Here silent

Others 2019-12-16 01:39:29 views: null

figure 1
Registration code required to give the nsfocus.
Because it involves the RC6 encryption algorithm and MD5, it is more annoying.
No shell, but some protection, you can ignore.
Run up and down bp MessageBoxA breakpoints can go back a little bit to find the key code.
First, determine the

00401882 |. 83F9 20 cmp ecx, 20 ; 判断长度32位
00401885 |. 75 28 jnz short CrackMe2.004018AF
00401887 |. 33C9 xor ecx, ecx
00401889 |> 8A0411 /mov al, byte ptr ds:[ecx+edx]
0040188C |. 3C 30 |cmp al, 30 ; 与0比较
0040188E |. 7C 04 |jl short CrackMe2.00401894
00401890 |. 3C 39 |cmp al, 39 ; 与9比较
00401892 |. 7E 08 |jle short CrackMe2.0040189C
00401894 |> 3C 41 |cmp al, 41
00401896 |. 7C 0A |jl short CrackMe2.004018A2 ; 与A比较
00401898 |. 3C 46 |cmp al, 46
0040189A |. 7F 06 |jg short CrackMe2.004018A2 ; 与F比较
0040189C |> 41 |inc ecx
0040189D |. 83F9 20 |cmp ecx, 20
004018A0 |.^ 7C E7 jl short CrackMe2.00401889
004018A2 |> 83F9 20 cmp ecx, 20 ; 这里正常
004018A5 |. 75 08 jnz short CrackMe2.004018AF
004018A7 |. B8 01000000 mov eax, 1

Where it is determined as a 32-bit registration number, and the characters may be only 0-F. Moment do not calm, 32, is likely to occur MD5. The registered characters can only be 0-F.
Next analysis, comparison to the last place. Great column   where silent r /> figure 2
found the following portion of the data window.

0012F664 35 47 82 5C 33 8C 85 77 9A 67 45 7A 6D 5C 16 47 5G俓3寘w歡EzmG
0012F674 F6 AD DD 6C 46 EB B6 44 BD A2 65 36 6E 8C A6 75 霏輑F攵D舰e6n對u
0012F684 B9 B7 DD 1C 42 1E 00 5B C9 A7 F7 0B 84 8E 3D 0E 狗?B.[骚?剮=

Which B9B7DD1C421E005BC9A7F70B848E3D0Eis the MD5 value of nsfocus.
F6ADDD6C46EBB644BDA265366E8CA675Personal registration code is entered [Enter here to demonstrate the correct registration code].
The above string of 3547825C338C85779A67457A6D5C1647 moment I do not calm.
That is, CrackMe determined way Eecode (Key) = MD5 (Name ).
Encryption algorithm only uses 0-F, and may have their own key string 3547825C338C85779A67457A6D5C1647. Suspect might use RC6 encryption algorithm.
Because there is a way RC6Decrypt (MD5 (Name)) = Key. It can be considered to see snow occasionally found a post.
Try this with RC6 decryption
image 3
key string really is 3547825C338C85779A67457A6D5C1647
Well, under the twists and turns finally get Key: nsfocus: F6ADDD6C46EBB644BDA265366E8CA675

Transfer from the experiment of it, the original author experiment it ID bigtree

Guess you like

Origin www.cnblogs.com/lijianming180/p/12046790.html
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com