I suspect the obfuscator used is something called BEDS or maybe that was another false flag. I know little about deobfuscation to begin with, so probably did this wrong, but in the end got the right name/password combo. I'll try to put together something on how I cracked this and hopefully someone with real skill will post something as well. The Username is insanityLOL btw, in case you want to know if you're on the right track. |
==> |
got the good boy message "Cracked!". SHA256 of the flag is 7f150f505e5a77cd2f63e911f1f68cd290b1d909290fd7c4ee59e5d367fca400. Thank you for nice protector to defeat. |
==> |
The DES function is implemented to fail on purpose and default to the hard coded sha256 hash. That turns this crackme into a sha256 brute force challenge. The hash didn't turn up on any of the lookup pages I found. |
==> |
Xor0 - ¶12121¶7D8B5¶C3R2C¶6586F¶115FF¶ Nice one Tester009. I wonder though if the separator character will be different for different keyboard character sets. |
==> |
JustMaaarc - This isn't a C# exe so dnSpy will do you no good. x0r19x91, this is some cool stuff. I'm not so good with it yet. It is self-debugging, nanomites protection from what i can see so far. I'm still looking into it further trying to learn. Thank you for nice challenge. Is level 10 for me right now :-) |
==> |
I'm glad you guys liked it. It was a lot of fun to code. Next one will not be as straight forward ;-) |
==> |
Nice one! Is the pRNG you used a standard function? I found reference to it for some old ps1 code, haha. Anyway, some nice binary math. Working out a keygen now and will get a solution together soon. |
==> |
I agree with GautamGreat. @P45H3, that was a lot of work on your part. Thank you, because it was also a lot of fun on my part :-) |
==> |
nice HN1, you got 1. Can you solve the other 6? |
==> |
Solved. Thank you for a nice crackme. Lot of FPU stuff to learn and the way you loaded and called the functions. |
==> |
Another nice one from @nextco. I found the fl4g ;-) I don't know if i will post a full solution. I just brute forced this, but the flag message suggests maybe there is a better way. Certainly we could have just did some simple xor key brute forcing on the MessageBox string. See cryptopals set 1 challenge 6. |
==> |
I'm not spending 5 fucking days trying to bypass the captcha cause google hates tor. So, for anyone stuck on this, check out https://mindlocksite.wordpress.com/2017/08/31/mod-confuserex-to-counter-public-tools/. This should get you some pretty clean code after doing the normal ConfuserEx stuff. Also, if you are wondering about the seed for the key, dnSpy couldn't see it, but sae could. Hope that helps. |
==> |
A very nice one to get started with. I tried uploading solution, but the reCaptcha is fucking shit mate. |
==> |
c0b0ld - Make sure you don't have firefox running. For some reason it checks that as one of the running processes to fail on. Also, all your tools, like IDA and such should be closed. |
==> |
That's a lot of anti debug and anti VM :-) Nice challenge though having to learn about those things. Was good for me to solve. Thanks! |
==> |
while not cryptographically secure, and with the existence of known collisions with the hash used (MurmurHash2), this still feels like nothing more than an exercise in brute force. |
==> |
u 1337 hacker u cracked me :(
This was a great learning experience. I'm still not %100 sure how i finally got that modified ConfuserEx off there. I'll post my solution if i can ever pass the reCAPTCHA |
==> |