SUB EBX, EDX
IMUL EBX, EDX
MOV ESI, EBX
SUB EBX, EAX
ADD EBX, 0x4353543
ADD ESI, EBX
XOR ESI, EDX
MOV EAX, 4
mov edx, 0x65
DEC ECX
JNZ LoopStart
mov eax, ESI
}
}Listing 11.3 (continued)
I inserted this function into a tiny console mode application I created that
takes the username as an input and shows ComputeSerial’s return value in
decimal. All it does is call ComputeSerialand display its return value in
decimal. Here’s the entry point for my keygen program.
int _tmain(int argc, _TCHAR* argv[])
{
printf (“Welcome to the KeygenMe-3 keygen!\n”);
printf (“User name is: %s\n”, argv[1]);
printf (“Serial number is: %u\n”, ComputeSerial(argv[1]));
return 0;
}It would appear that typing any name into the top text box (this should be the
same name passed to ComputeSerial) and then typing ComputeSerial’s
return value into the second text box in KeygenMe-3 should satisfy the pro-
gram. Let’s try that out. You can pass “John Doe” as a parameter for our
keygen, and record the generated serial number. Figure 11.9 shows the output
screen from our keygen.
Figure 11.9 The KeygenMe-3 KeyGen in action.
Breaking Protections 369