destructeur's Sh4ll10



7:39 PM 05/05/2019


Unix/linux etc.


A little crackme so you don't forget that the only thing you can trust is assembler. You don't need to open a debugger for this one.

b3n on 10:37 PM 05/21/2019: Is the program supposed to segfault? Is the goal to fix the segfault?

destructeur on 11:45 AM 05/22/2019: Yes, the goal is to fix the segfault by submitting the good string. You don't need any patching or debugging for this one. You just need to read the main function to understand the Crackme. Good luck

b3n on 5:40 PM 05/23/2019: Thanks @destructeur, after your tip I was able to correct the segfault and become a "good boy". I'm curious to see the source, though, because the parameters for scanf seem so weird and threw me off the trail for a bit (73 xor 3 ?). Did you purposely do this, or was this some compiler optimization? Really enjoyed the crackme, thanks.

destructeur on 7:21 PM 05/23/2019: I did 's' (0x73) ^ 0x03 on purpose to throw you off so that if you read badly the routine, you could think that the scanf take the parameter '%s'. I don't know if it was your case. I usually don't upload the source code but it can be a good idea for my next crackmes.

b3n on 7:28 PM 05/23/2019: Yep, that little obfuscation threw me off for a bit. Thanks for the explanation.

destructeur on 7:32 PM 05/23/2019: No problem, Good job!

Bilbin on 5:18 AM 06/15/2019: I'll be honest. That scanf was pretty weird. Threw me off a bit, but I got it. Great beginner challenge.

Bilbin on 5:19 AM 06/15/2019: '"

Bilbin on 5:19 AM 06/15/2019: %27%22%3E%3Csvg%2Fonload%3D%22alert%28%29%22%3E

destructeur on 10:13 AM 06/15/2019: Good job Bilbin, but the goal is not to find a XSS on the comment section.

lb on 12:16 PM 06/23/2019: This was my first crackme, thank you for making it :) Was quite a challenge for me. I would really appreciate the source code if you could link it or if you have a git repo?

ker2x on 1:06 PM 06/23/2019: Are you sure that it's a level 1 challenge ? the algorithm isn't that difficult but finding the actual answer that works... well... i gave up.

destructeur on 6:10 PM 06/23/2019: @ker2x: Try to look at the arguments of the function scanf, think about what you can write in the input to print the good boy.

ker2x on 8:19 PM 06/24/2019: I see what you do clearly (i think so), but solving this whole mess of MOV,ADD,XOR,LEA to have the correct value in RAX ... ugh...

destructeur on 9:25 AM 06/25/2019: @ker2x: Can you identify the arguments of the function scanf (the buffer, and the specifier used If so, you will have to read instruction by instruction to understand what is going on and how the program use your input. I can't really help you to read assembly instructions but there are many documentations on the Internet. If after a while, you can't still understand what is going on, don't stay stuck and use a debugger.

Antricks on 5:02 PM 07/17/2019: Oh boy you really fooled me first.. But a really nice crackme. I solved it in the end :D

BinaryNewbie on 6:44 AM 07/27/2019: @destructor, nice one, it took me some time, but it was a funny exercise. I think that i found the correct string and i will submit a write-up soon. Thnx.

Bkamp on 5:00 AM 12/02/2019: This crackme was really good! Lucky for me I totally missed the scanf thing and looked straight at the call rax function. Which I thought was weird. Got it shortly after. Really great exercise for getting used to your debugger :)