papasuffix on 8:10 AM 05/18/2025: 1. patch .text+0x2115 (jnz .text+0x2110) to jmp .text+0x25CC,
this is to bypass his debugger protections
2. nop out .text+0x27E4 (jnz .text+0x28C4),
he does a comparison and if it fails (jnz/jump not equal) it will jump to 0x28C4 which is his fail routine.
3. patch .text+0x27ED (jz .text+0x2804) to jmp .text+0x2804,
this changes his conditional jump (jz/jump equal) to an unconditional jump meaning any input takes you to his success routine (message box "Access Granted")
xHector on 9:48 AM 05/19/2025: It was hilarious! I wasn't expecting to see that :D!
Danko on 12:47 PM 05/29/2025: This is not easy. Virtual machine protect, anti ScyllaHide. CrackMe not running on VM.
You must be logged in to submit a writeup
Write a comment
Share how awesome the crack me was or where you struggle to finish it! Stay polite and do not spoil the solution/flag!
Rate the difficulty
How would you rate the difficulty of this crackme ?