Use OLDDBG to find registration code, Keymake write registration machine tutorial

Click to browse this file

Use OLDDBG to find a registration code tutorial

Author: night attack to QQ: 20517896email: loop_jspone@yahoo.com.cn

Exercise program ke_crackme2.exe (provided by wind snow)

1. First use the Fi.exe to detect the shell 2. Use UpXShell to remove the housing 3. Open the sheckable file with OllBg.exe 4. Once the F9 run the program, right click on the search -> character reference,

Found 00401345 |. 68 B8344000 Push Key-CRAC.004034B8; | TEXT = "Good

Job, I wish you the very best, double click to the main window:

Looking up, find the key jump:

00401309 |> 8b15 38304000 / MOV EDX, DWORD PTR DS: [403038] 0040130F |. 8A90 37304000 | MOV DL, BYTE PTR DS: [EAX 403037] 00401315 |. 81e2 FF000000 | And EDX, 0FF0040131B |. 8bda | MOV EBX , EDX0040131D |. 0FAFDA | IMUL EBX, EDX00401320 |. 03F3 | ADD ESI, EBX00401322 |. 8BDA | MOV EBX, EDX00401324 |. D1FB | SAR EBX, 100401326 |. 03F3 | ADD ESI, EBX00401328 |. 2BF2 | SUB ESI, EDX0040132A |. 40 | INC EAX0040132B |. 49 | DEC ECX0040132C |. ^ 75 DB / JNZ SHORT Key-Crac.004013090040132E |. 56 PUSH ESI0040132F |. 68 38314000 PUSH Key-Crac.0040313800401334 |. E8 4A000000 CALL Key-Crac.0040138300401339 5E POP ESI0040133A |. 3BC6 CMP Eax, ESI ** Key Comparison, I can know that true data must be in it, here

Press F2 to break down. 0040133c |. 75 15 JNZ Short key-craac.00401353 ** Key jump 0040133E |. 6a 00 push 0; / style =

MB_OK | MB_Applmodal00401340 |. 68 62344000 Push Key-CRAC.00403462; | Title = "Key / CRACKME

# 2 "00401345 |. 68 b8344000 push key-craac.004034b8; | text =" good job, i

Wish You the Very Best "0040134a |. 6a 00 push 0; | HOWNER = NULL0040134C |. E8 9D000000 Call ; / messageboxa5. After completing the registration information, it is interrupted on 0040133a, at this time To the main window, two information ESI = 00035Bebeax = 0001E0F3

Right-click Modify Storage View ESI 16 Enter: 00035Beb, 10 Enter Symbol: 220139, this is true registration code, the same

Look at EAX, it is the fake registration code that just fills in.

6. Get the registration code, the first phase is completed.

7. Write the registration machine by the above information: Open Keymake.exe, press F8, check the registration machine settings, click to find the program to crack the program Key-Crackme2.exe, add interrupt letter

Interest (located at 0040133C |. 75 15 JNZ Short Key-CRAC.00401353):

Interrupt address: 0040133A Interrupt number: 1 first byte: 3B instruction length: 2

Right Selection: Register mode: ESI: Decoction Generate registration machine, placed in a directory with the crack program.

8. This article is completed