Profile

Crackme	Infos
InDuLgEo V3-B — The DOS Intro Challenge

Comment	Link
Here is what I think, You patched the program yourself and mistakenly uploaded it in the zip. I think this way because the program your uploaded gives out `SUCCESS` message for any or no input and based on your description that is the intended solution too.	==>
Here is what happens when I click `Activate` in the program. https://ibb.co/zTtZBdkX	==>
I didn't bypass the check, I understood the flow of the program, that's when I realized the `if` conditions were wrong and the reason why I got the success message without entering a license. I just changed 2 instruction and the program works as intended.	==>
I hope that is the challenge, would you be able to fix the description so that other's don't confuse themselves.	==>
I'm pretty sure the logic of the program is wrong, the if branches are wrong or the challenge is to fix the if branches and executes correctly???	==>
Is the program supposed to show "SUCCESS! PRO VERSION ACTIVATED" when we run the program and click "Activate" without doing anything?	==>
Oh, Great!	==>
@InDuLgEo, Will the program give a feedback if we enter the wrong serial??, When I click the validate function just to see how to it works with a random name and serial, there is no feedback.	==>
A fun challenge @toasterbirb. Is there a shorter version of following ASM? --Spoiler--- ``` nop mov eax, 0x6 mov bx, 0xff xor r12d, r12d ret ```	==>
@subham, There are 2 ways to solve this 1. Giving the proper number of arguments 2. Patching So if you properly patch, it will definitely work.	==>
@Boozy, You are right the argument count is cut in half during the `cmp`, So './argc deadbeef deadbeef deadbeef deadbeef deadbeef deadbeef' will work, but my question is why is the argument halved, I dont see any line of code that explain this behavior, So did you find any reason??	==>
@InDuLgEo Thanks you so much!!!. But I don't deserve all these.	==>
@InDuLgEo, Thanks for your kind words, it's really motivating. I'm not a old schooler to be honest, I have only used DOS for playing Super Mario, So I have limited knowledge in using and debugging programs in DOS. Unpacking the .COM program was difficult as I couldn't find proper sources in debugging DOS file nor unpacking it. That's why I presented this writeup so that everyone can learn.	==>
Is this program a debug release?, because it asks for debug DLLs. If so can you please do a production release next time so that everyone can access the program without hassle.	==>
@InDuLgEo Woah ✨ Your text gave me goosebumps. I can only imagine what it must've been like to be part of those legendary days. Thanks for sharing that mindset. Seems like it's more than just history, a true inspiration. Really appreciate you taking the time to explain it. 🙏	==>
I understand, Thanks to you for making this `crackme`. By the way if you don't mind me asking, what is this `Art of Reverse Engineering (AoRE)` that you are speaking of? Is it a book, because that's the first thing that I saw when I searched about AoRE or something else?	==>
--Spoiler--Alert Keygen https://textbin.net/qpsoyhkfop	==>
As the input is prompted only after key is generated, if this challenge is about getting the key from the memory, then this becomes an easy challenge. But reversing the logic, that is a whole new story.	==>
As the code contains a big list of hardcoded values. Pastebin trimmed some of the lines of code. Here is the full version keygen. https://textbin.net/i8e03ntmxt	==>
Calm down @InDuLgEo, I can understand your frustration as the author of the challenge. Many are solving the challenge by getting the contents of the `key` during `strcmp` function and completely forgot that this is a reversing challenge. By the way I analyzed the code a little too well, thats why I came to know about the collision. And a friendly reminder is to stop prejudice and name calling people without hearing the full truth and bashing people is definitely not going to motivate them to make a challenge. I made the first post with minimal spoilers only to make your realize that I understood the logic. But you didn't seem to catch it as the author of the challenge.So, Here is the code. I hope this makes you happy as the creator of this challenge. https://pastebin.com/WU74KSUV	==>
And I also observed the the key is susceptible to collision. This collision occurs as the first 4 characters of the name and the length of the name are only things important for generating key. So as long as the first 4 characters and length of the name doesn't change the key remains the same. i.e InDu############### and InDuLgEo_CrackME_V2 yields the same hash. # can be any printable character.	==>
name = InDuLgEo_CrackME_V2 key = 89BC00027B89CA2274C1201532EE4D9BFECEE9885326BD013579F9954F42163D-OMGWTFBBQ SPOILER ALERT ---- AHEAD Some BCD based calculations are done to the given input and a hex string is obtained. Then that hex string is hashed. @InDuLgEo I really loved the challenge please do make more adventurous crackme. I hope I didn't spoil the challenge much. @InDuLgEo, If you want me to post my code here on the comments, do tell me.	==>
UPX is a program to compress(pack) exe files. This crackme is compressed (packed) using UPX (there are many more to compress and obfuscate exe files). You can identify which program is used to pack or obfuscate using "Detect It Easy" program or anyother of your choice https://upx.github.io/ (Read the documentation to know how to pack and unpack programs)	==>
after a deep dive, I realized the program downloads "Project1.DLL" from your personal repo and saves it in the `%userprofile%/Documents` and cleans it up after the program exits. Can you please add the project files inside the zip file rather than downloading via the internet in your future projects?	==>
I'm typing my doubt here because no one seemed have to noticed it yet,this program requires internet to work, I wonder why. I use a sandbox with restricted network access to do these crackme's and when I tried to run the program it always puts an error. This error is only seen in this program so far. ``` [ERROR] Failed due to error: 823L [ERROR] Failed due to error: 356 ``` Can @imeow256 please clarify why I'm getting this error And to the imbeciles who are posting answers on the comment section, please flex your knowledge by writing a good writeup to help the forthcoming people. Your answers are not helping anyone, not even yourself because it only proves that you are unworthy showoff.	==>

Here is what I think, You patched the program yourself and mistakenly uploaded it in the zip. I think this way because the program your uploaded gives out `SUCCESS` message for any or no input and based on your description that is the intended solution too.

