Number of crackmes:
Number of writeups:
Comments:
| Name | Author | Language | Arch | Difficulty | Quality | Platform | Date | Downloads | Writeups | Comments |
|---|---|---|---|---|---|---|---|---|---|---|
| Mr Good Life Crackme V2 | devsoft | .NET | x86 | 5.0 | 5.0 | Windows | 2023-06-12 16:01 | 26 | 0 | 5 |
| Mr Good Life Crackme | devsoft | .NET | x86 | 4.0 | 2.5 | Windows | 2023-05-31 10:36 | 22 | 0 | 11 |
| Crackme | Date | Infos |
|---|---|---|
| BadPin | 2023-07-24 14:34 | PDF File with .NET code reversion and solution, provided with the help of the author. |
| timotei crackme#8 | 2023-06-27 10:19 | PDF file with solution and links to information found. |
| Br34k_M3 if you can... | 2023-06-21 16:24 | PDF File with 2 different techniques to fetch the current password |
| CrackItLOL | 2023-06-20 16:35 | PDF file with full trace to source code. |
| Br34k_M3 1337 | 2023-06-16 16:08 | PDF file with solution in how to trace correctly the key |
| ZittoKeygenme | 2023-06-16 14:29 | PDF file with solution to unpack manually, and analyze in order to create Keygen. Keygen code included |
| MitoVM Test (DeVirtualizeMe) | 2023-06-15 16:20 | Solution with PDF file and logs from my trace with the IL code of some methods that ware virtualized, and all the executions with their respective parameters and response. |
| Crack Me | 2023-06-14 13:37 | PDF file with solution with manual edit of values during runtime |
| cryptome_.net_1 by subminking | 2023-06-14 10:40 | PDF file with very details explanation in how to unpack/crack it without patching or even rename the method's to respect the checksum policy. |
| ShAPK1 | 2023-06-13 15:10 | PDF file with reversion explained, and method of patching SMALI code. |
| crackmekeygenme by theunknownprogrammer | 2023-06-12 10:46 | PDF file with solution in how to create Keygen. Keygen included as image. |
| Xrace-Crackme-#1 | 2023-06-09 16:31 | PDF file with 4 different solutions, none involving patching. 2 of them via Unpack, and 2 of them by password sniffing |
| VirtualGuard Keygenme | 2023-06-07 15:32 | PDF file with solution without patching |
| CrackMeNoString | 2023-06-07 14:13 | PDF file with solution and code to create a keygen |
| [Fixed] CrackMe like a wannacry | 2023-06-05 16:36 | PDF file with explanation in how to get valid key, and reverse the encrypted files. |
| CrackmesOneKeygenMe ByClone [#1] | 2023-05-30 14:33 | PDF file with solution without patching |
| Dll injection | 2023-05-30 13:58 | PDF file with explanation in how to bypass the system |
| CrackME v3.0 | 2023-05-29 10:38 | PDF file with 2 different solutions to obtain key, with and without patching. |
| MediumCrackme | 2023-05-24 10:50 | Simple explanation on text file on how to find one valid key on runtime. |
| Crackme | Comment | Date |
|---|---|---|
| Br34k_M3 if you can... | @rish0n this Crackme helped me to integrate my HarmonyInjector on .NET Core, thank you very much for it. I'm presenting a solution based on that. | 2023-06-21 16:23 |
| CrackItLOL | This one is way more easy than expected, I'll write my own @mlmn21 | 2023-06-20 16:20 |
| BadPin | Hum, I have done that so far for the calli Instructions. They lead to .NET managed code, and only after hours of trying to reverse the IL code of the virtualized functions I've realized that the code is unmanaged ^^. So I see him operating those 2 number's, I see the consequent toInt64 but even with manual combination no luck for me. Anyway, I'll follow your tip's and check out if I can take anything out of this. This approach is very good, Gratz on such a great job! | 2023-06-20 10:43 |
| BadPin | This is madness... Has someone any info that can help on this? | 2023-06-19 17:05 |
| Mr Good Life Crackme V2 | Hint : Steganography | 2023-06-16 16:58 |
| ZittoKeygenme | I'm presenting a full solution for this one. Thanks, @zira! :D | 2023-06-16 14:26 |
| cryptome_.net_1 by subminking | I guess you are right @s4r, I guess this needs another approach | 2023-06-12 14:05 |
| crackmekeygenme by theunknownprogrammer | PS : Link is there only in case author is "dead", it will be removed (from cloud) case accepted. | 2023-06-12 10:49 |
| crackmekeygenme by theunknownprogrammer | Posting one solution for this one, leaving here also in case the author is offline = https://drive.google.com/file/d/1_caDUFwa-G-rLHQ3-nz1jfFcndl4UsNM/view?usp=drive_link | 2023-06-12 10:45 |
