Comments on: Tutorial #7: More Crackmes http://thelegendofrandom.com/blog/archives/223 Programming and Reverse Engineering Wed, 18 Sep 2013 02:04:37 +0000 hourly 1 http://wordpress.org/?v=3.5.1 By: Pascal http://thelegendofrandom.com/blog/archives/223#comment-75169 Pascal Mon, 01 Jul 2013 17:39:18 +0000 http://thelegendofrandom.com/blog/?p=223#comment-75169 I get 21/47 on virustotal.com for canyou.dll . I guess it’s safe anyways because you wouldn’t post a virus (wouldn’t you?)?

]]>
By: damian http://thelegendofrandom.com/blog/archives/223#comment-43725 damian Fri, 26 Apr 2013 22:34:48 +0000 http://thelegendofrandom.com/blog/?p=223#comment-43725 Hi i have a problem when i write the nop command , so when i click f9 to run program come some error at the program is broken can you help me why it coming out somthing to me

]]>
By: lex http://thelegendofrandom.com/blog/archives/223#comment-14772 lex Wed, 30 Jan 2013 01:31:50 +0000 http://thelegendofrandom.com/blog/?p=223#comment-14772 I spent a great deal of time skimming through reverse engineering tuts and i have to say hands down these are the most detailed and easy to follow series i ever read, i actually prefer your tuts over any videos i found,Let me ask you this.. do you believe you can crack any software ? can you say that with the educational information you provide focused and determined readers will posses the power to conquer any software ?

]]>
By: gadour http://thelegendofrandom.com/blog/archives/223#comment-10272 gadour Sun, 16 Dec 2012 13:47:36 +0000 http://thelegendofrandom.com/blog/?p=223#comment-10272 First of all thank you very much for this site really great, I wonder with all the politeness is how you can find the serial number for crackme8 because I can not find this series because it is composed of a series intelligent and thank you in advance

]]>
By: gadour http://thelegendofrandom.com/blog/archives/223#comment-10058 gadour Fri, 14 Dec 2012 15:36:13 +0000 http://thelegendofrandom.com/blog/?p=223#comment-10058 First of all thank you very much for this really great website I wonder with all politeness is how you can find the serial for crackme8 because I can not find a serial because it consists of an intelligent and thank you in advance

]]>
By: maxluvr1981 http://thelegendofrandom.com/blog/archives/223#comment-9616 maxluvr1981 Tue, 11 Dec 2012 09:48:18 +0000 http://thelegendofrandom.com/blog/?p=223#comment-9616 Thank you.

]]>
By: kdma http://thelegendofrandom.com/blog/archives/223#comment-4151 kdma Fri, 14 Sep 2012 22:37:52 +0000 http://thelegendofrandom.com/blog/?p=223#comment-4151 I dont understand the serial check routine after the serial you entered goes into “keygenning” routine you arrive at one point where the real check is done:

XOR [ARG.2],1337C0DE
SUB [ARG.2],BADC0DE5
MOV EAX,[LOCAL.1]
NOT [ARG.2]
XOR EAX,[ARG.2]
NEG EAX
SBB EAX,EAX
INC EAX

I dont understand the “check” that is going on here,the C flag get set here but i am missing the whole picture,any clue?

]]>
By: doccc http://thelegendofrandom.com/blog/archives/223#comment-3876 doccc Thu, 06 Sep 2012 21:00:25 +0000 http://thelegendofrandom.com/blog/?p=223#comment-3876 Great piece of work and knowledge, big thanks for that. You write so clear and straightforward, keep going.

Unfortunately canyou.dll treated as trojan – 10 / 41 at virustotal.com

]]>
By: R4ndom http://thelegendofrandom.com/blog/archives/223#comment-2369 R4ndom Mon, 06 Aug 2012 04:13:47 +0000 http://thelegendofrandom.com/blog/?p=223#comment-2369 Because of the nature of some of the apps and crackmes in this series’ nature, false positives show up from time to time. The best way to see if it’s a false positive is to go to http://www.virustotal.com and upload the file. It will scan the file using 42 different virus scanners. If you only get 3 or four hits, you know it’s nothing. More than 7- I would stay away from.

If you downloaded the files from me, you do not need to worry about them- all of mine were scanned with VirusTotal before I even did the tutorials.

]]>
By: Electric_Sheep http://thelegendofrandom.com/blog/archives/223#comment-2366 Electric_Sheep Mon, 06 Aug 2012 02:15:17 +0000 http://thelegendofrandom.com/blog/?p=223#comment-2366 I’ve been really enjoying these tutorials. I went through 3- 7 today already, and I’ll probably do 8 and 9 as well…
One issue:
Avg detects crackme8 as the virus Win32/Heri . Is it a false positive, or is it possible that the crackme creator is malicious. Thank R4ndom!

]]>