[Challenge] Crack Me

[xPerfection]

Well its the first 'Crack Me' application I've ever made.
So don't be mad if its too easy (I don't think it is but however).
Post a screenshot inside the program when you've done cracking it.

Virus Scan:
https://www.virustotal.com/resultado....a1e49df24597b9

Download (Attached):
- a security problem was found, please download the new version.
(its the fixed version)

[radnomguywfq3]

One question, did you like translate your password in to some sort of wired string. Because all I can find that could be a password is

@#n¥65)¦?

but wait i'm going to try and crack it with ollydbg..

[Jeckels]

Probably Packed it :/

[radnomguywfq3]

Yay, thats what I was thinking, and you can't really decompile VB code so. Is there anyway around this?

[castaway]

Yay, thats what I was thinking, and you can't really decompile VB code so. Is there anyway around this?

yeah
ollydbg
but uhmmm
it looks like a random password...

[w00t?]

Yes i will also try ollydebuger...hehee i discovered whats inside...when u type correct password ask u for name and type crackedby <name>

but not sure...dont get password yet

[xPerfection]

Its not packed
And its not a random password, the same password for always

@woot?
Yea you right lol

HINT:
Its may be a lil hard to crack because on each form its validating if you are really entered the correct password, therefore, just passing the form without entering the correct password (AKA without making the program thinks you did) will result in a error on the next form.

[w00t?]

Yes i tryed bypassing the password form but get error...let me try again...

[xPerfection]

If you passed the password form (done half a way) you shoulda get that message on the next form "Incorrect password was found, you got cought noob."
Now you gotta bypass the password validation checks. (there's two, one on each form).

And you done

Or just get the password..

[ZeaS]

If you passed the password form (done half a way) you shoulda get that message on the next form "Incorrect password was found, you got cought noob."
Now you gotta bypass the password validation checks. (there's two, one one each form).

And you done

Or just get the password..

lol thats nice ^^ can you send me the source data?? ^^

[xPerfection]

lol thats nice ^^ can you send me the source data?? ^^

Do you got MSN?

PM it to me.

[ZeaS]

i got it cracked ^^

[lucaking1]

Thats badass Zeas! ( can u teach me ?:P) ima D.X!T Member too you know :P

[xPerfection]

Thats badass Zeas! ( can u teach me ?:P) ima D.X!T Member too you know :P

Its got crack in this way:

Found the routine getting called by the click event, and looked at this;

Code:

004035E8   > 8B45 E8        MOV EAX,DWORD PTR SS:[EBP-18]
004035EB   . 50             PUSH EAX                                 ;  out password
004035EC     68 AC284000    PUSH Crack_Me.004028AC                   ;  the password
004035F1   . FF15 40104000  CALL DWORD PTR DS:[<&MSVBVM60.__vbaStrCm>;  MSVBVM60.__vbaStrCmp
004035F7   . 8BF0           MOV ESI,EAX                              ;  load result into esi
004035F9   . 8D4D E8        LEA ECX,DWORD PTR SS:[EBP-18]
004035FC   . F7DE           NEG ESI                                  ;  negate esi
004035FE   . 1BF6           SBB ESI,ESI                              ;  sub esi esi
00403600   . 46             INC ESI                                  ;  increase esi by one
00403601   . F7DE           NEG ESI                                  ;  negate esi
00403603   . FF15 98104000  CALL DWORD PTR DS:[<&MSVBVM60.__vbaFreeS>;  MSVBVM60.__vbaFreeStr
00403609   . 8D4D E4        LEA ECX,DWORD PTR SS:[EBP-1C]
0040360C   . FF15 9C104000  CALL DWORD PTR DS:[<&MSVBVM60.__vbaFreeO>;  MSVBVM60.__vbaFreeObj
00403612   . 66:3BF7        CMP SI,DI
00403615     0F84 D7000000  JE Crack_Me.004036F2

An invalid serial would return 1 to eax, making the end result when it gets to 00403612 be comping 0 to 0... A valid serial would be something else and zero, taking the jump.

Changing the JE to JNZ would make it jump on everything but the real password.

[lucaking1]

With ollyDBG?