| It is quite simple. It calculates CRC32 from serial part3 and compare it to constant value. You have 5 chars in range 1-FF (null byte isn't allowed) and this gives You maximum 40 bits to test. So You have to test 1-FFFFFFFFFF range by calculating it's CRC32 value and comparing with constant. Hope now it's easier to understood. |
==> |
| Sample key pair:
name: ToMKoL
company: [c4U]
serial: 4F4E2F32634E5941674943344F7961555739427939464D32525A73304649616D532F572B734779427A454E31505757365839734E6F56637A504F45376B5334654141324666765862707156504F314D4C644169573969355655456F706A3779466578634A31354972722F69477433737A466664754A556D62356E716E73446B354667765637536E48306F4F776F5A5A45367332315536756261594556584269437064552B71516C6245684778646278706343623242354F61343241487A76484C316E484A6E5642506F6B393031756344344174734D4D505A545669726F683369466554582B722B39744977506272445A486464722F62492F3776595258486C312F304E32706F432B5A6939722F6F61432F6A673349426F354B53654D552F644646746371532F57756D6759776975696E516E443439616B537553346177387368613141566370746E4D6F70724246544571786553694554542F43722B4831355239526E304D4A7A6C75564567457171494367326977695442384F532B424B6F514C557363685A6351737753422F2B636D557039326D306D4B48647764436A2B62347A345A51424B386851773D
AES and base64. Quite funny. |
==> |
| Made mistake. Crackme is fully solvable. Here is example key pair:
Name: ToMKoL; Serial1: 534; Serial2: 14,9662922 |
==> |
| Second stage is broken. There is no possibilty to calculate valid serial. Verification goes like this:
15 * decval(left(stage1serial,3)) - 18 == stage2serial * decval(left(stage1serial,3)) |
==> |
| @n0ve3mber - please don't write about reversing hash function. For Your information it's not possible. Functions that have reverse function aren't hash functions. |
==> |
| MD5 have been broken years ago. Finding collision on modern computers takes seconds. So telling that this crackme uses strong encryption method is pointless. Other thing is that there exists web pages that offer finding plain text for given hash (rainbow tables). This way this crackme can be solved in seconds.
Other thing is that FAQ don't tell any thing about using commercial or not encryption/protection systems. There are crackmes on this site that are protected with strong commercial systems and till now no one banned them. |
==> |
| Judging by the charset I supose it's base36 conversion. |
==> |
| It's written in pure assembler. Not packed or protected in any way. You can check it's not virus/trojan. Either throw out Defender or better reverse it and tell what malicious task it performs. |
==> |
| I'm glad You liked it. Yes last part is quite simple math (althrough all pieces are simple once You know what they do). Waiting for solution once You put all pieces together. |
==> |
| "OUPWO" - testing - if site doesn't show then sixth char is 0x3E |
==> |
| OUPWO - type this as name with any serial and crackme solved. |
==> |
| Maybe some harder math equations? If You want to implement CRC32 there is plenty of vulnerabilities that can be used with it. And making serial more name dependent will make it harder. If in this one serial would depend more on name it would make writing keygen quite difficult. |
==> |
| @Tester009 Here is my keygen - serial that works for any name.
Name - any (2 to 40 chars to satisfy keygenme condition)
Serial - �00700�7D8B5�C3R2C�C0DED�0C59B�
If it displays bad it's 0x07. |
==> |
| @Tester009 Well I uploaded my solution. It was nice keygenme. I was a bit disapointed with name dependency. If it was more name dependent it would be more challenging. I most liked the part 5 serial check. This took me most of time. |
==> |
| Made one small mistake with range and can tell that there are two possible separators. Here is second combo:
ToMKoL
�11311�06FF1�C3R2C�51BCD�07B19�
If it displays wrong it's 0x06. |
==> |
| Nice one. I wouldn't rate it as 4. At most 3 but really interesting keygenme. Here is mine combo:
ToMKoL
¶11311¶06FF1¶C3R2C¶51BCD¶07B19¶
And aswering to Xor0 question separator has only one solution that pass check. |
==> |