| I like the idea that the key is the count of arguments. However, I don't like that you have to give a large amount of arguments to succeed. Basically, you have to find a number X which, when XORed with 0x3819, produces a two-byte instruction that set eax to 10. And you have to pass X-1 arguments to the program. There are multiple options, like `mov al,0xA`, `add al, 0x9`, `xor, al, 0xB`, `and al, 0xA`, there are all two-byte long instructions. However, to achieve any one of these, the target number is significantly huge.
I thought a number less than 50 would be reasonable, but there seems no such number that satisfies the requirement. |
==> |
| Using powershell:
echo "arapot928`u{0}" | .\crackme.exe |
==> |
| flagOfFirstSegment ^ flagOfSecondSegment + flagOfThirdSegment = 48879. If let any of the three be 0, get a valid licence number would be easier. BEEF-0000-0000 or 0000-BEEF-0000 or 0000-0000-BEEF will all do. |
==> |