You must be logged in to post a comment
potichek on 2024-02-21 16:55: The password is generated randomly
cnathansmith on 2024-02-21 19:19: @potichek it's a timing attack
TEA on 2024-02-22 01:14: where the password of the rar file
cnathansmith on 2024-02-22 03:32: @TEA It's always crackmes.one
tanjid01 on 2024-02-22 07:52: stupid program, exit the moment you hit enter. no massage shows
cnathansmith on 2024-02-22 12:54: @tanjid01 Most challenges are console applications. You need to launch them in a cmd window
kestas69 on 2024-02-25 15:57: somehow managed to randomly click the function that generated the password. Password is generated based on time, solved.
sporta778 on 2024-02-28 15:39: Nice cnathansmith.
sporta778 on 2024-02-28 20:16: In really i think it big word that this timing attack. _time64
return time with resoultion 1 second. I think here can be maded stay along application and it will can give several result's in which we can find true password.
sporta778 on 2024-02-28 20:27: p.s. do not swear to me , i am figuratively know that is time attack:))
sporta778 on 2024-02-28 20:36: p.p.s and yet , one second for microprocessor this is how one year for us:)))
Crayon on 2024-02-29 07:16: @cnathansmith sorry for noob question. How do I run the keygen? With Visual Studio Code?
sporta778 on 2024-02-29 12:53: One second enough time to run in 2 cmd windows's 2 application's
: crackme and keygen, and the will have same time received by the _time64(<ime).
cnathansmith on 2024-02-29 20:09: @Crayon open the .sln file in Visual Studio or VS Code and build it to get the executable. TARGET needs to contain the path to the challenge exe.
sporta778 on 2024-02-29 20:48: i give up , i can just it make in yourself program
but i do not understand physical meaning:
call
add rbp,1
mov edx,eax
cdqe
imul rax,rax,FFFFFFFF84210843
mov ecx,edx
sar ecx,1F
shr rax,20
add eax,edx
sar eax,5
sub eax,ecx
imul eax,eax,3E
sub edx,eax
movsxd rdx,edx
movzx eax,byte ptr ss:[rsp+rdx+20]
mov byte ptr ss:[rbp-1],al
cmp rbp,rbx
jne untitled1.7FF710F315E0
how it can be some %62 ?
i do not understand
sporta778 on 2024-02-29 20:49: 62 look like %0x3e
sporta778 on 2024-02-29 21:03: maybe i do not understand but how you can transofmate this code in just random%62.
sporta778 on 2024-02-29 22:23: *myself
cnathansmith on 2024-03-01 16:09: @sporta778 It's magic number modulo division. Take a look at the function in Ghidra and it can work the math out for you
cnathansmith on 2024-03-01 16:31: http://icodeguru.com/Embedded/Hacker%27s-Delight/065.htm
sporta778 on 2024-03-04 12:30: it's strange how in two applications random can give some subsequence identical numbers???
sporta778 on 2024-03-19 18:24: ehhhh sorry , i thinked Ghidra it is super secret algorithm,
it is just disassembler... it hard to me speculative analyze code.... just debugger....
justAuser on 2024-03-22 18:50: @sporta = rseudorandom
ShadowD on 2024-10-16 20:40: It's for password finding but I think it's also good as a rerouting exercise for beginners (it's still a jnz - jz but not as straight forward)
junfer001 on 2024-10-28 10:50: breakpoint on addr 140001624 shows you the generated password. you can find the adress by diggin in ghydra where it looks at the time and loops to generate the pasword.