[CrackMe] NoREpls - Part 0

assembly
crackme
reverseengineering
windows

#1

Suhdudes. I’m back with another challenge but it will be different because this will be designed for Windows! Another thing I will be doing is a kind of “series” with these crackmes where each successive one will get incrementally more difficult. I will also supply research material (to replace hints) to help give you newbies a push into the very expansive world of Windows. Hope you’ll enjoy these and happy hacking!

Backstory

A wannabe software developer who goes by the alias edgyReggie wants to make some money through selling his newest software, titled Nothing Really Epic, Pretty Lousy Software (NoREpls for short), to fund his college fees. Unfortunately, he has couple of problems… The first is that he does not want people to pirate his software, otherwise all of his hard work and effort would be for nothing! Which leads us to the second problem… Since he’s a broke college student, he doesn’t have the cash to hire professionals to audit his protection mechanisms! Luckily for him, he has found the 0x00sec forums and kindly requests that the friendly community aid him in testing his software. Will you help poor little edgyReggie out?

Difficulty

Author Assigned Level: Newbie

Community Assigned Level:

  • Newbie
  • Wannabe
  • Hacker
  • Wizard
  • Guru

0 voters


Goal

Your goal is to achieve the “full” version of the software, i.e. removing all nags that you see.


Rules of Engagement

None.


Research Material

Potential spoilers in here!

Binary

Preview (look and design may not be accurate):

MediaFire - http://www.mediafire.com/file/h789ga3v3gxv9vr/NoREpls.exe

VirusTotal - https://www.virustotal.com/en/file/6adb6cd98c6da46ffe39ff8b5fe10634358cdc48c432369edd06f939be596bd2/analysis/1500375245/

Good luck!


Challenge Collection: Reverse Engineering and CrackMe
#2

Hi, thanks for the challenge :slightly_smiling_face:

Key : NOREPLS-U89S-N34J-3IOJ-989Y


[CrackMe] NoREpls - Part 1
(mad scientist and king skid) #3

[spoiler]

When loading the Binary into IDA or OllyDBG the potential serial is obvious right away :stuck_out_tongue:
[/spoiler]

Thanks for the challenge :slight_smile:
A fun little thing to boost confidence again and get me started to reverse stuff today :smiley: :smiley: :smiley:


#4

Thanks.

Straightforward solution using disassemblers like Ida or Hopper:

Or using strings :slight_smile:

$ strings -e l NoREpls.exe | grep NOREPLS
NOREPLS-U89S-N34J-3IOJ-989Y

#5

Was fun. Registering each time it starts was too annoying tho’ so I fixed that. Also a registered user has no use for a register button so I removed that as well.


Pretty dirty, just some string editing


#6

Nice! Extra points for persistence! :wink: Disabling the Register menu will be integrated in the next release - I just figured out how to do it, heh.


(← ∨ ↑ = ␀) #7

That was fun, thanks @dtm. Spent the most time just dicking around with what I could get it to say. Intrigued by how to do this persistently like @Leeky


(Ta Thanh Dinh) #8

Thanks for this crackme. I got the serial key using x64dbg.


#9

Thanks for this challenge @dtm. It forced me to use IDA ahah


(Hakan Oruc) #10

(dominic pace) #11

Well I maybe have done it the unintended way but it works i guess

[spoiler]just NOPed the jz

also imgur link: https://i.imgur.com/vuIwmgx.png [/spoiler]


(0x65) #12

I went the classic way:

NOREPLS-U89S-N34J-3IOJ-989Y

Thanks for the practice!


#13

[spoiler]So, I paused the program when the faulty registration messagebox popped and looked at the stack. Found a reference to return to program from MessageBoxW.

Looked at the assembly and patched the jump if zero (JZ) to jump if not zero (JNZ), effectivly making the program register a faulty serial as a legit one.


[/spoiler]


(M3r8) #14

key : NOREPLS-U89S-N34J-3IOJ-989Y

nice challenge


#15

I took the short route. Will try to patch up binary next :slight_smile:


#16

Guessing I have to turn off defender now.
Defender don’t you like hackers being all different and weird. :wink:


#17


#18