App 17!

[Devoney]

I have solved the application. I traced the whole procedure, quiete a big one, in the end I found one spot which made a comparisement. I determined the input of my password by trial and error looking at the comparisement. After 7 tries I determined the password.

Maybe not the way to go, but I solved it .

I am wondering what the real algo is behind it all... If I could only take a glance at the source code...

[NightQuest]

I have solved the application. I traced the whole procedure, quite a big one, in the end I found one spot which made a comparisement. I determined the input of my password by trial and error looking at the comparisement. After 7 tries I determined the password.

Maybe not the way to go, but I solved it .

I am wondering what the real algo is behind it all... If I could only take a glance at the source code...

that's how many people seem to be solving it ^^
and as for the algorithm, you should be able to read the asm!

[reddie]

I have solved the application. I traced the whole procedure, quiete a big one, in the end I found one spot which made a comparisement. I determined the input of my password by trial and error looking at the comparisement. After 7 tries I determined the password.

Maybe not the way to go, but I solved it .

I am wondering what the real algo is behind it all... If I could only take a glance at the source code...

I also managed to get the password by watching the compare, but retrieved the algo afterwards to make a keygen
The algo is in fact quite easy, just watch the memory closely, and you will find out, you'll be suprised how easy it is.

I think someone with a bit extended knowledge of asm can make the program itself easily into the keygen.

[acskurucz]

that's how many people seem to be solving it ^^
and as for the algorithm, you should be able to read the asm!

But if you realize something about the syntax, you can do this mission by using an other method. without the asm.

[ccb31789]

Great mission!

-- Sun May 17, 2009 7:03 pm --

So for a little bit of an extra challenge, I re-wrote the program in C, matching your program as closely as I could. If anyone wants a binary for os x, I can send you one. NightQuest, if you could look at my code and tell me how close I actually am to the original, that'd be cool . . .

[Xerxes500]

Thanks NightQuest! This was a really fun challenge that opened me up to the basics of keygenning. It would sure be cool if HTS members collaborated and worked on some more difficult programs...

[unterbuchse]

I try to use Olly on this, but i cant get anything. I mean it seems that Olly isn't even working with the exe. Do I need a lower Ring Debugger like Soft Ice?. Or are there some tricks with Olly that i dont know.

[st5486]

Hello,

There appears to be a bug with the app, or my username...

I've tried this app using the username "userna" and am able to find a key that works, I have verified this by creating the user, logging in and entering the key into the password box for this level.

But my actual username "st5486" does not allow me to extract the key properly. I used the same method as in the above posts and for my "userna" user but the value in ESI in the check towards the end becomes negative, I think this is due to the difference in ascii values between "t" and "5" - The computation on the username messes up slightly.

Any advice on what to do, short of picking another username?

[smutley]

Hello,

I have a password that works with the application (i get the Congrats message), but when I enter it into the webpage, it is rejected.

Is there still a problem with the challenge?

cheers
smutley

[TiMShots]

I'm also having a similar issue as the above post. My password is 23 chars in length and the password field on this website only allows 18 chars.

Seems my password is too long?