CrackMe160 study notes 008

Preface

This program requires us to write the correct KEY.

Open programs or even garbled.

Because it's too simple, let's blog.

Give you an expression of your own experience.

Analysis

00401CD0   > \55            push    ebp
00401CD1   .  8BEC          mov     ebp, esp
00401D70   >  8B4D D8       mov     ecx, dword ptr [ebp-28]
00401D73   .  51            push    ecx
00401D74   .  68 541A4000   push    00401A54                         ;  UNICODE "SynTaX 2oo1"
00401D79   .  FF15 08314000 call    dword ptr [<&MSVBVM50.__vbaStrCm>;  MSVBVM50.__vbaStrCmp
00401D7F   .  8BF8          mov     edi, eax
00401D81   .  8D4D D8       lea     ecx, dword ptr [ebp-28]
00401D84   .  F7DF          neg     edi
00401D86   .  1BFF          sbb     edi, edi
00401D88   .  47            inc     edi
00401D89   .  F7DF          neg     edi
00401D9A   .  66:3BFE       cmp     di, si
00401D9D   .  0F84 A0000000 je      00401E43
00401DA3   .  FF15 2C314000 call    dword ptr [<&MSVBVM50.#534>]     ;  MSVBVM50.rtcBeep
00401DA9   .  8B3D 48314000 mov     edi, dword ptr [<&MSVBVM50.__vba>;  MSVBVM50.__vbaVarDup
00401DAF   .  B9 04000280   mov     ecx, 80020004
00401DB4   .  894D 9C       mov     dword ptr [ebp-64], ecx
00401DB7   .  B8 0A000000   mov     eax, 0A
00401DBC   .  894D AC       mov     dword ptr [ebp-54], ecx
00401DBF   .  BB 08000000   mov     ebx, 8
00401DC4   .  8D95 74FFFFFF lea     edx, dword ptr [ebp-8C]
00401DCA   .  8D4D B4       lea     ecx, dword ptr [ebp-4C]
00401DCD   .  8945 94       mov     dword ptr [ebp-6C], eax
00401DD0   .  8945 A4       mov     dword ptr [ebp-5C], eax
00401DD3   .  C785 7CFFFFFF>mov     dword ptr [ebp-84], 00401AC4     ;  UNICODE "SuCCESFul !"
00401DDD   .  899D 74FFFFFF mov     dword ptr [ebp-8C], ebx
00401DE3   .  FFD7          call    edi                              ;  <&MSVBVM50.__vbaVarDup>
00401DE5   .  8D55 84       lea     edx, dword ptr [ebp-7C]
00401DE8   .  8D4D C4       lea     ecx, dword ptr [ebp-3C]
00401DEB   .  C745 8C 701A4>mov     dword ptr [ebp-74], 00401A70     ;  UNICODE "RiCHtiG ! ...nun weiter zu CrackMe 2 !"
00401E6D   .  C785 7CFFFFFF>mov     dword ptr [ebp-84], 00401B44     ;  UNICODE "leider NeiN !"
00401E77   .  899D 74FFFFFF mov     dword ptr [ebp-8C], ebx
00401E7D   .  FFD7          call    edi                              ;  <&MSVBVM50.__vbaVarDup>
00401E7F   .  8D55 84       lea     edx, dword ptr [ebp-7C]
00401E82   .  8D4D C4       lea     ecx, dword ptr [ebp-3C]
00401E85   .  C745 8C E01A4>mov     dword ptr [ebp-74], 00401AE0     ;  UNICODE "Leider Falsch !  Schau noch mal genau nach ..."
00401F41   .  C2 0400       retn    4

In fact, by comparing the string "SynTaX 2oo1" with the input character, the equivalent will pop out of the Successful pop-up window.

Published 29 original articles, won praise 1, visited 6669
Private letter follow

Posted by unsider on Wed, 29 Jan 2020 08:57:04 -0800

Hot Keywords

©2025 Programmer Group