Keyfile Crackme
by N0p3x

Tutorial by Lucifer48 [Immortal Descendants]
(July 17th, 1999)


With filemon (or W32Dasm), you find the name of the keyfile: n0p3x.key
The dialog box is created with USER32!DialogBoxParamA. After CreateFile, ReadFile, ... 
XXXX:00401113  XOR  BYTE PTR [EAX+004020F3],43
XXXX:0040111A  INC  EAX
XXXX:0040111B  CMP  BYTE PTR [EAX+004020F3],00
XXXX:00401122  JNZ  00401113
XXXX:00401124  PUSH 004020F3                     ;beginning of my keyfile
XXXX:00401129  PUSH 004020FD                     ;beginning of my keyfile + Ah
XXXX:0040112E  CALL KERNEL32!lstrcmp             ;comparison
XXXX:00401133  CMP  EAX,00
The shortest keyfile (11 bytes) could be: 
43 2D 4C 55 34 38 2F 49 44 2D 43	          C-LU48/ID-C
Two null strings will be compared (43 XOR 43 = 00).

The biggest keyfile (20 bytes) could be: 
4C 75 63 69 66 65 72 34 38 43 4C 75 63 69 66 65   Lucifer48CLucife
72 34 38 43                                       r48C
"Lucifer48"=="Lucifer48" ??

True of course ! :) Too easy...

Greetings: All ID members (Volatility, Torn@do, ...), Eternal Bliss, ACiD BuRN, Duelist, LaZaRuS, people on #cracking4newbies, french crackers, and other crackme makers.


(c) Lucifer48. All rights reversed