| Sneaky, really fun!
Password: BXXGYYYBGIBXX |
==> |
| Nice. Quite easy. You have to write in whatever at the first try. Then there is a check for the length of the password. Then comes the memcmp.
Password: djejie |
==> |
| Best one I tried yet. Ghidra + x32dbg works like a charm!
Password is: w0n1t4, but only the first character is compared. |
==> |
| This is not "Very Easy". However, very fun one.
The users and the encrypted passwords are quite obvious how to get. But I had trouble finding where and how encryption/decryption was done. I checked the youtube video above, but honestly, that didn't really explain much.
I was only using x32dbg at first but I installed Ghidra later which helped a lot. I found a place where it compares the lengths of the input password and of the decrypted password. If you have the same length, then it came to a memcmp call comparing the passwords. That was enough to convince me that I understood how to solve this. |
==> |
| Extremely easy! |
==> |
| My second crack me. Easy. It was nice to learn how to use the debug file (even though it wasn't needed).
Password: LiL2281337 |
==> |
| The first crack me that I tried, really fun! I had trouble keeping all jumps in my head so I rewrote the jump parts in C.
One of many passwords: VVVz2zz222 |
==> |