Number of crackmes:
Number of solutions:
I used the answer provided above to prove to myself that my brute-force method is correct to find valid inputs. However, actually running the brute-force would take longer than the existence of the known universe, thanks to what I believe is an O(n^2) algorithm. Is the solution to this crackme a simple static set of points (or maybe just the single point) which fulfill the requirements regardless of the _time64(0) seed? Or is there an algorithm which can generate time-dependent answers as well, assuming one can open the keygen and crackme at the same second so the context is identical. I too would be very interested to know which algorithm or deduction method is used to identify PRNG weaknesses like this in general, it would be very helpful. Despite my failure: interesting crackme, thanks!