Crackme (vrs1)

[virusz]

Nivel: Usor

Se cere parola!

Download: Multiupload.com - upload your files to multiple file hosting sites!

-------------------------------------------------------------

Rezultatul se arhiveaza + parola (ultimele caractere dupa ultima -) si se urca undeva, sau PM

[sulea]

programul genereaza seriale pe baza de nr random si username-ul windowsului, si se ataseaza la final '-rst'. totul se realizeaza intr-un timer. deci serialele valide se vor schimba!!! (adica daca ati gasit un serial valid, acel serial este valid doar pt cateva secunde). butonul de 'check' citeste doar ceea ce este in editbox si face comparatia cu serialul valid in acel moment. deci generarea serialului valid se produce in acel timer

daca imi permite timpul voi face un keygen

[virusz]

@sulea e ok, e valid raspunsul dar te rog data viitoare trimite pm sau foloseste alta metoda de a da raspunsul, doar ca sa poata si ceilalti useri sa raspunda, in cazul de fata pot raspunde si ceilalti useri atat timp ca ne spun "serialul"

[Flubber]

self keygen-ul lui sulea

Codul sursa ASM:

.386
.model flat,stdcall
option casemap:none

DlgProc proto :DWORD,:DWORD,:DWORD,:DWORD
EnumChildWindowx proto: DWORD, :DWORD

include \masm32\include\windows.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib

.data
DlgName db "crackme",0


clasa db "TForm1",0 
winn db "Crackme (vrs.1)",0
editul db "TEdit",0



AppName db "demonstratie selfkeygening",0

bytes_cc db 50h, 8Dh, 45h, 0C4h, 8bh, 00h, 89h, 05h, 0DCh, 3Eh, 47h, 00h, 58h, 0FFh, 75h, 0C4h, 68h, 0DCh, 43h, 45h, 00h
         db 0E9h, 6fh, 04h, 0FEh, 0FFh

bytes_jump db 0E9h, 7Ah, 0FBh, 01h, 00h, 90h, 90h, 90h

totalul dd 26
totalul1 dd 26+100
totalul2 dd 8
offset_cc dd 473ef4h
offset_cc1 dd 473ef4h-50
offset_cc2 dd 454375h
adresaa dd 473edch
buffer1 db 4 dup(0)
buffer2 db 20 dup(0)

.data?
hInstance HINSTANCE ?
CommandLine LPSTR ?
buffer db 10 dup(?)

hform dd ?
oldaccess dd ?
hProcess dd ?
pid dd ?
bytes_written dd ?
adresaa2 dd ?

edit_handle dd ?

.const
IDC_BUTTON     equ 3001
IDC_EXIT       equ 3002



.code
start:
    invoke GetModuleHandle, NULL
    mov    hInstance,eax
    invoke DialogBoxParam, hInstance, ADDR DlgName,NULL, addr DlgProc, NULL
    invoke ExitProcess,eax

DlgProc proc hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
    .IF uMsg==WM_CLOSE
        invoke SendMessage,hWnd,WM_COMMAND,IDC_EXIT,0
    .elseif uMsg==WM_TIMER
        Invoke ReadProcessMemory, hProcess, adresaa, addr buffer1, 4, NULL
        lea eax,buffer1
        mov eax,[eax]
        push eax
        pop adresaa2
        add adresaa2,10h

        Invoke ReadProcessMemory, hProcess, adresaa2, addr buffer2, 18, NULL
        invoke SendMessage, edit_handle, WM_SETTEXT, 0, ADDR buffer2

    .ELSEIF uMsg==WM_COMMAND
        mov eax,wParam
            mov edx,wParam
            shr edx,16
            .if dx==BN_CLICKED
                .IF ax==IDC_BUTTON

                    invoke FindWindow,addr clasa,addr winn 
                    mov hform, eax
                    .if hform != 0
                        invoke EnumChildWindows, hform, ADDR EnumChildWindowx, NULL
                        Invoke GetWindowThreadProcessId, hform, ADDR pid
                        Invoke OpenProcess,PROCESS_VM_READ + PROCESS_VM_WRITE + PROCESS_VM_OPERATION, 0, pid
                        mov hProcess,eax
                        Invoke VirtualProtectEx, hProcess, offset_cc1, totalul1, PAGE_EXECUTE_READWRITE, addr oldaccess
                        invoke WriteProcessMemory,hProcess,offset_cc, addr bytes_cc, totalul, addr bytes_written
                        Invoke VirtualProtectEx, hProcess, offset_cc2, totalul2, PAGE_EXECUTE_READWRITE, addr oldaccess
                        invoke WriteProcessMemory,hProcess,offset_cc2, addr bytes_jump, totalul2, addr bytes_written
                        invoke SetTimer,hWnd,1,1000,NULL 

.endif 

                .ELSEIF ax==IDC_EXIT

                    invoke EndDialog, hWnd,NULL

                .ENDIF
            .ENDIF
    .ELSE
        mov eax,FALSE
        ret
    .ENDIF
    mov eax,TRUE
    ret
DlgProc endp

EnumChildWindowx proc hhWin:DWORD,lParam:DWORD


       invoke GetClassName,hhWin,addr buffer,10
       invoke lstrcmpi,addr buffer,addr editul
       cmp eax,0
       jne @F

       push hhWin
       pop edit_handle

   @@: mov eax,1

ret
EnumChildWindowx endp


end start