Number of crackmes:
Number of solutions:
Comments:
Name | Author | Language | Arch | Difficulty | Quality | Platform | Date | Solution | Comments |
---|---|---|---|---|---|---|---|---|---|
Bobby | sporta778 | C/C++ | x86-64 | 2.2 | 5.0 | Windows | 10:52 AM 03/06/2024 | 1 | 16 |
Crackme | Infos |
---|---|
Fort Knox | Solution for Fort Knox crackme |
Obfuscation of C (7 kb crackme) | Solution |
VM_Madness | Solution for VM_Madness |
VMAdventures 2 | Solution for VMAdventures 2 |
Easy Password Reverse 2 | Easy Password Reverse 2 by Clyax |
pavler4VM | solution for pavler4VM |
virtual.1 (Win) | Just soultion for virtual.1 crackme. |
aname crackme | Solution for crackme aname. |
messy crackme | Solution for messy crackme by aname |
Comment | Link |
---|---|
ehh sorry i am confused, here system dll | ==> |
mov eax,dword ptr ds:[r13+50] and again r13 = gs:[60] , checking second bit. Here some specific knowledge. | | ==> |
test dword ptr ds:[r13+BC],800000 what is it? r13 = gs:[60], in article writed (pNtGlobalFlag & 0x70)(peb+0xbc) for detecting debugger. | ==> |
gs:[60] it is can be readead in articles, but what is it gs:[30] ? | ==> |
it is have some VEH , and also i have seen gs:[30] , i learned PEB , but what is this i do not know, here need some learn articles.... | ==> |
sorry begin codes of function... | ==> |
UAWAVAUA | ==> |
this is address of function ;)) | ==> |
show off on flat place...;)) | ==> |
if possible? I am already scared... | ==> |
i do not know, but definitely this crackme do not like debugger... | ==> |
and it was 3 may... do not angry to me.... | ==> |
ok. | ==> |
i send solution... | ==> |
what are you drink or smoke for come up with this algorithm of coding....;) | ==> |
do not hurry and do not worry. if really I'm not experienced in these things. I am even can not work with ida ... etc . Only debugger. I think here a lot cool peoples, but they in silence mode. | ==> |
;) | ==> |
it is no question where, just when i was young it was interested things like 0 ring, winapi , sockets... but just no place to do with it something.... it was more 20 years ago... just have free time to make these things.. | ==> |
maybe here trojan ;) if author trying to hide something... | ==> |
i am odrinary man, from the world by thread.. | ==> |
lets go..;) | ==> |
thanks | ==> |
it difficulity look like equla to 1.0 | ==> |
obfus.h_ | ==> |
see it in debugger, it enough straight forward assembler code... in crackme 11 kb more strange calls. | ==> |
it is not question in time, it is straight forward crackme... here no things to surprise... | ==> |
In my opinion, manually unpack this is receive working .exe file. Maybe i do not understand something? | ==> |
"good luck? ;)" important words for this crackme, going throught code and finding important comparing. Maybe here can be writed interest solution? Maybe... | ==> |
khmmm, i do not understand, program unpacking yourself... And why so high score of crackme? instills fear..... | ==> |
I send solution... | ==> |
your* | ==> |
This difficulity do not accroding presents. I think it difficulity 1.5. What can do you UPX-Patcher, or even just UPX packer, if program just unpacking yourself. Where obfuscation? I do not see it. I will write solution. | ==> |
if they approval approval , go next | ==> |
I send solution, i am too I'm in a hurry. Here present uniformity with VM | ==> |
ANY-K$Y $ any symbol , and you can add any string to it, i writed solution, and i send it on site... | ==> |
sorry no needed , i found it... | ==> |
Hehe... here some secret. Rbx after calling functions of core VM do not changed , but after first call of it function it loaded by zero from eax, in which saved memory0 (but memory0 loaded in first function by zero).Memory0 = qword [rcx] (rcx loaded at input of core function). | ==> |
I understand you, but if you will see at this https://crackmes.one/crackme/65f1f892cddae72ae250b57e, i interpret this crackme as microcomputer becouse it microcomputer have RAM (random access memory) and RAM2. I think it no problem call it virtual machine , but for me it is too loudly. This is just my cockroaches. | ==> |
okay if it will hard i will ask... | ==> |
no no i think i do not ask , i already process first function, and i now started learn second call this function of proccessing codes of microcomputer. i think i can find password and write disassembler. Just ANY- i found. But i think it loudly said that this devirtualizer. I call it disassembler. But maybe i do not understand some abstraction. | ==> |
It loudly said VM, i call it microcomputer. i was surprised, but codes changed after restarting application... | ==> |
goal: find password ... | ==> |
sixpek try to it https://crackmes.one/crackme/661daf77cddae72ae250c836 | ==> |
nice , i am writing solution. i was surprised some things.. | ==> |
some activation microcomputer writer's.... | ==> |
sorry , disassembler | ==> |
nice place to write debugger....)))) | ==> |
@justAuser if understand correctly, you just need use cmd.exe. console application. | ==> |
ehhhh sorry , i thinked Ghidra it is super secret algorithm, it is just disassembler... it hard to me speculative analyze code.... just debugger.... | ==> |
it cool , i found one yet article where crackme solved with this angr. it enough hard to realize it.... | ==> |