| Mr Good Life Crackme | @DZghost, well I guess you are not familiarized with packers right? No pall, the packer is protecting a Bitmap library and a PNG with 6mb. And now no one needs more info to resolve this... The Packers are DOTNETREACTOR and Turbo Studio... Resolve this inside a VM in case you are afraid. Any doubt you can ask, but beware your accusations. | 2023-06-10 09:19 |
| Xrace-Crackme-#1 | There is nothing of Pascal in this PE. ^^ | 2023-06-09 11:49 |
| MitoVM Test (DeVirtualizeMe) | @mito, can this be a sort of DeVirtualization? I'm only asking because imagining there were 2 methods after the readline(), and one is called when 0 and other when not, in that case I guess I wouldn't be able to trace the not selected method... SPOILER!!! = **************************************************************** ****** System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal.Prefix() ****** # Parameter(System.String[]) = System.String[] # Instance(System.Reflection.RuntimeMethodInfo) = Void EiIjGx(System.String[]) # Instance FullDescription = static System.Void iRyVey::EiIjGx(System.String[] 5OUUUj) # Instance MetadataToken = 100663300 # Instance IsAssembly = False **************************************************************** ****** System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal.Prefix() ****** # Parameter(System.String) = MitoVM 2.0 Devirtme! # Instance(System.Reflection.RuntimeMethodInfo) = Void set_Title(System.String) # Instance FullDescription = static System.Void System.Console::set_Title(System.String value) # Instance MetadataToken = 100666194 # Instance IsAssembly = False **************************************************************** ****** System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal.Postfix() ****** **************************************************************** ****** System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal.Prefix() ****** # Parameter(System.Int32) = 13 # Instance(System.Reflection.RuntimeMethodInfo) = Void set_ForegroundColor(System.ConsoleColor) # Instance FullDescription = static System.Void System.Console::set_ForegroundColor(System.ConsoleColor value) # Instance MetadataToken = 100666160 # Instance IsAssembly = False **************************************************************** ****** System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal.Postfix() ****** **************************************************************** ****** System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal.Prefix() ****** # Parameter(System.String) = math object initialized # Instance(System.Reflection.RuntimeMethodInfo) = Void WriteLine(System.String) # Instance FullDescription = static System.Void System.Console::WriteLine(System.String value) # Instance MetadataToken = 100666233 # Instance IsAssembly = False **************************************************************** | 2023-06-07 16:59 |
| VirtualGuard Keygenme | Still can't patch this. Anyway, patching is never the best way. I'm posting a solution without patching or even a debugger! | 2023-06-07 14:51 |
| CrackMeNoString | Although @OnlyPrinzP has given all the game, I'm going to put a full solution on this. But @Crackingiskindscoolerthemcoding, my advice is that you code way more than what you crack or someday, you'll be looking at a unicorn ^^. | 2023-06-07 13:44 |
| Mr Good Life Crackme | @NANOBOT, that mail is gone, i'l leave discord Discord = leonardo0011 | 2023-06-06 16:44 |
| Native AOT CrackMe | Has someone been able to find a valid key? So far only resolved via Patching, and even that was hard... | 2023-06-05 17:01 |
| [Fixed] CrackMe like a wannacry | Posting one solution, again, thanks for the fun @thebovl! :D | 2023-06-05 16:36 |
| Mr Good Life Crackme | I've been investigating the 404 issue. It seems dropbox marked my file as insecure. The new one has a VirtualFileSystem Layer to evade common systems. If anyone else has a problem running this one until it asks for a key, just mention. | 2023-06-05 15:37 |
| Mr Good Life Crackme | I hate to do this, but since it's the only way = aHR0cHM6Ly90aW55dXJsLmNvbS9NUkdPT0RMSUZF Again, the data is just too much to compress, and all of that data is needed. | 2023-06-05 13:33 |
