12:00 PM 11/01/2019
Find the correct serial number to win the challenge! This crackme implements some basic protections to get you warm up :-)
- Patched is not allowed!
- Have fun!
madlogik on 2:02 PM 11/13/2019: So I found the flag when doing the disassembly, and it works when I hit the button... but I had to patch the exe to get through the IsDebuggerPresent and the other conditional jump above it. (and that is not allowed)...
I'm assuming that security cookie must be a file it looks for ... potentially with those 25 numbers strings in it... but I would appreciate some help on how to truly understand it .
Thanks a lot!
juansacco on 6:50 PM 11/13/2019: To bypass for example isdebuggerpresent without patching you can use conditional breakpoints for example, great job madlogik!
coyote_0x90 on 8:06 AM 11/14/2019: I found the flag, but I also had to patch out some conditional jumps. There's a check in the WNDPROC of the window for WM_COMMAND, and when it processes that message, it checks if some functions are 0 instead of calling them and checking the return value.
dMsg = Msg;
if ( Msg 0x10 )
if ( dMsg != 0x111 ) // dMsg != WM_COMMAND
return DefWindowProcW(hWndParent, Msg, wParam, lParam);
if ( sub_401210 || sub_401160 ) // have to patch this out
MessageBoxA(hWndParent, "Try harder! Muahahahaha..", "Exploit Pack - http://exploitpack.com", 0x40u);
v65 = (unsigned __int16)wParam;
if ( (unsigned __int16)wParam == 100 )
madlogik on 7:59 PM 11/14/2019: Thanks a lot juansacco and coyote_0x90.
I'll move on for now, but will come back here to see if someone has a solution that has no patching involved.
rmfla on 1:31 AM 11/17/2019: Thanks
drunkenmyno on 11:40 AM 11/21/2019: May i'am wrong but should this application be buffer overflowed to change the window handle ?
omniarepair on 8:02 AM 11/23/2019: Patching saves you lots of time :)
juansacco on 8:33 PM 12/18/2019: It's not a buffer overflow as someone said below! But a crack-me and indeed you can use conditional debuggers to avoid some protections! Glad you like this one!
hlvd on 6:19 AM 12/19/2019: How can I unzip this file? Has any password shared for me?
Vadym on 10:03 AM 12/21/2019: Lets look here about archive password https://crackmes.one/faq
0xC0FFEE on 8:31 PM 12/24/2019: I found the flag without the correct serial number? Is there a right way that involves the serial numbers?
mrT4ntr4 on 5:22 AM 01/20/2020: Tricks ;)