| CrackMe Hard 3 |
@liboxin i got the same result. Solved with unicorn easily, so im assuming he did something similar. upload more of them
|
2026-05-29 13:20 |
| karity-crackme-A |
fun crackme, karity{]Ys,$Dst-eqYi=09.lEi5}. "a121b886
a121b886
input: karity{]Ys,$Dst-eqYi=09.lEi5}
good!" |
2026-05-23 07:47 |
| [FIXED] Observer's Paradox |
@SmallXGen hi, i probably could solve it however from the description it sounds like its anti vm stuff on top of it, and that influences the answer/makes it more difficult, i work in a VM so i wont attempt anti vm programs considering all the work required already, too contrived for my tastes. |
2026-05-22 23:24 |
| crackme[hard]_v2 |
this is unsolvable, that's why its called rage. posted an unsolvable crackme. lifting the vm doesn't matter, Confirmed with data: **all 56 key positions** independently change the output full SHA-256 diffusion, no shortcut.
So, unles im missing something obvious such as an external hint, leaked key constraint, side channel, or embedded target I missed. (doubt it, considering someone said the same in your LAST crackme that it was mathematicaly impossible, so there's a pattern of you doing this)
Recovering the flag by reversing the derivation is a SHA-256 preimage — computationally infeasible. This isn't a lifting/tooling limitation; it's cryptographic. Here's the exact situation, all validated against the live binary:
- `flag = HKDF_expand( SHA256("FRZ7/KDF/v1" ‖ salt ‖ keybuf ‖ VMstate) )[:59] XOR const@0x140036c70`
- `keybuf` = 56 freely-chosen Crockford-Base32 symbols (length forced to 64), seed = 0.
- Every one of the 56 symbols fully diffuses into the output.
- The binary contains **no stored key, no plaintext password, and no verifier** that compares a computed value to a target — I searched. The only "check" is the cosmetic `FRZ{…}`/printable test on the *already-derived* output, which just picks `result:` vs `result(hex):`. It never gates or reveals the key.
What that means concretely: the VM, the parser, the 12 S-box tables — all faithfully lifted and emulated give a perfect forward oracle, but the author's flag only falls out for their specific secret key, and that key is protected by SHA-256. No amount of reversing inverts SHA-256, and 32^56 ≈ 2^280 is unbruteable.
So this is a "RAGE" crackme in the literal sense the obfuscation/VM/decoys are a long road that dead ends at a cryptographic one-way function. By design, it's not crackable by reversing.
|
2026-05-19 22:32 |
| [FIXED] Observer's Paradox |
since i was already here, i cracked and made keygen easily. main.exe M3wP4r4d
[*] System Initialized. Entering the Labyrinth...
[+] Access Granted! The Observer was pleased.
[+] Congratulations, you solved the challenge! |
2026-05-18 10:48 |
| [FIXED] Observer's Paradox |
haha youre right i did, wrong one |
2026-05-18 10:12 |
| [FIXED] Observer's Paradox |
fun crackme, fairly simple, i look forward to seeing another one.The serial/password is name-dependent:
serial = name[2:-2]
mine is So a verified working pair is:
Name: ABCDEFGHIJ
Serial: CDEFGH
please make another one with a more complex vm, the 13 bit one is enough to stop skids easily though :) |
2026-05-18 06:54 |