第三个C++无壳CrackMe
本帖最后由 hxr1023 于 2024-9-3 20:52 编辑今天把算法改良了一下,不再那么若不禁风了{:301_1007:}
顺带改良了一下检测
大家加油! 你这是… 改良到每次启动随机化了?
不借助第三方工具没法得到它的值:
rand_device = std::_Random_device(); // 随机化是几个意思???
v14 = -1;
i = 1;
v13 = rand_device;
do
{
rand_device = i + 1812433253 * (rand_device ^ (rand_device >> 30));
v13[++i] = rand_device;
}
while ( i < 0x270 );
v13 = 624;
v8 = 801i64 * sub_401920((unsigned int *)v13);
if ( (unsigned int)v8 <= 0x1E9 )
{
do
v8 = 801i64 * sub_401920((unsigned int *)v13);
while ( (unsigned int)v8 < 0x1EA );
}
g_seed = (HIDWORD(v8) - 0x7FFFFF38) ^ 0x80000000;
固定一下 seed 为 0x233,然后补丁原始程序,让它自己报告密文:
<$crackme3.42aa>
mov eax, 0x233
<$crackme3.2f57>
cmp byte, 0
je $crackme3.2f77
call @__msgbox
jmp $crackme3.2f77
@__msgbox:
push ebp
mov ebp, esp
push esi
push edi
push 0
push eax
push eax
push 0
jmp $crackme3.2289
<$crackme3.2296>
nop
nop
nop
nop
nop
自动报告的密钥是 152272252492492402110510510510510710010710210010199。
https://imgsrc.baidu.com/forum/pic/item/91529822720e0cf341121fd94c46f21fbe09aa2f.gif
还有个调试器检测,对 scyllahide 没啥用,值恒定等于 0x7ff。
页:
[1]