downloadbrowsesibesa's sibesa's crackme 1

Download, 3 kb (password:
Browse contents of

4 steps good luck"

Difficulty: 2 - Needs a little brain (or luck)
Platform: Windows
Language: Assembler

Published: 17. Jun, 2005
Downloads: 846


Waiting for at least 3 votes
(we have only 1).

Rate this crackme:

Send a message to sibesa »

View profile of sibesa »


Solution by phueghy, published 19. jun, 2005; download (41 kb), password: or browse.

phueghy has not rated this crackme yet.

The submission of solutions is closed.

Discussion and comments

18. Jun 2005
Does this crackme has a bug?

I solved it , sometimes serial for level4 works and sometimes not. Reason is here

00401449 MOV EDI,DWORD PTR SS:[EBP+14]

value [EBP+14] is used for XORing later, but this value is not constant and I don't know on what logic it changes. One time it's 10B6A50D and second time is D4FEE33B.
19. Jun 2005
oh yes....
in my case it was 9448834Ah .... strange lol
i couldnt find out the logic too :
but it worked
19. Jun 2005
I'm checking level 4.. <esi doesn't inceremnt in the loop, and all solutions seems to be wrong for this level!, you all failed to get the correct magic value, so i'll check it>
19. Jun 2005
Crackme is OK! You just don't know where this value (which is sometimes is constant, n sometimes is not :P) comes from..
Just pay more attention, ur overlooking sth..

19. Jun 2005
It works ok, i solved it... Very nice crackme for newbies... Good work!
19. Jun 2005
Yes, it works perfectly here!
19. Jun 2005
this crkme is very good for newbies,
haggar,GR33d: this [ebp+14] comes from stack, check the parameters of the actually call..
19. Jun 2005
Yep, I found it. I didn't pay attention first time since name/serial check are reall easy so didn't expected a trick. Ha ha, got me.
20. Jun 2005
nice work.IM suprised
15. Jul 2005
Just a technical note on the Solution posted by phuegy:

Stated in solution:
We loop through our name again, XORing every char with that magic value, SHLing the result by 2 and summing these values up at memory location EBP-8.
Actually the code only operates on the first character of the entered username. which is XOR'd and summed a number of times equal to the length of username.

^^^^^^^ esi is never incremented in the loop, so the first character is always used.

therefore, any username with the same first character and the same length will generate the same serial.

nitpicking but that's just me.

24. Jul 2005
bgrimm, thanks for pointing that out. Actually in my keygen I did what you said, but the solution states otherwise. I shall update that and maybe improve the code a little when I find some time.

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.