Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 01-10-2005, 07:27 PM
sixty1 sixty1 is offline
Member
 
Join Date: Jan 2005
Location: vegas
Posts: 6
Send a message via AIM to sixty1
Default new reverse me!!

http://geekyhackers.com/trg/regme.rar

This one is a lil bit more complicated make the startup message show that its registered and find the right serial. Anyone wanna take a try?


laatez

- sixty1
Reply With Quote
  #2  
Old 01-10-2005, 08:51 PM
Crudd Crudd is offline
Administrator
 
Join Date: Dec 2002
Posts: 22
Default

Too simple. The regfile doesnt even need to contain any bytes, and the serial is in plain view.
Crudd [RET]
__________________
Just another freak, in the freak kingdom.
Reply With Quote
  #3  
Old 01-10-2005, 11:50 PM
sixty1 sixty1 is offline
Member
 
Join Date: Jan 2005
Location: vegas
Posts: 6
Send a message via AIM to sixty1
Default

waaat??? The serial isnt in plain view, Unless your saying plain view as when comparison when in the register. I dont know.
Reply With Quote
  #4  
Old 01-12-2005, 08:25 PM
Crudd Crudd is offline
Administrator
 
Join Date: Dec 2002
Posts: 22
Default

Code:
UPX0:00401481 * * * * * * * * call * *sub_40946D * * * * * ; Serial routine? *Doesnt matter anyway :)

UPX0:00401486 * * * * * * * * add * * esp, 4 * * * * * * * ; EAX holds our serial after the call

UPX0:00401489 * * * * * * * * cmp * * eax, 0FA5A9C40h * * *; compare our serial with the correct serial (4200242240)

UPX0:0040148E * * * * * * * * pop * * esi

UPX0:0040148F * * * * * * * * push * *0

UPX0:00401491 * * * * * * * * push * *0

UPX0:00401493 * * * * * * * * jnz * * short loc_4014A8 * * ; jump if not correct serial (4200242240)

UPX0:00401495 * * * * * * * * push * *offset aHackThePlanet; "Hack the planet!"

UPX0:0040149A * * * * * * * * push * *offset aWowYourAPro *; "Wow your a pro!"

UPX0:0040149F * * * * * * * * push * *0

UPX0:004014A1 * * * * * * * * call * *ds:MessageBoxExA

UPX0:004014A7 * * * * * * * * retn
Crudd [RET]
__________________
Just another freak, in the freak kingdom.
Reply With Quote
  #5  
Old 01-13-2005, 04:41 PM
sixty1 sixty1 is offline
Member
 
Join Date: Jan 2005
Location: vegas
Posts: 6
Send a message via AIM to sixty1
Default ahha

yep yep
Reply With Quote
  #6  
Old 01-22-2005, 07:45 AM
rous rous is offline
Member
 
Join Date: Jan 2004
Posts: 38
Default

:lol:
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.