j0n3s91 on 2023-04-01 21:13:
Hi,
I am a bit stuck with this challenge. After the call to wcstombs I encounter some data in the text section and I dont get how execution could continue here. A small advice would be appreciated.
ClashRoyaleKing on 2023-04-04 18:38:
Can I use debugger or this task about static analysis?
hacktooth on 2023-04-06 12:47:
i'm stuck in this keygen me, this is what i understand (maybe)
Seeing what these functions do might help you troubleshoot or understand
how the KEY is generated.
The program starts by checking if a debugger is present and calculating a value
hexadecimal starting from two constants:
cost1 = "pearldarkk"
const2 = 0xDEADBEEF
the string const1 is split by character and put into an array.
string array[11] = "p, e, a, r, l, d, a, r, k, k"
then the XOR operator on const2 is executed for each character of the array[11]
until you get the hexadecimal value:
const2 = 0xDEADBEFE
this could be the generation of the FLAG we need or just a pitfall.
00E61050 the function starts from this address
then follows a function that examines the two values inserted in the GUI; FLAG and KEY and are processed.
00E61140 this function starts here
the flag value is processed with the wcstomb function,
00E61245 here maybe there is a sscanf function.
and finally it is checked and the multibytes of the string are checked via strncmp.
Multibyte value of FLAG "0121317d1d5d0701636e355f4b237e"??
TyfoC on 2023-05-25 15:49:
So, I restored the function with checking the flag and key, suddenly it will come in handy for someone:
Link - pastebin.com/2Xa28tSw
Password - crackmes.one
filenort on 2023-06-13 20:26:
I took like 1 hours to analyze and decode took short brake and cracked it in less then 5 minutes. Great crackme man =]