Upload:
2:41 PM 06/29/2025
Description
This is an original educational CrackMe from the AoRE (Art of Reverse Engineering) crew, crafted by InDuLgEo.
Inside you'll find:
Protection:
- Custom name/serial validation logic
- Hidden backdoor command
- Packed binary (Very Easy!)
- Light code and string obfuscation
Objectives:
- Find a valid Name + Serial combination
- Discover the secret backdoor trigger
Good luck reverser — show us your skills!
You must be logged in to post a comment
hmx78912 on 6:56 PM 06/29/2025: def generate_serial(username):
"""Generate valid serial for given username"""
length = len(username)
calculated_value = 1337 * length
return f"AORE-{calculated_value}"
def get_bypass_code():
"""Return the bypass code"""
return "AoRE2025"
username = input("Enter username: ")
print(f"Calculated serial: {generate_serial(username)}")
print(f"Bypass code: {get_bypass_code()}")
InDuLgEo on 7:23 PM 06/29/2025: hmx78912 :- The back door is correct!
But could you provide a name and would it be correct??
InDuLgEo on 7:33 PM 06/29/2025: InDuLgEo on 06/29/2025 – Reply to hmx78912:
Good observation. Your Python logic correctly deduces the serial formula:
Serial = "AORE-" + (len(username) * 1337) ✅
And yes, the backdoor "AoRE2025" is spot on. ✅
But this is still a partial solution. A real reverse engineer confirms it works in practice.
✅ You’ve reverse engineered the logic.
❌ You haven’t proven it.
If you’re confident, pick any username — for example, "David" — and post:
The generated serial
A screenshot or confirmation that the binary accepts it
That’s when it becomes a valid solution.
🔓 I’ll be watching. Go ahead, prove it. 😎
hmx78912 on 10:00 PM 06/29/2025: Try it for yourself, then. It does work otherwise i wont be posting it :/ .
InDuLgEo on 10:30 PM 06/29/2025: --.- Reply to hmx78912:
✅ Confirmed: “David” + “AORE-6685” → success.
✅ Backdoor: “AoRE2025” → unlocked.
Great reverse, hmx78912! Thanks for playing.
hmx78912 on 10:48 PM 06/29/2025: Thank you, it was really easy, maybe a "1" difficulty .
kalillisboa on 9:58 PM 07/02/2025: I'm at the beginning of my reverse engineering studies, and this was a real challenge for me. When I received the message that the debugger wasn't allowed, I initially tried to find a way to solve it without using one. However, I couldn't find any alternative, since the main part of the code is loaded into memory during execution.
Eventually, I discovered the password because it appeared in a register during analysis. I then looked for the logic behind the password and found that it was: imul eax, eax, 539.
After some further analysis, I also discovered the backdoor through a register. I believe the backdoor is hardcoded, as I couldn’t find any logic for its generation.
Thank you very much for the challenge.
You must be logged in to submit a writeup