Author:
esc

Language:
C/C++

Upload:
11:59 PM 03/15/2024

Download

Platform
Windows

Difficulty:
1.5

Quality:
3.0

Arch:
x86

Description

Control Flow Flatting, just skip it.

• Comments
• Solutions

justAuser on 5:03 PM 03/19/2024: So is aim of this crack me to run program without itself closing up and reading that message?

cnathansmith on 7:25 PM 03/19/2024: @justAuser I just don't waste time on the vague ones anymore

nightxyz on 7:29 PM 03/19/2024: ANSWER:MORDOR

sporta778 on 10:17 AM 03/20/2024: @justAuser if understand correctly, you just need use cmd.exe. console application.

Lynnette on 5:52 AM 03/25/2024: MORDOR debug it and check stack,you should get a file's name

abc00012345 on 10:39 AM 04/01/2024: hello

Programista on 6:21 PM 04/02/2024: Hello everyone. I started playing with this crackme today and read about Control Flow Flattening to understand what it’s all about. It’s a method of obfuscating code by making a big switch (in this case, as many as 13 cases). But all I’ve tracked down is that during the execution of the program, it operates at the location of the executing program. And at the beginning, “uncrackable3.ex” appears on the stack, which reminds me very much of an executable file (probably because of the .ex ending where the ‘e’ comes to mind :D ). Could I ask for some guidance, direction, etc.?

acep on 6:33 PM 04/11/2024: This works only in cmd.exe. Other launchers send full path in argv[0]

ngxdtv on 4:48 PM 04/18/2024: As Programista already mentioned, one can infer the following from the jumps. debug032:00A35F47 00000012 C uncrackable3.exe Personally, I seem to be too dumb for it, but here's an idea. uncrackable3.exe consists of 16 characters, and the query to get to "It's not hard actually\n" is: if (pcVar19 == (char *)0x10) { So here 0x10 → 16 is compared with pcVar19. pcVar19 is likely "uncrackable3.exe". I have 200 lines of explanation on my PC, but I can't figure out the solution. Unfortunately, I'm still relatively new to this field. loc_10019CE: add esp, 0Ch ; } // starts at 10015F7 ; try { mov byte ptr [ebp+var_4], 1 cmp esi, 10h jnz short loc_1001A4A Of course, one could probably just change jnz and also have a different solution, but that wouldn't be the goal.

Piotr2024 on 7:29 PM 04/19/2024: @ngxdtv Indeed, you are too dumb for crackmes if u have exe file's name and you don't know what to do with it. LMAO

You must me logged to submit a solution