| Find password |
2020-05-05 11:42 |
Here you have my static analysis with the solution made with Ghidra. |
| Small Keygenme |
2020-04-22 09:22 |
Here is my solution with static analysis using Ghidra, and the keygen with its source code. |
| Lucky Numbers |
2020-04-18 15:35 |
Here is my solution to the crackme analyzed statically with Ghidra |
| Keyg3n_M1#1 |
2020-04-10 12:26 |
Here is my solution to crackme with dynamic analysis in Ghidra, and the source code with the keygen to generate the possible passwords. |
| Easy Peasy |
2019-10-06 14:30 |
#### Ghidra
1. Load executable and Analyze.
2. Search in **Symbol Tree** left dialog the text **"main"**.
3. In **Listing** you can see at address **0040155a** the username that is: **"iwonderhowitfeelstobeatimetravel"**
4. Next, at address **0040158c** the password is revealed to us: **heyamyspaceboardisbrokencanyouhelpmefindit?**
5. In the code decompilation window you can also see clearly.
6. I think we don't need anything else. |
| VIP_access_me |
2019-10-05 14:48 |
The function that really matters to us. The one that decrypts the VIP Code. It is in the address **00401CF0**.
Just put a breakpoint at address **00401D67** and check that it is what is loaded into the **EAX** register that contains the memory address where the **VIP CODE** is.
But only works VIP Codes for user joe and monkey. |
| mexican |
2019-09-19 22:56 |
# [evilprogrammer's mexican](https://crackmes.one/crackme/5d63011533c5d46f00e2c305)
## Crackme by [b1h0](https://crackmes.one/user/b1h0)
- Used **x64dbg** debbuger.
- Once the **EntryPoint** is located, you can verify that at the address **0x00401500** a subroutine begins, which is the one shown in the *flag* text. We will call this subroutine: **sub_result_cracked**
- Then later we can find in the address **0x004013dd** a call to the address **0x0040162c** which is the subroutine that we will call **sub_compare_crackme**. We establish a breakpoint there and then continue step by step.
- Finally at address **0x00401642** we find a comparison of the value **0xC1** with the value 0xC1. The key is that the two values have to be different, and in particular the first one greater than the second, therefore we change the first 0xC1 for a greater value, or the second 0xC1 for a smaller value.
- So we change the *0xC1* value of the comparison line to a lower value. For example, **0 (zero)**
- And the flag message appears. Printed message: **flag{M3x1c4nMl4lw4r3_pl3rro}**
 |