Upload: 5:33 AM 03/09/2019
No nopping… Get the password :)
Yuri on 11:44 PM 03/11/2019: DO NOT READ IF YOU DO NOT WANT SPOILERS!
I may have figured it out, there seems to be a lot of functionality that is not really used. Maybe filler code to throw us off?
Seems the password is a fixed value added by 1, however, it is put into the heap at a random location within the get_pwd().
If my understanding is correct I will try to write a solution and explain within it.
kuroguro on 10:02 AM 03/12/2019: @Yuri - yep, came to the same conclusion
LinuxH11 on 5:42 PM 03/12/2019: Type w then enter
_Dante_ on 2:01 PM 03/15/2019: SPOILER ALERT:
The password is w0nit4, but like said in the comment above even if you type w and enter it will work anyway, it might a mistake
_Dante_ on 2:02 PM 03/15/2019: *w0n1t4
rmfla on 6:13 PM 03/19/2019: w
Flyour on 2:38 AM 04/29/2019: w
coyote_0x90 on 6:41 AM 05/22/2019: w works for a password. It looks like it only checks the first char:
.text:004015E5 movzx eax, byte ptr [eax]
.text:004015E8 cmp dl, al
.text:004015EA jz short loc_4015F3
But if you step through the get_pwd function, you can see it generate all the chars in "w0n1t4"
Cr4ckC0ca1n3 on 3:48 PM 01/05/2020: I am an absolute noob. The zip file asking for password,but is this the challenge or is the passwords told somewhere?
Cr4ckC0ca1n3 on 3:49 PM 01/05/2020: Never mind.
santyk on 10:44 AM 04/28/2020: Sorry but not getting real intention behind writing so much code for getting pass since all it does is to check string starting with "w". I think the code require some small fix. Thanks for the crackme though.
enkeyz on 3:57 PM 05/06/2020: Yeah, I don't know if this was a mistake by him, but it only compares the first character you entered with a 'w'.
You must me logged to submit a solution
Solution by kuroguro:Testing out ghidra's decompiler :3
Solution by Luke:
Solution by LinuxH11:Solution
Solution by _Dante_:Crackme Solution. I used GHIDRA and x32dbg.
Share how awesome the crack me was or where you struggle to finish it ! (Stay polite)