th3j0k3r2012 on 4:39 PM 01/22/2025: you hardcoded the key?.. so all the anti debugging in the world does nothing ..
X4A9Z-82JQK-47L6P-1N2TB
0xh3xa on 10:55 PM 01/28/2025: X4A9Z-82JQK-47L6P-1N2TB
visualearner on 4:31 AM 01/31/2025: X4A9Z-82JQK-47L6P-1N2TB
first crackme.
Badgercracker on 1:28 PM 01/31/2025: I see my errors my new one will surpass my previous ten fold
DsM.exe on 3:53 PM 01/31/2025: Sorry, im new on this site. What kind of things i have t find while reversing this ? Just reading and try to understand or i can find a sort of flag ?
Hobmor on 10:37 PM 02/08/2025: Can be solved using Strings.
iwn on 11:35 AM 02/09/2025: found no anti-debugging features
chow on 3:38 AM 02/10/2025: not bad, took 3 seconds to see hardcoded value in main routine lol. ignoring that it is pretty simple, anti debugging was minimal and easy to navigate
azraelpc on 3:19 AM 02/16/2025: It came in parts, like a Ikea Crackme:
movups xmm0, xmmword ptr [CRACKME_CODE_PLAINTEXT]; "X4A9Z-82JQK-47L6"
movups xmmword ptr [rax], xmm0
mov ecx, dword ptr [string_P1N]; "P-1N"
mov dword ptr [rax+0x10], ecx
movzx ecx, word ptr [string_2T]; "2T"
mov word ptr [rax+0x14], cx
movzx eax, byte ptr [string_B]; "B"
mov byte ptr [rdx+0x16], al
mov byte ptr [rdx+0x17], 0x0
juansacco on 1:39 PM 02/17/2025: Enter your license key: X4A9Z-82JQK-47L6P-1N2TB
License key is valid. Welcome!
asdqe13334_54893 on 1:32 PM 02/21/2025: Is there anyone to explain how we can find the key? I looked that on ida but i havent seen anything. Pls help!!
leetsp3ak on 1:18 PM 04/13/2025:
## Vulnerabilities
### 1. Hardcoded License Key (Critical)
**Location**: Lines 38-43
**CWE Reference**: CWE-798 (Use of Hard-coded Credentials)
**Severity**: Critical
**Root Cause**: The license key "X4A9-Z28-JQK-74L6-P1-T2B" is directly hardcoded into the binary, storing it byte-by-byte in memory. This makes it trivial to extract through
static analysis or simple memory inspection.
**Proof of Concept**:
```
1. Use a hex editor or disassembler to view the binary
2. Locate the string pattern matching "X4A9-Z28-JQK-74L6-P1-T2B"
3. Alternatively, run the program in a debugger, break after line 43, and examine memory at licenseKeyHardcoded
```
Example with a simple memory dump:
```c
// Extracting the key from memory
char* key = licenseKeyHardcoded;
printf("Extracted key: %s\n"); // Outputs: X4A9-Z28-JQK-74L6-P1-T2B
```