Profile

Crackme	Infos
CrakasMe

Comment	Link
I wrote the solution in writeups	==>
The correct way 47, 62, 01, 20, DD, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66	==>
In my opinion, unless proven otherwise, this is a terrible crackme because the code compares our entered password, converted to a 256-hash, with a hash-256 string that we know is irreversible. The comparison string is hash-256 = "a6954e3e82a8a6b4bc8ff3bfc3bc3116a592cf61e70e95b899574efb2f058777" Whoever finds the string that produces this 256-hash has cracked the password. A good crackme should provide some clues that allow the password to be cracked, not just a poor brute-force test that yields nothing positive.	==>
The password begins with 'Your' and ends with 'red.' If successful, the message appears:"Welcome to the real world. You'il remember you don't believe in any......" Great crackme, it made me work a bit but I really liked it.	==>
Username = adminGiusNasxieng Password = Xieng_helloxsrt but there are millions of others	==>
There are countless passwords with varying numbers of characters. Some of these passwords are: TSfdbq TSfeAq TTFDBP U3G#Aq Let #3I MF1A!tj Gjdc 5W ~~~~xVbMU I think highlighting some passwords isn't a problem for solvers tackling this crackme. Given the numerous existing passwords, the goal isn't to create the patch (which is quite simple) but to discover the method to find other passwords. A direct brute-force attack isn't immediately successful, as there are billions of combinations with six characters, and that would take an extremely long time. You need to think about the crackme routine that generates the hash from the input and then compares it with a number (visible in the x64dbg debugger). By thinking about the hash routine, you can discover that there are many overflows that allow for an equally large number of passwords. Finally, I believe there are no passwords with fewer than 6 characters. Increasing the number of characters exponentially increases the number of valid passwords. Excellent crackme by EzDiaoL	==>
LOLSHAN Username: admin Password: P@ssw0rd is just one of the countless solutions in Melon's crackme. Rather than providing a username and password, it's more important to analyze the crackme and uncover the logic that allows you to find the definitive connection between username and password (in fact, all the solutions are linked to "adminP@ssw0rd"). Thanks to Melon for sharing his crackme, which was a lot of fun.	==>

I wrote the solution in writeups

The correct way 47, 62, 01, 20, DD, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66

In my opinion, unless proven otherwise, this is a terrible crackme because the code compares our entered password, converted to a 256-hash, with a hash-256 string that we know is irreversible. The comparison string is hash-256 = "a6954e3e82a8a6b4bc8ff3bfc3bc3116a592cf61e70e95b899574efb2f058777" Whoever finds the string that produces this 256-hash has cracked the password. A good crackme should provide some clues that allow the password to be cracked, not just a poor brute-force test that yields nothing positive.

==>

The password begins with 'Your' and ends with 'red.' If successful, the message appears:"Welcome to the real world. You'il remember you don't believe in any......" Great crackme, it made me work a bit but I really liked it.

==>

Username = adminGiusNasxieng Password = Xieng_helloxsrt but there are millions of others

==>

There are countless passwords with varying numbers of characters. Some of these passwords are: TSfdbq TSfeAq TTFDBP U3G#Aq Let #3I MF1A!tj Gjdc 5W ~~~~xVbMU I think highlighting some passwords isn't a problem for solvers tackling this crackme. Given the numerous existing passwords, the goal isn't to create the patch (which is quite simple) but to discover the method to find other passwords. A direct brute-force attack isn't immediately successful, as there are billions of combinations with six characters, and that would take an extremely long time. You need to think about the crackme routine that generates the hash from the input and then compares it with a number (visible in the x64dbg debugger). By thinking about the hash routine, you can discover that there are many overflows that allow for an equally large number of passwords. Finally, I believe there are no passwords with fewer than 6 characters. Increasing the number of characters exponentially increases the number of valid passwords. Excellent crackme by EzDiaoL

==>

LOLSHAN Username: admin Password: P@ssw0rd is just one of the countless solutions in Melon's crackme. Rather than providing a username and password, it's more important to analyze the crackme and uncover the logic that allows you to find the definitive connection between username and password (in fact, all the solutions are linked to "adminP@ssw0rd"). Thanks to Melon for sharing his crackme, which was a lot of fun.

==>

crackmes.one

crackmes.one

GiusNasxieng's profile

0

1

7

Crackmes

Latest writeups

Latest comments