http://reversing.kr/download.php?n=7
Purpose: Input the correct Name in textbox when the Serial is 76876-77776
File name: Position.exe
File type: Portable Executable 32
File info: Microsoft Visual C++ 8
Using IDA to decompile this file. In String Window view, we can’t find string “Wrong” or “Correct”. So, we find functions which call SetWindowTextW API from Import view (select API and Ctr+x). There are 2 function call SetWindowText API: sub_10C1CD0() and sub_10C15E0()
We found “Correct” string in function sub_10C1CD0(). Easy to know that function sub_10C1740() is confirm function
Go to sub_10C1740(), the first code is check length of name and serial
Then, it calculate some temp variables from Name and compare some sums with Serial.
We can easily see in my Python code
Using burp force method in my keygen code to find out name
With the result, we can try some name have meaning and end with ‘p’
Flag: bump
Blog ATTT 