D4RKFL0W's crackme2-be-D4RK_FL0W



10:40 PM 03/22/2019


Unix/linux etc.


A second simple crackme(Aimed at beginners). Any feedback welcome.

darkcrow on 3:54 PM 03/27/2019: An awesome crackme and a easy one. The key was a bit harder to find, but when its location is discovered, the crackme is cracked. Congratulations for your crackme :)

MrCobalt on 4:33 PM 03/28/2019: This one was fun and challenging for me and I learned a lot too! Thanks for making it, and I hope you make more!

Buh13246 on 3:35 AM 04/04/2019: i'm not able to crack it :( ... But i think you have an invalid memory read in function check_password 'if (pass_in[(long)i] != pass[(long)i])'. pass is a array of 16 chars, so pass[0] and pass[15] are legal. if (0xf

Buh13246 on 3:37 AM 04/04/2019: if (0xf

Buh13246 on 3:40 AM 04/04/2019: (i hope it wont be cutted this time...) if (0xf < i) { //16 is not less than 16 return 1; } // so pass[16] will be accessed but is invalid

Buh13246 on 3:46 AM 04/04/2019: I'm so dump..... sry for everything 0xf == 15 ... it's just to late... its 5:46AM on my country.

pukar_giri on 6:42 PM 04/16/2019: D4RKFL0W i really wonder how did you code that xxx function of yours i see it uses the repnz scasb technique to find the length of the string but i don't find any c++ equivalent that could compile down to it can you clarify.. providing source code would be nice

pukar_giri on 7:04 PM 04/16/2019: just to clarify the problem was easy and i have solved it, i am just trying to learn assembly by recreating source by looking at the assembly which is why i am asking for the source

D4RKFL0W on 8:33 PM 04/17/2019: I can post the source on pastebin or something but not here as think it's a bit to tempting for others to check. But as for not finding an direct c syntax/functions that are assured to compile to a specific instruction. Read a little about the inside logic/steps that a compiler takes.

D4RKFL0W on 8:43 PM 04/17/2019: Don't worry i've just checked the source, its an inline function that just calls strcat multiple times at different pointer offsets. Also just realised it's a C++ binary just to correct myself lol.

sdk_cr on 8:21 AM 04/20/2019: some of the comments are absurd but as long as u find the location u will know cracking is fun. thanks!

pukar_giri on 9:33 AM 04/21/2019: D4RKFL0W i know what it is doing is calling strcat then find strlen and then again call strcat at that offset and repeat this multiple times but my problem is i cannot find the direct cpp syntax that finds the strlen using the Trick of Repnz scasb trick . so far i have checked the c library function strlen but dont think this works that way as strlen is not inline hence calls the strlen via the plt. i'll be glad if you could mail the source to thanks a lot in advance

Sn0kr45h on 11:12 PM 04/27/2019: Great puzzle D4RKFL0W! It took a short time to solve, but to understand the special function took about two hours of thorough tracing in gdb along with documenting in my notebooks. It was helpful to try and predict what the assembly was going to do and then verify with registers. So much fun for my very first crackme.

D4RKFL0W on 10:37 AM 04/28/2019: Awesome Sn0kr45h, glad you enjoyed it!

b3n on 7:14 PM 05/03/2019: Enjoyed the crackme. Thanks

euler on 5:44 PM 05/25/2019: Thanks for posting this. It's my first attempt at doing a crackme. I love the message that you put in the string table. I did have fun!

D4RKFL0W on 6:56 AM 05/27/2019: Thanks euler, i've made a couple others if you wanna check them out. Thanks for the feedback though man.