luckybalabala on 2026-03-18 09:48:
[Click to reveal]The combination of ROR29, XOR, and non-linear ((eax ^ 0x12345678) >> 2) operation makes target 0x6F3A9B21
unreachable. This path could be restored by converting the JE instruction at offset 0x7d1 to an unconditional JMP
ZerglZero on 2026-03-19 23:28:
I don't know about you but Microsoft Defender thinks there's some shady crap going on. "Detected: Trojan:Win32/Cloxer"
whekkees on 2026-03-20 12:55:
ZerglZero give ur discord
Beta9541 on 2026-03-21 18:08:
[Click to reveal]After reversing the algorithm in Ghidra, I confirmed this crackme has no valid solution.
The issue comes from instruction 04 which does: rax_6 += (rax_6 ^ 0x12345678) >> 2
This operation is non-linear and cannot be reversed, making the target value 0x6F3A9B21 unreachable regardless of the password entered.