pavler on 2:39 PM 05/27/2024: "lockcmpxchg8beax" - think it would be a bit harder, solved in 10min literally
justAuser on 5:10 PM 05/27/2024: lockcmpxchg8beax
Though got bsod when I went in too deep (went verz deep) :"D
justAuser on 5:15 PM 05/27/2024: Btw is this you?
https://github.com/cutemastermind?tab=repositories
"What can I say..." :D
imeow256 on 10:50 AM 05/28/2024: congrats guys didn't expect you to crack it with such rapid!
yeah @justAuser thats my github profile lol :D
Kache0 on 7:37 PM 05/30/2024: yeah lockcmpxchg8beax its just there in plain text
imeow256 on 9:49 AM 06/01/2024: @Kache0 what are you talking about, what tool did you use to find it in plain text?
Barimor on 3:47 PM 06/01/2024: It was awesome, but I thought lockcmpxchg8beax☺ it isn't a password.
cnathansmith on 7:16 AM 06/04/2024: @imeow256 It just directly compares the input to the deobfuscated password
.text:0000000140018F95 mov rdx, [rbp+230h+Str2] ; Str2
.text:0000000140018F9C mov rcx, rax ; Str1
.text:0000000140018F9F call j_strcmp
You just break there and check the arguments and there isn't really anything to solve
imeow256 on 11:17 AM 06/04/2024: @cnathansmith ohh shit i fucced it up then
survivalizeed on 1:26 PM 06/06/2024: All this strange obfuscation to then do a simple string compare ... password is "lockcmpxchg8beax".
imeow256 on 5:56 PM 06/08/2024: @survivalizeed could you give me some advice or a better way to check for correction?
MouadDS on 3:57 PM 06/09/2024: solved in less than a minute (im a starter)
Hapten on 10:49 PM 06/25/2024: @imeow256, is it possible you could make a video, or just somehow explain how am i supposed to deobfuscate everything after "Enter password" and overall get the password.
survivalizeed on 1:12 PM 06/26/2024: @imeow256 there is not the ONE way of doing a good obfuscated compare. I highly encourage you to take a look on virtualization tools and how they work. Tigress/VM Protect have some nice devirtualization blogs you can learn a lot from :)
imeow256 on 12:54 PM 06/27/2024: @survivalizeed thank you i will definitely take a look!
Keep on 9:49 PM 07/23/2024: cant find the password with ida, dbg, or dnspy this program is objectively horrible
newport on 4:41 PM 08/15/2024: string references isnt there, i dont think theres obfuscation i tried x64dbg and ghidra and neither could figure out where it is. patching did NOT work sadly (im a patching man)
Ja4V8s28Ck on 7:36 AM 09/16/2024: I'm typing my doubt here because no one seemed have to noticed it yet,this program requires internet to work, I wonder why. I use a sandbox with restricted network access to do these crackme's and when I tried to run the program it always puts an error. This error is only seen in this program so far.
```
[ERROR] Failed due to error: 823L
[ERROR] Failed due to error: 356
```
Can @imeow256 please clarify why I'm getting this error
And to the imbeciles who are posting answers on the comment section, please flex your knowledge by writing a good writeup to help the forthcoming people. Your answers are not helping anyone, not even yourself because it only proves that you are unworthy showoff.
Ja4V8s28Ck on 8:39 AM 09/16/2024: after a deep dive, I realized the program downloads "Project1.DLL" from your personal repo and saves it in the `%userprofile%/Documents` and cleans it up after the program exits. Can you please add the project files inside the zip file rather than downloading via the internet in your future projects?