and bragging rights ;)


ghost's Avatar
0 0

Can't believe how simple this one was. Have to love Olly.