kondeti's Indexianado

Author:
kondeti

Language:
C/C++

Upload:
2021-12-03 16:17

Download

Platform:
Windows

Difficulty:
1.8

Quality:
3.2

Arch:
x86

Downloads:
20

Size:
127.00 KB

Writeups:
3

Comments:
13

Description

A relatively easy crackme that I wrote for my colleagues during work, Ping me @FalconPunch in discord server.

Comments (13)
Writeups (3)

You must be logged in to post a comment

bl4ack on 2021-12-10 23:42: [Click to reveal]

kondeti on 2021-12-11 05:35: Hi @bl4ack, Thanks for trying... The key isn't constant, It's different for every user. It's more of a keygen than a crackme, Should've mentioned that in the description

NoMercy on 2021-12-11 17:11: crackme takes the username of the system and mutates it, so everyone has their own universal key. example: lolxp3010 - username, nfnML - mutated valid key. thanks for the crackme.

kondeti on 2021-12-12 13:41: @NoMercy, Noice...I should've considered that some usernames have numbers in'em, It hasn't crossed my mind.

Husenjan on 2021-12-14 12:59: Tips to beginners look at the comparison between the two strings.

sophie1p on 2021-12-16 04:19: windows name two, turned into t6f saw that it does some weird shit to the name but i couldnt really follow what it does after a while lol

xEnsar69 on 2021-12-20 12:52: [Click to reveal]

Blepperton on 2021-12-24 20:30: i feel harrassed by your encoding algorithm

nikvothe on 2022-01-21 18:31: What is the password for the rar file?

nikvothe on 2022-01-21 18:34: Nevermind... Yes this is my first crackme 😂

ansejrtj on 2022-02-11 00:01: easy..

jinzi0113@163.com on 2022-10-18 07:17: [Click to reveal]

dzh1gurd4 on 2023-06-06 19:05: Interesting crackme, but you forgot to take into account that username can consist not only of Latin letters.

Show all spoilers

You must be logged in to submit a writeup

Solution by 7cherubin on 2022-01-03 20:19:
- The program calls GetUserNameA to get the logged on user's name. - It converts the username into all capitalized letters. - It generates a key by using each letter of the username as an index, based on its ascii code, against an offset pointer to a secret key string ("ThisIsAStringOfLength26MW2"). *It should be noted that, instead of being a normal sequence of bytes, each letter is offset by four bytes.* - This aforementioned string begins at the hardcoded address .data.00421084 and is offset by the ascii code of the letter 'A' which is 0x41. Thus, the first letter of the string begins at .data.421000. - This key is generated *after* the user is asked to provide a key of their own. - If the user inputs the same key as the one that was generated, the program enters its success branch. - It should be noted that the program does not take into account usernames that contain characters other than letters since the characters of the secret string correspond only to the ascii characters of the capitalized letters. Thus, any other character in the username would point to randomized memory *around* the secret string.

Download

Solution by mstik13 on 2022-03-16 15:16:
the program makes a key based on your computer logged username, it also have a table Hardcoded, after the program get the username it convert it to uppercase, then it use it to index the table, also the table get "decrypted" before it usage, after this, it finally build a key based on that. for (int i = 0; i

Download

Solution by i0x60d5 on 2022-09-22 05:19:

Download

crackmes.one

crackmes.one

kondeti's Indexianado