downloadbrowsePAGMAN's PAGMAN BitCrypt

Download, 39 kb (password:
Browse contents of

Obfuscation is irreverent when you compare it to this. You WILL NOT crack this. The code is easily visible in .NET Reflector. There is no need to hide it. This can NOT be reversed. You either are licensed to run it or you aren't'; it's that simple.

The method of protection is simple, but has never been used (to my knowledge).

If you successfully crack it, post the message that is displayed.

Have fun! :D

Difficulty: 9 - You can't solve this yourself :)
Platform: Windows
Language: .NET

Published: 11. Aug, 2010
Downloads: 921


Votes: 4
Crackme is boring.

Rate this crackme:

Send a message to PAGMAN »

View profile of PAGMAN »


There are no solutions to this crackme yet. Have you solved it? Please write a tutorial and submit it here!

Submit your solution »

Discussion and comments

11. Aug 2010
>This can NOT be reversed.

This is rash opinion
11. Aug 2010
Go ahead and prove me wrong :)
12. Aug 2010
Can you rebuild your crackme with .Net framework below 4.0 (2.0, 3.5...)
12. Aug 2010
yes , please rebuild it with .net framework 3.5 or below.
12. Aug 2010
I have seen these kind of protection(though I dont remember the name).
This protection cannot be applied in real life licensing schemes. If I bought a licensed copy, which is encrypted with my CPUID, I can just dump the decrypted IL, do some hex patching and make a fully functional product. Its like giving a password protected ZIP file, once it is unzipped everyone can copy it :P

Now coming to the protection, processor id is a 64bit number, so you can start brute forcing from 0 to (2^64)-1. (Someone trying it?? :P)

It seems the author has overlooked at the processor id.
Processor id is not a serial number that is just different for every processor. It is the result of instruction CPUID when executed with EAX = 1. This will give the feature list of the processor like x87 FPU on Chip, APIC on Chip etc.

So the probability of finding a system with same CPUID is pretty large(for a licensing scheme). I have tested with couple of PCs and result is:
Core 2 Duo: BFEBFBFF000006FD
Athlon x2 4600+: 178BFBFF00040F33
Athlon x2 4600+: 178BFBFF00040F32
Dual Core: BFEBFBFF0001067A
Athlon x2 5600+: 178BFBFF00040F33

Perfectly brute forcible if you know authors processor type and series : D

Again to math, there are 7 reserved bits(set to 0 by default), so you can optimize the brute force a little bit, and you may assume many of the bits to be set(just assumptions, may be I am wrong).

Ok, enough BS, can you solve it? may be/may be not, I am not gonna brute force!
13. Aug 2010
I will rebuild it...
17. Feb 2011
i will start work on this one i think, should be a good .net project to start off with, cyclops, one got odd results for your CPUID, shouldn't bit 31 returned by 0 always as they default to that?

when i run CPUID i get 0 for all processors in this bit location
14. Apr 2012
stupid crackme... only licenced for only processor... can only be decrypted with one processor hash.. that's why he said this cant be reversed...
15. Jan 2013
It could be reversed, when you bypass the CPU Check!
31. Mar 2013
Any program can be reversed if you try crack this program without reversing it its like throwing eggs on the wall
06. Jan 2014
Content blocked

While trying to retrieve the URL:
The content is blocked due to the following condition: The item you have requested is infected by a virus. It will not be downloaded.
Report: TR/Dropper.MSIL.Gen
07. Jan 2014
Don't trust everything they tell you, antivirus are not perfect.

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.