If you have any questions, ASK HERE!
@ NightQuest: Explain about creating a unique key to our HTS userID.
App 17!
Forum rules
DO NOT POST ANSWERS OR SPOILERS! [IE: Mission Links, Mission File Names/Pages, Scripts/Code, etc.]
Posting these will result in warnings/bans!
DO NOT POST ANSWERS OR SPOILERS! [IE: Mission Links, Mission File Names/Pages, Scripts/Code, etc.]
Posting these will result in warnings/bans!
36 posts • Page 1 of 4 • 1, 2, 3, 4
App 17!
by Monica on Sat Feb 28, 2009 5:47 pm
([msg=18918]see App 17![/msg])
That's right - we have a new App mission, thanks to NightQuest!
If you have any questions, ASK HERE!
@ NightQuest: Explain about creating a unique key to our HTS userID.
If you have any questions, ASK HERE!
@ NightQuest: Explain about creating a unique key to our HTS userID.
hi am new so plz dont troll me or i report 2 the HTS mods ty
-
Monica - Contributor
- Posts: 890
- Joined: Thu Oct 02, 2008 12:29 am
- Location: In The Shadows
- Blog: View Blog (0)
Re: App 17!
by NightQuest on Sat Feb 28, 2009 7:06 pm
([msg=18925]see Re: App 17![/msg])
Alright, basically .. this challenge will HOPEFULLY be an introduction to a series of applications about serial numbers, and keygenning.
The idea is like almost any cryptography algorithm - in a way, for every string of text that can possibly exist, a key for that string also exists (no, they're not stored). they should all unique to each other as-well, though, as with MD5, there may be doubles.
So, say you have a user name of .. oh, 'NightQuest'
Well, the key for this name, would be completely different then the key for 'Monica'.
What the program does, is it creates a key for your user name, and compares it to the one you enter - Simple enough, right?
Well your goal is to access that key somehow, which has been made very difficult with this particular application.
So, without going to great lengths to get that key, the next solution to nearly any decent reverser would be: to create a keygen.
For those unaware, a keygen is a program that's .. 'calibrated' towards a certain algorithm that a program uses.
The user inputs their user name (or sometimes it's based on their hardware ID - or something else completely) and the program will output a key for the users input.
The user can then use the key generated to register the piece of software, or in this case complete the mission.
The idea behind this is that you'll begin to understand how to create a keygen for the program - Something that anyone in this scene should be VERY aware of.
Hope that helps, and good luck!
The idea is like almost any cryptography algorithm - in a way, for every string of text that can possibly exist, a key for that string also exists (no, they're not stored). they should all unique to each other as-well, though, as with MD5, there may be doubles.
So, say you have a user name of .. oh, 'NightQuest'
Well, the key for this name, would be completely different then the key for 'Monica'.
What the program does, is it creates a key for your user name, and compares it to the one you enter - Simple enough, right?
Well your goal is to access that key somehow, which has been made very difficult with this particular application.
So, without going to great lengths to get that key, the next solution to nearly any decent reverser would be: to create a keygen.
For those unaware, a keygen is a program that's .. 'calibrated' towards a certain algorithm that a program uses.
The user inputs their user name (or sometimes it's based on their hardware ID - or something else completely) and the program will output a key for the users input.
The user can then use the key generated to register the piece of software, or in this case complete the mission.
The idea behind this is that you'll begin to understand how to create a keygen for the program - Something that anyone in this scene should be VERY aware of.
Hope that helps, and good luck!
-
NightQuest - Developer
- Posts: 46
- Joined: Sun Feb 22, 2009 6:03 am
- Blog: View Blog (0)
Re: App 17!
by Monica on Sat Feb 28, 2009 7:16 pm
([msg=18926]see Re: App 17![/msg])
Well said. Thank you, NightQuest! <3
hi am new so plz dont troll me or i report 2 the HTS mods ty
-
Monica - Contributor
- Posts: 890
- Joined: Thu Oct 02, 2008 12:29 am
- Location: In The Shadows
- Blog: View Blog (0)
Re: App 17!
by godofcereal on Sat Feb 28, 2009 7:19 pm
([msg=18927]see Re: App 17![/msg])
From what NightQuest said it sounds like a fun challenge. Looking forward to trying it.
Im off, last year of school and all, I had something longer but char limit fucked that up. So yeah, had a good run here. Thanks for the memories. Thanks to the staff and users.
Best regards, your posting whore,
godofcereal
p.s. Defience, you the man ;)
Best regards, your posting whore,
godofcereal
p.s. Defience, you the man ;)
-
godofcereal - Addict
- Posts: 1078
- Joined: Wed Aug 20, 2008 6:11 pm
- Location: ireland
- Blog: View Blog (0)
Re: App 17!
by reddie on Mon Mar 02, 2009 3:05 pm
([msg=19060]see Re: App 17![/msg])
is it possible that there is a small bug in it somehow?
