Description
Hello Crackers!
In this challenge, as the two previous, the main goal is to create a keygen that can create valid key. This time, there is a bit of obfuscation taking places.
Try to not break the logic and actually create a keygen, you will need to know to do it for the next part!
Have fun!
Made by 2ourc3 ( www.bushido-sec.com )
You must be logged in to post a comment
maxodrom1 on 1:46 PM 12/22/2022: a valid key would be for example : "A33X333X333" or "AdfXrfrXsds" , the only thing that matters is that it have to have the format "xxxXxxxXxxx" and the first have to be "A" so "AxxXxxxXxxx" would be valid also. And for some reason you have to introduce it 3 times before you get the password. It is exactly the same as the previous bu with "X" instead of "-". No obfuscation detected ))
midas on 7:07 AM 12/23/2022: To correct the comment below (or above, don't know how it will post). It is basically the same program as last time but ran through very simple control flow obfuscation. Definitely nothing complicated, but in technicality, the program is still obfuscated by trying to make the executable be understood less.
2ourc3 on 9:51 AM 12/23/2022: Thanks Midas for the explanation.
Indeed, i try to create challenge which are followable by a total beginner, and increase slowly in complexity. Hard obfuscate an "easy" challenge has no sense for me.
However, please don't put (at least no complete) solution in the comment
expl0itr on 3:17 PM 12/23/2022: Although the applied obfuscation techniques are definitely rather simple, it is still a fine crackme. Interestingly, IDA's decompiler slightly struggles with the key validation function – it'd be great to see a more difficult version of this crackme in which the IDA decompiler (and similar decompilers) completely fail(s).
anthrax3 on 4:22 PM 12/28/2022: AXXXXXXXXXX valid
anthrax3 on 4:29 PM 12/28/2022: The length of the string must be 11 characters. This is determined by the call to "fun_402ce0" and the comparison with the value 11.
The first character of the string must be the letter 'A' (ASCII value 65). This is determined by the comparison with the value 65.
The fourth character of the string must be the letter 'X' (ASCII value 88). This is determined by the comparison with the value 88.
The eighth character of the string must also be the letter 'X' (ASCII value 88). This is determined by the comparison with the value 88.
Therefore, a valid input string would be a string of length 11 characters, with the first character being 'A', the fourth character being 'X', and the eighth character being 'X'. For example, "AXXXXXXXXAX" would be a valid input string.
mstik13 on 7:08 AM 01/02/2023: AU?Xg`}X.5\
A?!X-buX]&8
AUqX*2'XJe
AU!X%QQXXu)
Av\XhuiXzR(
A{^Xgp=Xk(o
A\1X$`LXKE$
AKJXT{$XI$y
A'lXonhXCsc
A!]XT
DIDUK on 4:35 PM 02/08/2023: #include
#include
using namespace std;
int functionss(char* varz) {
char var2[100];
strcpy(var2, varz);
int length = strlen(var2);
if (length != 11) {
return 0;
}
if (var2[0] == 'A' && var2[3] == 'X' && var2[7] == 'X') {
cout
DIDUK on 4:36 PM 02/08/2023: cout
PointX on 2:01 PM 06/02/2023: My solution is go to jmp and change offset to the correct.
iwn on 9:20 AM 10/24/2024: This is the criteria for correct keys:
if ( (unsigned int)strlen(var2) == 11 )
{
if ( *var2 == 65 && var2[3] == 88 && var2[7] == 88 )
{
printf("The key entered is valid");
return 1i64;
}
as long as you have those, you have a correct key
iwn on 9:35 AM 10/24/2024: keygen
import string, random
chars, key = string.ascii_letters + string.digits, ""
for i in range(11): key += random.choice(chars)
key = 'A' + key[0:2] + 'X' + key[4:7] + "X" + key[8:]
print(key)
jhosuakz on 3:50 PM 01/10/2025: import random
import string
character = string.ascii_letters
PASSWORD = [''] * 11
PASSWORD[0] = chr(65)
PASSWORD[3] = chr(88)
PASSWORD[7] = chr(88)
for i in range(len(PASSWORD)):
if PASSWORD[i] == '':
PASSWORD[i] = random.choice(character)
print(''.join(pw for pw in PASSWORD))