| I used procyon decompiler, amazed how it works flawlessly. |
5:50 PM 04/26/2024 |
==> |
| Played it on x64dbg only and enjoyed every moment. The quality of the decompilation was bad, so I dumped it. This crackme was worth solving. It certainly taught me a lot. |
9:01 PM 04/25/2024 |
==> |
| Every time I hit restart on the original binary in x64dbg, the effective address of the top of the stack changes. What am I missing? |
4:30 PM 04/24/2024 |
==> |
| Seems impossible without patching, because the algorithm includes some checks based on the effective address of a value on the stack. This means it changes every time. I hope I am wrong because it will teach me a lot. |
5:25 PM 04/23/2024 |
==> |
| Time Wasted Debugging: ~08:07:00
Learned a lot from it. It was a shame I didn't know how to unpack UPX manually before (took several hours on its own, now its a matter of seconds). I hope someone writes a comprehensive solution for it because I would like to learn how to bypass its Anti-Decompilation technique. |
11:41 AM 04/23/2024 |
==> |
| Seeing “asdasd” being translated into “qfnqfn” was the eureka for me. |
7:19 PM 04/21/2024 |
==> |
| Reversed the algorithm. But I don't have a clue how to write a keygen for it. |
11:57 PM 04/20/2024 |
==> |
| I really enjoyed it. Analyzing both statically and dynamically in parallel helped a lot. |
11:56 PM 04/20/2024 |
==> |
| Another one from me: https://pastebin.com/uVGR2P1b
The program can also be patched to serve as THE keygen. Just find this sequence of bytes "83C418B88B20400050" with a hex editor program and replace the last byte 50 (push eax) with 90 (nop). RE the program yourself as to why this works. |
11:53 PM 04/20/2024 |
==> |