Comments on: Tutorial #7: More Crackmes

By: Pascal

Pascal — Mon, 01 Jul 2013 17:39:18 +0000

I get 21/47 on virustotal.com for canyou.dll . I guess it’s safe anyways because you wouldn’t post a virus (wouldn’t you?)?

By: damian

damian — Fri, 26 Apr 2013 22:34:48 +0000

Hi i have a problem when i write the nop command , so when i click f9 to run program come some error at the program is broken can you help me why it coming out somthing to me

By: lex

lex — Wed, 30 Jan 2013 01:31:50 +0000

I spent a great deal of time skimming through reverse engineering tuts and i have to say hands down these are the most detailed and easy to follow series i ever read, i actually prefer your tuts over any videos i found,Let me ask you this.. do you believe you can crack any software ? can you say that with the educational information you provide focused and determined readers will posses the power to conquer any software ?

By: gadour

gadour — Sun, 16 Dec 2012 13:47:36 +0000

First of all thank you very much for this site really great, I wonder with all the politeness is how you can find the serial number for crackme8 because I can not find this series because it is composed of a series intelligent and thank you in advance

By: gadour

gadour — Fri, 14 Dec 2012 15:36:13 +0000

First of all thank you very much for this really great website I wonder with all politeness is how you can find the serial for crackme8 because I can not find a serial because it consists of an intelligent and thank you in advance

By: maxluvr1981

maxluvr1981 — Tue, 11 Dec 2012 09:48:18 +0000

Thank you.

By: kdma

kdma — Fri, 14 Sep 2012 22:37:52 +0000

I dont understand the serial check routine after the serial you entered goes into “keygenning” routine you arrive at one point where the real check is done:

XOR [ARG.2],1337C0DE
SUB [ARG.2],BADC0DE5
MOV EAX,[LOCAL.1]
NOT [ARG.2]
XOR EAX,[ARG.2]
NEG EAX
SBB EAX,EAX
INC EAX

I dont understand the “check” that is going on here,the C flag get set here but i am missing the whole picture,any clue?

By: doccc

doccc — Thu, 06 Sep 2012 21:00:25 +0000

Great piece of work and knowledge, big thanks for that. You write so clear and straightforward, keep going.

Unfortunately canyou.dll treated as trojan – 10 / 41 at virustotal.com

By: R4ndom

R4ndom — Mon, 06 Aug 2012 04:13:47 +0000

Because of the nature of some of the apps and crackmes in this series’ nature, false positives show up from time to time. The best way to see if it’s a false positive is to go to http://www.virustotal.com and upload the file. It will scan the file using 42 different virus scanners. If you only get 3 or four hits, you know it’s nothing. More than 7- I would stay away from.

If you downloaded the files from me, you do not need to worry about them- all of mine were scanned with VirusTotal before I even did the tutorials.

By: Electric_Sheep

Electric_Sheep — Mon, 06 Aug 2012 02:15:17 +0000

I’ve been really enjoying these tutorials. I went through 3- 7 today already, and I’ll probably do 8 and 9 as well…
One issue:
Avg detects crackme8 as the virus Win32/Heri . Is it a false positive, or is it possible that the crackme creator is malicious. Thank R4ndom!