Solution-ZeroZero-MiraclE

From aldeid
Jump to navigation Jump to search

Description

Objective

The objective of this crackme (http://crackmes.de/users/zerozero/miracle/) is to crack the serial is develop a keygen.

Solution

The serial to provide is "Cannabis", whatever username is provided (minimum 4 characters). Below is the output of my keygen: 

$ ./keygen.py 
Serial: Cannabis

Code analysis

sub_40112E

Function Overview

First XOR

Second XOR and comparaison

Reversing the algorithm

The password provided by the user is XOR'ed with a rotating 8-bytes array (5A 65 72 6F 5A 65 72 6F).

The resulting array is then XOR'ed with a rotating 6-bytes array (30 30 20 5C 7E 35).

The result of these tranformations (String2) is compared to String1 (.data:004030CF 29 34 3C 5D 45 32 2B 2C).

Reversing the serial consists in XOR'ing the expected result with the rotating 6-bytes array and then with the rotating 8-bytes array.

My keygen

#!/usr/bin/env python

temp = []
res = [0x29, 0x34, 0x3C, 0x5D, 0x45, 0x32, 0x2B, 0x2C]
k1 =  [0x30, 0x30, 0x20, 0x5C, 0x7E, 0x35, 0x30, 0x30]
k2 =  [0x5A, 0x65, 0x72, 0x6F, 0x5A, 0x65, 0x72, 0x6F]

for c, i in enumerate(res):
    temp.append(i ^ k1[c] ^ k2[c])

print "Serial: %s" % (''.join([chr(i) for i in temp]))
Retrieved from "https://www.aldeid.com/w/index.php?title=Solution-ZeroZero-MiraclE&oldid=33742"