BinaryNewbie's Simple obfuscation

Author:
BinaryNewbie

Language:
C/C++

Upload:
2019-09-02 23:37

Download

Platform:
Unix/linux etc.

Difficulty:
2.0

Quality:
4.0

Arch:
x86-64

Downloads:
22

Size:
312.19 KB

Writeups:
2

Comments:
15

Description

A simple crackme, with some obfuscation and a simple anti debug trick. Patch isn't allowed. The difficulty could be easy or medium. I'm waiting for solutions and comments, have fun.

Comments (15)
Writeups (2)

You must be logged in to post a comment

Jmp-pop on 2019-09-24 14:27: I'm having some trouble with this one, any chance you could push me in the right direction or i can email you

BinaryNewbie on 2019-09-24 15:48: Hi, yes, email me: vitor.oliveira.24.24@gmail.com

unc4nny on 2019-09-26 12:16: I just sent a solution, is it acceptable?

BinaryNewbie on 2019-09-26 14:53: I didn't receive the email, but when i receive, i will see it.

newbie_student on 2019-09-30 18:17: hi,flag it's just for me or i must input somewhere ? ) good source )

BinaryNewbie on 2019-09-30 20:06: Hi, the flag is only need for unzip the source, btw, try to submit your solution, i would like to see how did you solve it.

newbie_student on 2019-09-30 22:14: tmp = 97, interesting idea) ... your second, and third crackeme a much harder and i like your anti-debug tricks) Ass1st4nt..., i'm just newbie_student )

BinaryNewbie on 2019-09-30 23:54: Thank you for your sharing your opinion, i hope that you did enjoy, try to solve my second and third crackme. The 97 is just the ascii value of 'a', and my anti debug trick for this one were only ptrace and some code obfuscation, but the others have an anti-disassembly trick and the last one has a little surprise.

ragnar_crackbeard87 on 2020-02-26 19:23: Thanks for a fun one! Thanks for giving us the source code to contrast and compare with afterwards too! :)

sheratom on 2020-02-27 16:12: i don't get what does the function sub_41ECC0 do. anyone explain to me plz(i'm a new)

tim0tei on 2020-03-08 16:21: [Click to reveal]

jeffli6789 on 2020-03-16 06:44: @sheratom. That is malloc(). There are several hints for it. 1). It is super complicated and it does not like part of the code to check the key. 2). It is called a lot of times in the program. 3). Its return value is used as a buffer.

jimsktsmith on 2022-02-06 16:01: [Click to reveal]

priyaaanshut on 2023-10-20 06:49: hello BinaryNewbie, Although you said that patching is not allowed I can still see the solutions changing the values of some registers to bypass ptrace check. Is this the correct approach?

Show all spoilers

You must be logged in to submit a writeup

Solution by jeffli6789 on 2020-03-16 06:41:

Download

Solution by D4RKFL0W on 2020-10-04 12:10:
Nice challenge, thanks to the creator.

Download

crackmes.one

crackmes.one

BinaryNewbie's Simple obfuscation