PL45M4 on 4:16 AM 10/08/2025: Did you mean to upload a debug build?
ultrazvukoff on 12:47 PM 10/12/2025: 000000014001A0CB | 74 74 | je ezcrackme.14001A141 | patch login
000000014001A18E | 0F84 81000000 | je ezcrackme.14001A215 | patch password
Enter your name: 123123
Enter the password: 123
Access granted. Welcome, 123123!
madzohan.ytb on 12:49 PM 10/15/2025: Steps I've done:
- open downloaded binary in Ghidra debugger.
- search "User_not_recognized." All fields
- pressed Ctrl+E (show decompliler) and analyzed FUN_140019fa0
- noticed two if/else for user/password ... thats where patches should be applied
Full solution here:
https://gist.github.com/madzohan/e2ded5e8c912782df21dbe8bc3dba287
You must be logged in to submit a writeup
Solution by madzohan.ytb: 2x replace JZ with JMP
Steps I've done:
1) open downloaded binary in Ghidra debugger.
2) search "User_not_recognized." All fields
3) pressed Ctrl+E (show decompliler) and analyzed FUN_140019fa0
4) noticed two if/else for user/password ... thats where patches should be applied
user bypass
replace CTRL+SHIFT+G (Patch intstruction)
14001a0cb 74 74 JZ LAB_14001a141
with
14001a0cb eb 74 JMP LAB_14001a141
password bypass
replace CTRL+SHIFT+G (Patch intstruction)
14001a18e 0f 84 81 JZ LAB_14001a215
00 00 00
with
14001a18e 48 e9 81 JMP LAB_14001a215
00 00 00
Done
Export modified exe and run =)
gist version here https://gist.github.com/madzohan/e2ded5e8c912782df21dbe8bc3dba287
Solution by Cyberseal: Was fun to solve this one! took me 3hours Download: https://github.com/SellMeFish/vprwv-s-Random-user-and-pw-protected-console-app-crackme