Upload:
10:33 PM 09/05/2024
Description
My first crackme! No idea if it's difficult or not, pretty classic though!
(the crackme is in french but it's just a console app asking for a password) the messageboxes are called when a debugger is detected :p
You must be logged in to post a comment
volaoenlean on 3:31 PM 09/10/2024: What is the solution? Disable the checks that appear when debugging? If so, I solved it relatively easily, good job.
Yanderome on 11:35 PM 09/11/2024: @volaoenlean you should also find the correct password.
os123 on 5:39 AM 09/14/2024: Is this the password? H;\ryY
_int2eh on 9:58 PM 09/15/2024: Managed to get the string "3Z___R3V3RU3", but something is still missing... Any light?
Tragos on 7:03 PM 09/18/2024: Can someone post a solution or help me? I have tried breaking when the memory point of the refusal message is accesses but the debugger just goes through it and I've tried both IDA and x64dbg for attaching to the new process that is created but I also got no results from that. This is the first time i've worked with threads and processes and there are no guides nor helpful info online. I know both where the main method is and where the password evaluator is, I just cannot seem to find a way to debug it
os123 on 8:31 AM 09/20/2024: I think that this is the password:
93fafffff293f693f2
the problem is i cannot be sure because the author not give some response message that approved if you correct or no.
_int2eh on 2:41 AM 09/21/2024: Finally, be able to finish the challenge. Interesting challenge!!
Nex0 on 1:42 AM 09/27/2024: thread parts quite fun but the flag is too ez to get XD
micmic35 on 12:25 PM 10/08/2024: could someone please upload a solution? captured the remote thread, saw what it mostly does but seems like I keep missing the comparison.
dev0 on 11:29 AM 10/16/2024: @micmic35 The thread subroutine/function takes the password input and XORs each byte by 0xa0. A std::stringstream is then used to convert each of those bytes to the hexadecimal integer value of that byte. The majority of the code in the function is the MSVC compiler emitting the STL template code for the std::stringstream and std::string which takes a bit to get used to.
junfer001 on 1:04 PM 10/27/2024: I got so far to figure out its using XOR. im really a noob and Chatgpt did most of the work i pasted from ghydra hahaha. But what follows after that? My logic was to try to find a hardcoded password and XOR it back with the ofset into the corect password. but i lack the knowledge to find it since debugers get flagged and program closes
You must be logged in to submit a writeup