aziz00 on 9:40 AM 09/11/2021: it been cracked, i have submitted the solution along with the source code. thanks a lot for this file.
aziz00 on 9:04 PM 09/11/2021: Thanks a lot ,
try this user name and password :
user name :RaphDev
number :1
password :SbqiEfw
Anhkhoa on 4:00 AM 09/18/2021: maybe I already have the code reversed but I don't know how to cut the extra characters at the end
matv201 on 12:08 AM 09/20/2021: My first crackme! I believe I figured it out but can't get the binary to run. I renamed file with .exe and tried compatibility mode but still it says "cannot start or run due to incompatibility with 64-bit version of Windows". Any ideas?
matv201 on 4:13 AM 09/20/2021: nvm, it is unix lol
RaphDev on 3:47 PM 09/23/2021: @matv201 you cannot run it in windows it's a linux binary file
usernamechecksout on 12:00 AM 11/22/2021: As a newbie on this site. Can i crack it by editing instructions? disturbing the flow of the program? or is there a flag?
RaphDev on 10:11 PM 11/26/2021: usernamechecksout: you just have to reverse this binary and then find out how the algorithm works, that's it
tomg404 on 12:23 AM 11/29/2021: Why does
aaaaaa
1
bbbbbb
work, but
a
1
b
doesn't? Can somebody explain?
KPia on 7:49 PM 12/12/2021: Found a patch such as :
if (iVar1 == 0) {
puts("\nWrong password");
}
else {
puts("\nYou are succesfully logged in");
But I didn't really understood what was going on in the loop xD
a = 0;
while( true ) {
a = x;
b = strlen(usr);
if (b
KPia on 8:11 PM 12/12/2021: x = 0;
while( true ) {
a = (ulong)x;
b = strlen(username);
if (b
KPia on 8:38 PM 12/12/2021: Sorry for messing up with the comments.
tomg404: (a, 1, b) works. It's case sensitive.
Ran the loop on my laptop and understood.
Thx.
MM on 7:55 PM 01/03/2022: Seems to me that there's a bug in the loop that goes through each char in Username and add up with the input number.
The new string that this loop creates (in the stack position: rbp-0x50) is not terminated with NULL char, and strcmp function uses NULL char to know where's the end of both strings to compare.
Because of this, the behavior ends up not deterministic
bond_u on 6:53 PM 02/21/2022: Just set the breakpoint before taking the input password. examine the value of generated password by command x/s $rbp-0x50 and continue the program and enter the password stored in $rbp-0x50
3nnu1t3 on 8:49 PM 04/07/2022: I was unable to use ltrace in this crackme, because it was likely compiled with -z now (see https://stackoverflow.com/questions/61394462/alternative-to-ltrace-that-works-on-binaries-linked-with-z-now/) I solved it using an alternative to ltrace that works with this type of file, is this cheating?? If you don't intend for us to use ltrace maybe you should say in the description RaphDev :)
andy on 9:12 PM 05/20/2022: Nice and easy crackme. You can't enter a name with a space though, e.g "firstname surname"
Danofred on 8:56 PM 09/29/2022: thanks brother for this little challenge
chris.dinozzi on 2:27 PM 04/14/2023: fun challenge! :)
angz on 11:17 AM 04/19/2023: very fun crackme! Absolutely funnier to go through this rather than the usual crackmes for beginners.
letuss004 on 4:17 PM 04/30/2023: Beginner friendly, everyone should try :D
JNVIEGJ on 8:27 PM 10/05/2023: python function to solve:
def solution(username, number):
password = []
for i in range(len(username)):
password.append(chr(ord(username[i]) + number))
return "".join(password)
usege:
print(solution("admin",3)) - dgplq
Mike_sp3c on 11:02 PM 02/23/2024: Thanks! It helps to learn.
urohit011 on 7:58 AM 08/15/2024: what's the password to unzip the downloaded zip file?