Reverse Engineering

This is a old keygenme but is a good learning curve.  Coded by KiTo Keygen Download Zippyshare Tools:: x32dbg.exe We see there is a user and serial this time. If we click Check without entering nothing we get this message: This time we can use a different approach by finding this string to do this while the program is running and we at the entry point:  press this to fetch the strings. We can now see the address for the messages. From the entrypoint 0x00401000 press G and the graph will show you the flow of the program. Moving in the graph you can see where the jump is when we don't enter anything. We could just patch this to go to good boy message but that's super easy. Just before this message it compares input is 3 if it's greater we don't get this message, so working with a 4 or more username length we can move to the main part. After all this will decide if we get Good Boy message or Bad Boy message. Lets look at this function : T

Get Matrice from  crackmes.one Matrice.   Note i have already uploaded my solution so if you don’t want to follow along you don’t need to. From here on you will need a basic understanding in assembly. First Run. When you first run the program this is what you see. Click yes or no and get message saying Bye! or Not that way. Debugging Time… Well that tells us nothing, no where to enter a password or anything, lets open it with x32dbg [ x64dbg.com ] This debugger is free to use so i have chosen to use this and not IDA Pro tho i will be using this in other projects. Sorry for the image being small you should be at the Entry Point 0x00401000 . Here straight away you can see call <matrice.IsDebuggerPresent>   Now we can either patch this with nop’s or change the Zero Flag to 0x1 . we will patch this with nop’s. Double Click    00401007 | 75 7C | jne matrice.401085 | Now type in nop make sure Fill with NOP’s is ticked to keep the same size.  Now the jn