==>

Here is what happens when I click `Activate` in the program. https://ibb.co/zTtZBdkX

==>

I didn't bypass the check, I understood the flow of the program, that's when I realized the `if` conditions were wrong and the reason why I got the success message without entering a license. I just changed 2 instruction and the program works as intended.

==>

I hope that is the challenge, would you be able to fix the description so that other's don't confuse themselves.

==>

I'm pretty sure the logic of the program is wrong, the if branches are wrong or the challenge is to fix the if branches and executes correctly???

==>

Is the program supposed to show "SUCCESS! PRO VERSION ACTIVATED" when we run the program and click "Activate" without doing anything?

==>

Oh, Great!

==>

@InDuLgEo, Will the program give a feedback if we enter the wrong serial??, When I click the validate function just to see how to it works with a random name and serial, there is no feedback.

==>

A fun challenge @toasterbirb. Is there a shorter version of following ASM? --Spoiler--- ``` nop mov eax, 0x6 mov bx, 0xff xor r12d, r12d ret ```

==>

@subham, There are 2 ways to solve this 1. Giving the proper number of arguments 2. Patching So if you properly patch, it will definitely work.

==>

@Boozy, You are right the argument count is cut in half during the `cmp`, So './argc deadbeef deadbeef deadbeef deadbeef deadbeef deadbeef' will work, but my question is why is the argument halved, I dont see any line of code that explain this behavior, So did you find any reason??

==>

@InDuLgEo Thanks you so much!!!. But I don't deserve all these.

==>

@InDuLgEo, Thanks for your kind words, it's really motivating. I'm not a old schooler to be honest, I have only used DOS for playing Super Mario, So I have limited knowledge in using and debugging programs in DOS. Unpacking the .COM program was difficult as I couldn't find proper sources in debugging DOS file nor unpacking it. That's why I presented this writeup so that everyone can learn.

==>

Is this program a debug release?, because it asks for debug DLLs. If so can you please do a production release next time so that everyone can access the program without hassle.

==>

@InDuLgEo Woah ✨ Your text gave me goosebumps. I can only imagine what it must've been like to be part of those legendary days. Thanks for sharing that mindset. Seems like it's more than just history, a true inspiration. Really appreciate you taking the time to explain it. 🙏

==>

I understand, Thanks to you for making this `crackme`. By the way if you don't mind me asking, what is this `Art of Reverse Engineering (AoRE)` that you are speaking of? Is it a book, because that's the first thing that I saw when I searched about AoRE or something else?

==>

--Spoiler--Alert Keygen https://textbin.net/qpsoyhkfop

==>

As the input is prompted only after key is generated, if this challenge is about getting the key from the memory, then this becomes an easy challenge. But reversing the logic, that is a whole new story.

==>

As the code contains a big list of hardcoded values. Pastebin trimmed some of the lines of code. Here is the full version keygen. https://textbin.net/i8e03ntmxt

==>

Calm down @InDuLgEo, I can understand your frustration as the author of the challenge. Many are solving the challenge by getting the contents of the `key` during `strcmp` function and completely forgot that this is a reversing challenge. By the way I analyzed the code a little too well, thats why I came to know about the collision. And a friendly reminder is to stop prejudice and name calling people without hearing the full truth and bashing people is definitely not going to motivate them to make a challenge. I made the first post with minimal spoilers only to make your realize that I understood the logic. But you didn't seem to catch it as the author of the challenge.So, Here is the code. I hope this makes you happy as the creator of this challenge. https://pastebin.com/WU74KSUV

==>

And I also observed the the key is susceptible to collision. This collision occurs as the first 4 characters of the name and the length of the name are only things important for generating key. So as long as the first 4 characters and length of the name doesn't change the key remains the same. i.e InDu############### and InDuLgEo_CrackME_V2 yields the same hash. # can be any printable character.

==>

name = InDuLgEo_CrackME_V2 key = 89BC00027B89CA2274C1201532EE4D9BFECEE9885326BD013579F9954F42163D-OMGWTFBBQ SPOILER ALERT ---- AHEAD Some BCD based calculations are done to the given input and a hex string is obtained. Then that hex string is hashed. @InDuLgEo I really loved the challenge please do make more adventurous crackme. I hope I didn't spoil the challenge much. @InDuLgEo, If you want me to post my code here on the comments, do tell me.

==>

UPX is a program to compress(pack) exe files. This crackme is compressed (packed) using UPX (there are many more to compress and obfuscate exe files). You can identify which program is used to pack or obfuscate using "Detect It Easy" program or anyother of your choice https://upx.github.io/ (Read the documentation to know how to pack and unpack programs)

==>

after a deep dive, I realized the program downloads "Project1.DLL" from your personal repo and saves it in the `%userprofile%/Documents` and cleans it up after the program exits. Can you please add the project files inside the zip file rather than downloading via the internet in your future projects?

==>

I'm typing my doubt here because no one seemed have to noticed it yet,this program requires internet to work, I wonder why. I use a sandbox with restricted network access to do these crackme's and when I tried to run the program it always puts an error. This error is only seen in this program so far. ``` [ERROR] Failed due to error: 823L [ERROR] Failed due to error: 356 ``` Can @imeow256 please clarify why I'm getting this error And to the imbeciles who are posting answers on the comment section, please flex your knowledge by writing a good writeup to help the forthcoming people. Your answers are not helping anyone, not even yourself because it only proves that you are unworthy showoff.

==>

crackmes.one

crackmes.one

Ja4V8s28Ck's profile

0

1

25

Crackmes

Latest writeups

Latest comments