A gui-based crackme written in visual studio 2017 win32 api, which creates a serial key based on user name.

Objectives:

  • Remove the starting Nag Screen
  • When the button Re-Check is clicked, a pop-up messagebox appears and you should set it to say “Thank you for registering this software”
  • Set the Status box text to: “Clean crack! Good Job!”

Link: https://crackinglessons.com/6-target-by-tdc/

Software

It was a software where it show NAG at the beginning then checks for the registration status.

00 - nag

01 - hmm

Detect It Easy (die)

Using DIE software I found the entry point.

EntryPoint = ImageBase + AddressOfEntryPoint --> 0x00401000

02 - die

x32dbg

I opened x32dbg and found the point using intermodular calls method.

03 - nag

It was executing a cmp command and according to its output it executes JE (JZ) or not.

04 - sus

So I updated it to JMP to a point where there is no NAG command.

05 - update

Then continued debugging and found the location where comparisons about recheck button is executed.

06 - recheck

Updated it too, to bypass registration.

07 - new patch

And we both bypassed NAG and registered.

08 - gg

<
Previous Post
CrackMe7
>
Next Post
CrackMe8