I managed to find out my password, and wrote a keygen for it (not really perfect tho, but will do the job)
When i try to input the password on the site it says invalid password, but the program congratulated me and told to enter the password on the site.
perhaps a bug with short nicknames?
I managed to find out my password, and wrote a keygen for it (not really perfect tho, but will do the job)
When i try to input the password on the site it says invalid password, but the program congratulated me and told to enter the password on the site.
perhaps a bug with short nicknames?
- reddie
- New User
- Posts: 4
- Joined: Sat Feb 28, 2009 1:06 pm
- Blog: View Blog (0)
Re: App 17!
by NightQuest on Mon Mar 02, 2009 6:28 pm
([msg=19085]see Re: App 17![/msg])
There is a bug, sorry about that.
The length of the password is NOT static.
This has since then been fixed (Though, it's not live yet), and it'll tell you the pass is wrong if the length isn't correct.
Just take off all the padding (the key never ends with a dash, and by padding, I mean say ... 0's) at the end of the key you've made, and it should work.
The length of the password is NOT static.
This has since then been fixed (Though, it's not live yet), and it'll tell you the pass is wrong if the length isn't correct.
Just take off all the padding (the key never ends with a dash, and by padding, I mean say ... 0's) at the end of the key you've made, and it should work.
-
NightQuest - Developer
- Posts: 46
- Joined: Sun Feb 22, 2009 6:03 am
- Blog: View Blog (0)
Re: App 17!
by TheMindRapist on Mon Mar 02, 2009 7:46 pm
([msg=19099]see Re: App 17![/msg])
This was an excellent mission, thanks NightQuest.
-
TheMindRapist - Contributor
- Posts: 589
- Joined: Mon Apr 14, 2008 4:57 pm
- Blog: View Blog (0)
Re: App 17!
by reddie on Tue Mar 03, 2009 10:32 am
([msg=19150]see Re: App 17![/msg])
NightQuest wrote:There is a bug, sorry about that.
The length of the password is NOT static.
This has since then been fixed (Though, it's not live yet), and it'll tell you the pass is wrong if the length isn't correct.
Just take off all the padding (the key never ends with a dash, and by padding, I mean say ... 0's) at the end of the key you've made, and it should work.
just tried it and it worked, thanks.
it is a great mission idd, hope some alike will follow
- reddie
- New User
- Posts: 4
- Joined: Sat Feb 28, 2009 1:06 pm
- Blog: View Blog (0)
Re: App 17!
by Devoney on Fri Mar 13, 2009 1:27 pm
([msg=19906]see Re: App 17![/msg])
So my username is 'Devoney' so I will HAVE to put in that username to find the correct password right?
I have come to this piece of code:
Or can the password differ from format? The program gives the example format of "HTS-1234-5678-9012-3456". Do I need to attain this format? Because then my username is too short....
Thanks!
I have come to this piece of code:
- Code: Select all
004011A5 |> 56 PUSH ESI ; Push address of username on stack
004011A6 |. E8 75150000 CALL app17win.00402720
004011AB |. 8BF8 MOV EDI,EAX ; EAX returns to be 7
004011AD |. 8D45 B0 LEA EAX,DWORD PTR SS:[EBP-50]
004011B0 |. 50 PUSH EAX ; PUSH address of processed password on stack
004011B1 |. 03FF ADD EDI,EDI ; Add length of username to length of username
004011B3 |. E8 68150000 CALL app17win.00402720
004011B8 |. 59 POP ECX
004011B9 |. 59 POP ECX
004011BA |. 3BF8 CMP EDI,EAX ; Compare length of username to 10
004011BC |. 0F85 F0000000 JNZ app17win.004012B2 ; Jumps out of procedure
Or can the password differ from format? The program gives the example format of "HTS-1234-5678-9012-3456". Do I need to attain this format? Because then my username is too short....
Thanks!
- Devoney
- New User
- Posts: 10
- Joined: Sun Feb 15, 2009 6:34 pm
- Blog: View Blog (0)
Re: App 17!
by NightQuest on Fri Mar 13, 2009 2:26 pm
([msg=19910]see Re: App 17![/msg])
YupDevoney wrote:So my username is 'Devoney' so I will HAVE to put in that username to find the correct password right?
The format stays the same, but the length of the password (as I stated above) is not static, meaning the length of the password can change, depending on the length of your username.Devoney wrote:Or can the password differ from format?
-
NightQuest - Developer
- Posts: 46
- Joined: Sun Feb 22, 2009 6:03 am
- Blog: View Blog (0)
36 posts • Page 1 of 4 • 1, 2, 3, 4
Who is online
Users browsing this forum: No registered users and 0 guests