ttlhacker's hard_software



2:06 PM 06/01/2019


Unix/linux etc.


Another x64 Linux crackme. Reads input from stdin and tells you if it's correct or not after thinking about it for a second or so. Most of the binary was generated by a custom tool. While it's quite large, it doesn't contain any dead code or unused variables. It also doesn't have anti-debugging features, doesn't play weird games with exception handlers, doesn't modify itself and doesn't even have much control flow to speak of. I'm pretty sure it'll be an absolute nightmare to analyze despite this. And I don't think dynamorio will be of much help with this one. ;)

s4r on 8:04 AM 06/04/2019: I hope I'll have time to solve it soon. Looks really complex!

pinnn on 7:39 AM 06/07/2019: Nice! It's been a long time since there was a difficult task.

Zibri on 2:42 PM 06/10/2019: I would love to have your email, ttlhacker.

ttlhacker on 5:09 PM 06/10/2019: You can reach me at this email, Zibri: 74746c6861636b6572406f75746c6f6f6b2e636f6d (hex ascii to keep the spammers out)

x0r19x91 on 11:58 AM 06/13/2019: Highly obfuscated.Got to analyze closely

ttlhacker on 11:51 AM 06/29/2019: Did anyone give this a try yet? If so, I'd love to hear about your progress. And don't hesitate to ask for hints if you're stuck. You can reach out to me via email (ascii 74746c6861636b6572406f75746c6f6f6b2e636f6d) or just leave a comment here.

ker2x on 8:50 PM 07/05/2019: at first glance it feel like it have an obfuscated VM/bytecode. something tricky like the movfuscator

4aca7f6c on 12:27 PM 07/06/2019: Another brilliant crackme, ttlhacker! Thank you for all the thought/work you put into making these. I always learn something new working them out. If I can think of a reasonable way to write up a solution, I will, but it's going to take some thought. SHA1(password) = aa4cc69f4eaf8a6d0e5a82be47c20f9612850882

pinnn on 5:07 AM 07/25/2019: Very nice crackme! SHA256(password) = 2acf092bf4e0443bed953f1105aafcf15b3691d9b60b8f14959c7946b33ddcdfafed2d09a522cced8afe270b4bc07d546bfcac7e949c3cef9161de9aa7cac731 It's not as hard as I thought at first. My solution coming soon. My solution will be soon.

pinnn on 5:09 AM 07/25/2019: It not sha256, its sha512)

ttlhacker on 1:21 PM 07/25/2019: Very nice, 4aca7f6c and pinnn! I've read your solution, 4aca7f6c, it's just great! Can't wait to read yours as well, pinnn.

4aca7f6c on 9:18 PM 07/25/2019: Thanks @ttlhacker! I'm also looking forward to reading your solution @pinnn... I would love to know the best way to crack this.

pinnn on 5:33 AM 07/27/2019: Check @4aca7f6c solution. Very detailed and nice! My solution is like black box. I found input and output and then guess operation.

4aca7f6c on 9:30 PM 07/27/2019: Thanks @pinnn! I read yours, and it's the third time recently I've had someone talk about pintool. I think I need to learn about it (and dynamorio)!