Ziggy KeyGenMe #1 Tutorial with Python Script
231Support us on Patreon: http://bit.ly/38mnveC
Learn how to reverse engineer a key generation algorithm in Ziggy's KeyGenMe #1. A KeyGenMe is a program that is intentionally made for learning reverse engineering legally. We are not doing anything illegal in this video. KeyGenMes and CrackMes are common learning tools for ethical hackers. Even antivirus companies create CrackMes for ethical reasons, see this Malwarebytes article:
https://blog.malwarebytes.com/malwarebytes-news/2017/11/how-to-solve-the-malwarebytes-crackme-a-step-by-step-tutorial/
In this keygenme tutorial we will reverse engineer a key generation algorithm and crack Ziggy's KeyGenMe #1. The core steps for reverse engineering this KeyGenMe are file reconnaissance, finding the ValidateKey function with static analysis, analyzing the ValidateKey function with dynamic analysis, replicating the ValidateKey routines in Python, and creating the KeyGen. At the end of this video, you will have written a simple 16 line keygen in python. This hacking guide requires Python3 as well as basic debugging skills. While we use PEiD and depends.exe, the main lesson in this simple KeyGen tutorial is reverse engineering key generation to make your own keygen in Python.
We use PEiD (PEiD detects most common packers, cryptors and compilers for PE files. It can currently detect more than 600 different signatures in PE files) to detect packers and compilers. We see this is compiled with MASM at the machine level and will not have compiler generated code. We use depends.exe to find the functions this Keygenme imports and, not finding much, move into static analysis with Ida.
IDA Pro is a disassembler used to translate machine code into a human readable format called assembly language. The latest full version of IDA Pro is commercial, while an earlier and less capable version is available for download free of charge. Software such as Ghidra may also be used for static analysis. Other disassemblers, such as Ollydbg or x64dbg, are better suited for dynamic analysis which is performed in parallel to analyze live behavior with breakpoints.
With Ziggy's KeyGenMe open in IDA, we reverse engineer the decision tree and find the ValidateKey function. We step through the running application (dynamic analysis) with x64dbg to better understand execution flow. We reverse engineer assembly and step through and debug assembly functions to better understand the program. We replicate the assembly functions in a python script to produce a working KeyGen.
Discussion & Download : https://guidedhacking.com/threads/how-to-make-a-keygen-ziggys-keygenme-tutorial.15929/post-99263
Donate on our Forum : http://bit.ly/2HkOco9
Support us on Patreon : http://bit.ly/38mnveC
Follow us on Facebook : http://bit.ly/2vvHfhk
Follow us on Twitter : http://bit.ly/3bC7J1i
Follow us on Twitch : http://bit.ly/39ywOZ2
Follow us on Reddit : http://bit.ly/3bvOB57
Follow us on GitHub : http://bit.ly/2HoNXIS
Follow us on Instagram : http://bit.ly/2SoDOlu
#KeyGen #ReverseEngineering #EthicalHacking