Today I was checking a new crackme at crackmes.de; it’s written by Guetta and you can find it here: www.crackmes.de/users/guetta/r_keygenme/
The crackme is pretty easy but it has an anti-Ollydbg that I have never seen before. It’s really original I would say. Look at the picture below and see with your eyes:
As you can see it’s hard to debug a program when you can’t see the source code! Let’s see how can you obtain the effect:
0040113A push 111h ; Point.y
0040113F push 14Eh ; Point.x
00401144 call WindowFromPoint ; Get the handle to the window that contains the point. The point is inside Ollydbg, exactly inside the code window
...
004011A8 push 90000h ; dwFlags: AW_BLEND + AW_HIDE
004011AD push 700h ; dwTime
004011B2 push eax ; hWnd returned by WindowFromPoint
004011B3 call AnimateWindow ; Enable the effects on the code window *hiding* the source code
The code doesn’t need additional explanation. Easy but original, very funny!
My infected computer
LOL! Still works but buggy. I love it!