mrT4ntr4's Save Scooby

Author:
mrT4ntr4

Language:
C/C++

Upload:
2019-07-31 16:19

Download

Platform:
Unix/linux etc.

Difficulty:
1.7

Quality:
4.0

Arch:
x86-64

Downloads:
32

Size:
8.38 KB

Writeups:
6

Comments:
23

Description

It seems Scooby forgot where he is. Help him find his way!! 1. Try to reverse without decompiling. (don't be lazy XD) 2. Patching is obviously not allowed. 3. Write a keygen. It's my first crackme so feel free to ping me for suggestions or feedback!! Contact : https://twitter.com/MrT4ntr4 Happy Reversing !! ;-)

Comments (23)
Writeups (6)

You must be logged in to post a comment

BinaryNewbie on 2019-08-04 01:37: Really easy, solved. I will post a write up. Thanks for the crackme.

BinaryNewbie on 2019-08-04 01:45: I solved it, in a lazy way, i need to look better for write a keygen for him

juansacco on 2019-08-05 09:07: Alternative solution to getcwd: Break on-runtime here: loc_559B769418B2: cmp [rbp+var_C], 0

juansacco on 2019-08-05 09:07: [Click to reveal]

Ephoria on 2019-08-11 07:42: Thanks for this ! I will post 2 solutions of this program

mikejerez on 2019-08-13 03:19: I reversed it and made a keygen in Python. Where can I post it?

mrT4ntr4 on 2019-08-13 18:42: @mikejerez you can submit it in the solutions section. Read FAQ before submitting it though..

SYS_V on 2019-08-14 03:50: Solved via DLL injection, replacing getcwd(). This method can be used to put Scooby anywhere. $ LD_PRELOAD=$PWD/inject_scooby.so ./save_scooby injected! Hi Scooby !! Where are you?? Jupiter You won a medal Scooby !! ###################################################### Source code of inject_scooby.so : #include #include char *getcwd(char *buf, size_t size) { printf("injected!\n"); return "Jupiter"; }

Ephoria on 2019-08-16 17:08: Here is my solution: https://github.com/Dixyder/crackmes/tree/master/save_scooby

wrongbaud on 2019-08-29 00:28: What is the password for the zip file?

maikelsec on 2019-09-01 18:09: You won a medal Scooby !! was fun thnx for making

math__0x0 on 2019-09-26 19:03: [Click to reveal]

XilefEnork on 2019-10-06 08:26: This was my first crack me, and it was the perfect difficulty. At first I struggled a little with the encryption but after some thinking it was pretty clear. Awesome crackme :)

spaceman on 2019-10-10 16:50: This was a fun challenge and a great way to learn and sharpen my reversing skills, thanks :)

mrT4ntr4 on 2019-11-04 06:55: I m glad u liked it guys :)

MALT0_CliMb on 2019-12-10 22:51: Dude thx for this binary ;). It was very funny for me - key-gen is written of course in python :).

Emarth on 2019-12-28 12:06: I'm new to cracking and reversing. This one was on the perfect level for me. It's a lot of fun finding out how it works I loved it. Learned a lot :)

onehitwonder on 2019-12-30 13:45: Thanks, mtT4ntr4! Very nice for beginners. Learned a lot. Though you seem to have overlooked something. The length of the entered key is not being checked. Hence, no keygen necessary. Entering the first char is always correct, which should always be $ (/). @math__0x0 You shouldn't work as the root user! Especially when executing code you can't trust.

zakaria on 2019-12-30 22:02: guys sorry but how do i extract the zip file. from where i get hte password

mr_sandman on 2020-02-14 22:58: That was a cool Crackme. I have a question: what reverse software do you guys use? I used Ghidra, but it seems people decompile the binaries manually somehow. Anyway, I solved it and here is explanation how (read the text below if you have no concept how to solve the task): When you run the program, it gets path of it's location (in my case, it was /home/johnnysins/Downloads/), next it changes all the "/" into "$" and changes the letters into letters that go 30 (or as it was written in the code - 0x1e) bits earlier (according to ASCII table). When you enter the password, it just compares it to the modified path. So, the passwords $, $JQ, $JQOG, etc. are valid. Here is the decompiled source code - https://pastebin.com/NAEXAi8S =)

ghsi10 on 2020-08-05 10:06: you should check if (path_len == input_len ) before: while ( index

Darky on 2021-06-10 14:28: Input "$" works in any directory

hackingmaterials on 2021-07-21 10:49: ./save_scooby Hi Scooby !! Where are you?? $J You won a medal Scooby !!

Show all spoilers

You must be logged in to submit a writeup

Solution by BinaryNewbie on 2019-08-04 03:17:
It contains a keygen, a write-up and a file with other ways to solve it.

Download

Solution by cRsHnDbRn on 2019-08-12 08:46:
Did not submit a keygen as just the input `$` works.

Download

Solution by ZXBHfP9N3 on 2019-08-26 16:55:
Write-up and two keygens. I also describe how to use a bug in the program to circumvent the key check :-)

Download

Solution by patoLocosc on 2020-07-27 22:19:
Keygen is there but, you only need to enter a $ to complete the problem. This keygen gives your path transformed, remember to compile it in the same directory where save scooby.bin is.

Download

Solution by Darky on 2021-06-10 14:37:
Simple Keygen. --- Instructions: 1. Place in the directory with 'save_scooby' 2. Run

Download

Solution by BugsBunny on 2025-04-22 16:49:
An reversing approach to the process of encrypting that the binary does. Do remember to execute the keygen in the same directory as the binary!

Download

crackmes.one

crackmes.one

mrT4ntr4's Save Scooby