Smellon1's KeyGen Me

Author:
Smellon1

Language:
C/C++

Upload:
2024-09-25 20:40

Download

Platform:
Windows

Difficulty:
4.0

Quality:
4.0

Arch:
x86-64

Downloads:
16

Size:
1.28 MB

Writeups:
0

Comments:
7

Description

The goal is simply to keygen the file, goodluck :) Optional: Devirtualize the keygen code aswell

Comments (7)
Writeups (0)

You must be logged in to post a comment

xorkey on 2024-10-05 12:48: i'm in .sg2 and have no idea how to approach this i'd love a tip

iwn on 2024-10-07 22:50: [Click to reveal]

Smellon1 on 2024-11-04 02:42: Just because some code that's virtualized causes a flag, doesn't mean it's malicious. This is a pretty bad place to try to hide malicious code anyways. Here's a tip: The key is using xor transformations aswell as the system entropy. Your best bet is to try to understand how it's manipulating memory.

dzwassim95 on 2024-12-14 20:30: i only found that the result is in the r12 register , i dont understand whats going on on .sg2 , please provide your discord i wanna ask u questions

superpyxel on 2024-12-26 16:35: Hey, I try to use x64dbg and when it handles the password input I can't pause it in the debugger. What's up with that? I click pause before entering inputs but it continues anyway.

Smellon1 on 2025-01-29 01:13: superpyxel - when you enter something, it unpauses itself. this is something with windows itself, not my code.

jeffli6789 on 2026-01-04 06:25: This crackme had been reviewed when it was originally approved and is likely safe. Crackmes often get flagged by antivirus software, EDR systems, or VirusTotal because they may use the same protection techniques found in malware (packers, anti-debugging, self-modifying code, etc.), or simply a false positive. This does NOT mean the crackme is actually malicious. The only way to confirm whether something is truly malware is to reverse engineer it and find proof of malicious code and/or malicious behavior. If you still believe this is actual malware, please report it to us via email: crackmesone@gmail.com. **We encourage everyone to run crackmes in a VM (virtual machine) and exercise caution when executing unknown binaries.** *Disclaimer: We do our best to review submissions, but mistakes can happen. The administrators and crackmes.one cannot be held liable for any damages or losses resulting from the use of files downloaded from this site. Always exercise caution and use a sandboxed environment.*

Show all spoilers

You must be logged in to submit a writeup