RodrigoTeixeira's Non-cryptographically secure hash (my first crackme!)

Author:
RodrigoTeixeira

Language:
C/C++

Upload:
2025-08-17 16:46

Download

Platform:
Windows

Difficulty:
2.0

Quality:
4.0

Arch:
x86-64

Downloads:
41

Size:
17.63 KB

Writeups:
1

Comments:
11

Description

This is my first crackme (yeah!) When you execute the crackme.exe, it reads a line from stdin, hashes it, and compares the hash to a hardcoded hash. If the hashes are the same, it prints the string "Access granted!". You can consider you cracked the crackme if you get "Access granted!" to appear on the terminal, by any means other than modifying the executable in anyway. Both the .c and .s files correctly represent the containts of the .exe file. Good look.

Comments (11)
Writeups (1)

You must be logged in to post a comment

karabatik on 2025-08-17 18:15: This was a nice little challenge. I analyzed the binary with Ghidra and found that the auth() function compares the hash result with 0x4262d2e9. Instead of trying to reverse the hash algorithm (which would be quite tedious with the modified djb2), I decided to patch the comparison directly. I located the CMP EAX,0x4262d2e9 instruction at the binary level and replaced it with CMP EAX,EAX followed by NOPs. This way, the comparison always results in true, and the program grants access regardless of the input. The hash function itself was interesting - starting with 0xA5A5A5A5 and using ret = (ret

karabatik on 2025-08-17 18:16: ret = (ret

nightxyz on 2025-08-18 11:59: [Click to reveal]

RodrigoTeixeira on 2025-08-18 14:57: Guys, I'll make it clear that the intended method to solve the crackme is not brute force! Please instead try to find the vulnerability in the code instead involving a buffer overflow.

RodrigoTeixeira on 2025-08-18 15:03: [Click to reveal]

deathrow on 2025-08-18 16:15: Is the difficulty set on 2.0 because of buffer overflow problem?

nightxyz on 2025-08-18 18:17: You didn't mention in the title that you don't accept brute force. There are many crackme authors who hashed the password with sha256 and asked us to find the password. I didn't even think about buffer overflow in your crackme program. I saw that it was performing some mathematical operations, and I automated it. The fact that the password can only be found using numbers is a weakness of the program. The program also provided other passwords besides the one I provided, but I only wrote one.

Elvis on 2025-08-21 02:50: Yep I think bruteforce is fine

trendcrusher on 2025-09-05 15:15: c{oOwc

stardevreal on 2025-09-29 17:48: Really easy. Used ida pro and in the main function, i replaced the ```jz short loc_4014F4``` with ```call _grant_access```

RodrigoTeixeira on 2025-12-12 16:55: @stardevreal patching (that is, changing the code/the executable) is not allowed on crackmes unless explicitly stated. That is literally in the website FAQ.

Show all spoilers

You must be logged in to submit a writeup

Solution by RodrigoTeixeira on 2025-08-18 00:14:
This is both the creator's solutions.

Download

crackmes.one

crackmes.one

RodrigoTeixeira's Non-cryptographically secure hash (my first crackme!)