Profile

crackmes.one

Ben_Lolo's profile

Number of crackmes:

4

Number of writeups:

3

Comments:

7

Crackmes
Writeups
Comments

Crackmes

Name	Author	Language	Arch	Difficulty	Quality	Platform	Date	Downloads	Writeups	Comments
Binary Analyzer	Ben_Lolo	Unspecified/other	x86-64	4.0	4.0	Unix/linux etc.	2025-12-24 21:15	46	0	0
Belle	Ben_Lolo	Rust	x86-64	4.0	5.0	Windows	2025-11-11 12:59	9	0	0
WeeperVM -- Level 2	Ben_Lolo	C/C++	x86-64	5.6	6.0	Unix/linux etc.	2025-04-22 20:06	8	1	4
WeeperVM -- Level 1	Ben_Lolo	C/C++	x86-64	5.0	5.5	Unix/linux etc.	2025-04-12 01:11	9	2	3

Comments

Crackme	Comment	Date
WeeperVM -- Level 2	The correct answer will print a positive message; the answer provided by trendcrusher is incorrect.	2025-09-08 17:32
FormatVuln	A great introduction to format string vulnerabilities!	2025-02-13 15:37
Fatmike's Crackme #4	I feel like I'm so close to writing a keygen. All that's left now is some nitty-gritty reverse engineering to figure out how the name/serial pair is checked. I've been able to "unpack" it in the sense that I can debug the code after it's been unpacked and that I can extract the memory that contains the unpacked code. I think that's as far as I'll take the unpacking, since the method used seems like a royal pain to write an unpacker or loader for. MAJOR SPOILERS: So far I've found these things: - The name must be 4-8 alphanumeric characters. - The serial is 8 hexadecimal characters. - The conditional jump at +0x12F2 in the unpacked section is what chooses the "good" or "bad" sound. Now I need to figure out how the calls at +0x1B5B and +0x1B69 determine the input as correct. I've found calls to memcpy and memcmp that seem interesting, but we'll see.	2023-06-23 00:48
Fatmike's Crackme #4	I love to see a crackme that's as polished as this. MINOR SPOILERS: I'm taking this slowly as a learning experience on how to handle more difficult crackmes. I've followed the control flow up to the function at 0x404C00 and I have a feeling I know where it's going with the debugging and unpacking. If I'm correct and it's not a red herring, then it's a very interesting technique that I've not considered before now. Also challenging!	2023-06-09 02:41
timotei crackme#7	Another very enjoyable crackme from timotei_! Thanks!	2023-06-06 02:41
Crackme Speedrun	@Piggy63 Thank you for the extremely detailed walkthrough! Ghidra doesn't seem to decompile the functions quite as well as Hex-Rays does (I opted to use Ghidra because it's free). It's too bad someone spoiled the answer outright in the comments, because I would have liked to been able to figure it out with the functions you gave	2021-08-20 22:08
Crackme Speedrun	For only being a 1.0 difficulty, I am absolutely stumped! Somewhat spoiler-y comment... I found a function call just before strcmp(input, "qwerty"). In that function there is a second function being called multiple times. No matter what I enter, the values passed to that function second are always the same, resulting in the "bad" message being printed. I can only get a "good" message with patching. Any tips on finding the right password?	2021-08-18 22:14