Waganono's WagaTemplate

[difficulty: 2][protection: mmx]


Hehe yet another strange crackme by this guy. This one comes with the about-box template (which has cool fractal animation worth checking out).

The serial verification makes use of just 5 mmx/sse/simd/whatever instructions (I always ignore these strange things!) After some time on google, it is very easy to solve.

What is NOT so easy is getting the floating point crap right. The easiest path is to use your debugger to write the values into the xmmX register and then read the register as raw bytes, but not so fast. WinDBG is shown to have MANY bugs when it comes to this.

First of all, the register command and register window will show two different values:

3.60134e-043  7.9881e-041 6.16406e-039 1.71607e-038 <-- from "r xmm1"

3.601337e-043: 7.988102e-041: 6.164064e-039: 1.716068e-038 <-- from register window

And evidently, it's not just a rounding issue. Second, if you double click in the register window on this xmm1 value, when you click away, the first float will be set to 0! This is the same for any xmmX register. If you do it to the same register twice in a row, all the floats will be set to 0! WTF? Third, the input into the xmmX register "r xmm0= " truncates the precision also. You can list all registers and WinDBG will show them identical (register window or r command), but then the "r xmm0:ub" will show small difference, as will "cmpps" from crackme. Ultimately I had to give up and use the compiler to generate code to do the work for me. See in \crackmes_solutions. Maybe I have something wrong here. Storing real numbers inside discrete registers is just outright confusing. It's been on my to-do list for years to read "What Every Computer Scientist Should Know About Floating-Pointe Arithmetic". Maybe some other day! :)