Five Star Crackme watching compilation write C has spit blood

In fact, I was directed at this at the outset, a mysterious core organization do not know why things, like a very strong look to promote I want to get him out. The software is shell, this is nothing to say, the beginning is Pushad, so on the stack access breakpoint immediately can get Magic JMP

Then down, found very easy to break in the MessageBox this function, in the stack back to check the parameters of the last layer of function, I decided to write a register machine or restore the original code. So happy to decide with myself.

From the afternoon to the evening, I have a word line slowly so that the following results

1 //TEXme01Keygen.cpp:Defines the entry point for the console application.2 //3 4#include"stdafx.h"5#include <iostream>6#include"windows.h"7 int_tmain (intARGC, _tchar*argv[])8 {9     Charupstr[ Max] ="MYSTRUPGGG";Ten     Char*downstr="Mystrdown"; One     Char*symupstr =Upstr; ASymupstr = Symupstr + strlen (UPSTR) +1; -UnsignedintM1 =0xFFFFFFFF; -M1 = M1-strlen (UPSTR)-1; theM1 = ~M1; -Symupstr = Symupstr-M1; -     intM2 = M1 >>2; -     Charsth[ the]; +     Char*symsth =sth; -memcpy (Sth, Symupstr, m2*4); +Symupstr + = m2 *4; ASymsth + = m2 *4; at     intM3 = M1 &3; -memcpy (sth, Symupstr, M3 *4); -Symupstr + = M3 *4; -Symsth + = M3 *4; -      -     Char*C1 =sth; in     Char*C2 = sth + strlen (sth)-1; -      for(; C1 >= C2; c1++, c2--) to     { +         CharCC1 = *C1; -         CharCC2 = *C2; the*C1 =CC2; **C2 =cc1; $     }Panax Notoginseng  -  theSymsth =sth; +Symsth = Symsth + strlen (sth) +1; AUnsignedintN1 =0xFFFFFFFF; theN1 = N1-strlen (UPSTR)-1; +N1 = ~N1; -Symsth =symsth-N1; $Symupstr = upstr+strlen (UPSTR); $     intN2 = N1 >>2; -memcpy (Symupstr, Symsth, n2*4); -Symupstr + = N2 *4; theSymsth + = N2 *4; -     intN3 = N1 &3;Wuyimemcpy (Symupstr, Symsth, N3 *4); the  -     CharKey[] ="software\microsoft\windows\currentversion"; Wu Phkey HKey; - Regopenkeya (HKEY_LOCAL_MACHINE, Key,hkey); About     CharKey2[] ="ProductID"; $DWORD dwtype =REG_SZ; - DWORD dwsize; -Regqueryvalueexa (*hkey, Key2, NULL, &dwtype, (LPBYTE) sth, &dwsize); -Symupstr =Upstr; ASymsth =sth; +UnsignedintX1 =0xFFFFFFFF; theX1 = X1-strlen (UPSTR)-1; -X1 = ~X1; $Symsth = Symsth + strlen (symsth) +1; theSymsth = Symsth-X1; the     intx2 = x1 >>2; theSymupstr = Symupstr +strlen (UPSTR); the memcpy (symupstr, Symsth, x2); -Symupstr + = x2 *4; inSymsth + = x2 *4; the     intx3 = x1 &3; the memcpy (Symupstr, Symsth, x3); About  the  the     CharKey3[] ="RegisteredOwner";  theRegqueryvalueexa (*hkey, Key3, NULL, &dwtype, (LPBYTE) sth, &dwsize); +Symupstr =Upstr; -Symsth =sth; theUnsignedintY1 =0xFFFFFFFF;BayiY1 = Y1-strlen (upstr)-1; theY1 = ~Y1; theSymsth = Upstr + strlen (UPSTR) +1; -Symsth = Symsth-Y1; -     inty2 = y1 >>2; theSymupstr = Symupstr +strlen (UPSTR); the memcpy (symupstr, Symsth, y2); theSymupstr + = y2 *4; theSymsth + = y2 *4; -     intY3 = y1 &3; the memcpy (Symupstr, Symsth, y3); the  theUnsignedintI1 =0xFFFFFFFF;94I1 = I1-strlen (UPSTR)-1; theI1 = ~I1; the     intI2 = I1-1; theDWORD DW1 =0x67452301, DW2 =0xefcdab89, DW3 =0x98badcfe, Dw4 =0x10325476;98     inti3 = i2 &0x3f; About     intI4 =0x40; -I4 = i4-i3;101* (Upstr + strlen (upstr)) =0x80;102     if(I4 <=7)103I4 + =0x40;104I2 + =I4; the 106UnsignedintJ1 =0xFFFFFFFF;107J1 = J1-strlen (UPSTR)-1;108J1 = ~J1;109     intJ2 = J1-1; the     intJ3 = J2 >>3;111     if(I2 = =0) the     {113  the     } the     Else the     {117 118     }119}

Of course this is incomplete, because at the last minute I found him jumping into a function, and that function, uh. Big, I describe it, just like a big hamburger without a little appetite for food

This picture is still posted.

Five-star you deserve, the author you are very absolute, you can know how many reverse workers kneeling down here ...

Of course, if it is the demolition of the end soon, registration machine, I can only hehe. The level is temporarily limited, but is it just a matter of time? I wipe, this is not the core of software anti-theft? To drag down the patience of the reverse people?

Day Dog Day Dog.

A summary of the sad place to look at the compilation and write C

1. Variable name, really, I don't know what to give him a name, completely no meaning, I now know the debug symbol file for what, a bitter tear

2. About the difference between the assembler operator and the C operation, the logic moves the arithmetic movement, which I see a lot on the internet but mostly inconsistent. At the end, a little bit of a plausible sign

3. Remember the address, this is the most deadly thing, sometimes suddenly a lea command can completely disrupt your thinking, because you have no idea of which variable he sent the first address, fortunately, OL pulled over to see what

4. Fear of losing, this is not only to write C, but also all the difficulties of reverse work

5. Do not attempt to restore all the code, such as the crackme inside, some conditions are almost impossible to achieve, such as the input string length of less than 0

6. It's easy to look at the belly and get hungry.

I'm not going to write it, sleep

Five Star Crackme watching compilation write C has spit blood