Is this program a debug release?, because it asks for debug DLLs. If so can you please do a production release next time so that everyone can access the program without hassle. |
==> |
@InDuLgEo Woah ✨ Your text gave me goosebumps.
I can only imagine what it must've been like to be part of those legendary days.
Thanks for sharing that mindset. Seems like it's more than just history, a true inspiration.
Really appreciate you taking the time to explain it. 🙏 |
==> |
I understand, Thanks to you for making this `crackme`. By the way if you don't mind me asking, what is this `Art of Reverse Engineering (AoRE)` that you are speaking of? Is it a book, because that's the first thing that I saw when I searched about AoRE or something else? |
==> |
--Spoiler--Alert
Keygen
https://textbin.net/qpsoyhkfop |
==> |
As the input is prompted only after key is generated, if this challenge is about getting the key from the memory, then this becomes an easy challenge. But reversing the logic, that is a whole new story. |
==> |
As the code contains a big list of hardcoded values. Pastebin trimmed some of the lines of code. Here is the full version keygen.
https://textbin.net/i8e03ntmxt |
==> |
Calm down @InDuLgEo, I can understand your frustration as the author of the challenge. Many are solving the challenge by getting the contents of the `key` during `strcmp` function and completely forgot that this is a reversing challenge. By the way I analyzed the code a little too well, thats why I came to know about the collision. And a friendly reminder is to stop prejudice and name calling people without hearing the full truth and bashing people is definitely not going to motivate them to make a challenge.
I made the first post with minimal spoilers only to make your realize that I understood the logic. But you didn't seem to catch it as the author of the challenge.So, Here is the code. I hope this makes you happy as the creator of this challenge.
https://pastebin.com/WU74KSUV |
==> |
And I also observed the the key is susceptible to collision. This collision occurs as the first 4 characters of the name and the length of the name are only things important for generating key. So as long as the first 4 characters and length of the name doesn't change the key remains the same.
i.e
InDu############### and InDuLgEo_CrackME_V2 yields the same hash. # can be any printable character. |
==> |
name = InDuLgEo_CrackME_V2
key = 89BC00027B89CA2274C1201532EE4D9BFECEE9885326BD013579F9954F42163D-OMGWTFBBQ
SPOILER ALERT ---- AHEAD
Some BCD based calculations are done to the given input and a hex string is obtained. Then that hex string is hashed. @InDuLgEo I really loved the challenge please do make more adventurous crackme. I hope I didn't spoil the challenge much.
@InDuLgEo, If you want me to post my code here on the comments, do tell me. |
==> |
UPX is a program to compress(pack) exe files. This crackme is compressed (packed) using UPX (there are many more to compress and obfuscate exe files). You can identify which program is used to pack or obfuscate using "Detect It Easy" program or anyother of your choice
https://upx.github.io/ (Read the documentation to know how to pack and unpack programs) |
==> |
after a deep dive, I realized the program downloads "Project1.DLL" from your personal repo and saves it in the `%userprofile%/Documents` and cleans it up after the program exits. Can you please add the project files inside the zip file rather than downloading via the internet in your future projects? |
==> |
I'm typing my doubt here because no one seemed have to noticed it yet,this program requires internet to work, I wonder why. I use a sandbox with restricted network access to do these crackme's and when I tried to run the program it always puts an error. This error is only seen in this program so far.
```
[ERROR] Failed due to error: 823L
[ERROR] Failed due to error: 356
```
Can @imeow256 please clarify why I'm getting this error
And to the imbeciles who are posting answers on the comment section, please flex your knowledge by writing a good writeup to help the forthcoming people. Your answers are not helping anyone, not even yourself because it only proves that you are unworthy showoff. |
==> |