| Mr Good Life Crackme | Nop not weird at all, friend. The new exe that it's getting flag is compressed to the max, still is too big to be hosted here. The second exe you see, it's protected and the injector of .NET is getting flagged. It's gets without saying that you should open an exception. Extract the .NET managed code and once you extract the data you'll realize how to solve it. | 2023-06-04 13:12 |
| Dll injection | Posting a new solution without patching ^^, this is half you want, since it's based on a weakness. | 2023-06-01 16:57 |
| Dll injection | @thebovl No judgment at all! I'm no big expert myself! I just like breaking stuff ^^. I tried, but the task itself is going to be hard as hell. Somewhere in the sea of RAM, there must be a pointer to the offset, but the "seeker's" I Know they depend on multiple scans. Which is instantly killed due this dynamic key system. Although I know when the value will be at ebp-14C, I can't pause the PID execution to extract it :\. But I'm eager for someone else to post a solution involving either a pointer scan, or an offset extraction. But since I'm thinking while typing, I did realize all strings have a fixed LEN of 16. This constant might be a weakness, but only time will tell. Anyway, this is a complex system with multiple usages and it's always nice to check out, where and how is it being used. | 2023-06-01 16:32 |
| Mr Good Life Crackme | You can send an email to = geren93888@ratedane.com with your questions, although I hope they'r related to this. | 2023-06-01 14:28 |
| CrackmesOneKeygenMe ByClone [#1] | In that case, Sol about to be uploaded without patch. | 2023-05-30 14:15 |
| Dll injection | I'll apply for a solution that involves patching. But since it will be refused, I will never see it, because your examples just ask to don't get resolved :\ | 2023-05-30 11:46 |
| Dll injection | @thebovl the question is only one. Is it acceptable to cheat the value? Since you defined the no patching rule :\ | 2023-05-30 10:53 |
| Resillient | Stage One : from pytransform import pyarmor_runtime pyarmor_runtime() __pyarmor__(__name__, __file__, b'PYARMOR\x00\x00\x03\x08\x00U\r\r\n\x04\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00@\x00\x00\x00\xfe\x02\x00\x00\x00\x00\x00\x18\xdat\xffn\x1a\xaa\x94\xf0\xdf\x96\x8a7\x1d\x15\xa8\x9e\x00\x00\x00\x00\x00\x00\x00\x00L\x03C\x15\\A\xbe\x84\xd5\xa0\xb3O\xb5\x18\n\xc9\x01wG\xd5\xfc\xd5\x84,Y\xd5\xef8\xfe@\x83*$\x91\xe2\x86\xc5\x0b\x98 \xfc\xd35M\xa0M\xf7Y\x11"-J\x00\xf8\r\xea\x0e2\xa8\xb5i\x94\xc1G\x06\xedry`\xd8\xea5H\xcd\xba\xcd}\xd2\x1d\x010{\x84\xe4\x17\xd6\xber\xd4\x8da\xf5p\x1e\xec\xca\xd3\x80\xbb\xa1y\xf0\xf3\xad~A\xd9D\x06_U\xad\x8d\t\x14_\x97QNb#\xf9`1\x7f\xaf\xf8\xab3\xf0=\x9f\x01\xf4O\x15\x92\xf4\xe4!\xce\xfa\x1fR\x87\xca&\xf5\xd9*\xce(\x03\\v^\x02\xd5\xa8\xdc\x07\xd8\xf0\xb15\xe3]6\xc0\x83\xc3\xf7uk \\jF}\xbb\x06eqTQTR\x96\xf2n;\xb2\xba\\p\xce\x96\n\xea\x87~F7I\xf1\xec\xc2\xb9\xb6\xf1\xe7\xd5-\x05`\x04\x8a;\x9e\x12\xfd\xb5ei\x0c\xf6\xf2\xeax\x12\xa76-/Z2\xe3\xe5\xf1\xfa', 2) | 2023-05-29 15:05 |
| Dll injection | @thebovl, which one? :) The loader is not managed code, and I guess is c++ with a common RunPE, running a .NET payload. So the solution without a patch might only pass by cheating it... :\ | 2023-05-29 10:41 |
| CrackME v3.0 | I'm going to write a solution for this Crackme with and without debugger, if it gets approved, it may answer your doubts with some luck. | 2023-05-29 10:06 |
| CrackmesOneKeygenMe ByClone [#1] | Is patching valid for this scenario? The encryption is rather easy, but this List of classes Algo is something... | 2023-05-25 13:38 |
| easy crackme. | This kind of software virtualize its own actions. So the code inside DnSpy wont be "User Code", but the Algo(Engine) running the instructions that reside inside it. | 2023-05-24 10:27 |
| Dll injection | [ebp-14C] will always contain the valid key for the instance | 2023-05-23 16:25 |
| CrackME v3.0 | SPOILER AHEAD! # ****************************** # Method = System.Text.Encoding.GetString # BytesIn = "SHN3UEdCTV5yc0VzKlB2UHVuJkQ5RWx5YVpVeHQ4bmprMkloJHIlRF5QM2NzRzF5VUg=" # Result = "HswPGBM^rsEs*PvPun&D9ElyaZUxt8njk2Ih$r%D^P3csG1yUH" # ****************************** # ****************************** # Method = System.Text.Encoding.GetString # BytesIn = "QWN0aXZlIERvbmUh" # Result = "Active Done!" # ****************************** # ****************************** # Method = System.Text.Encoding.GetString # BytesIn = "RG9uZQ==" # Result = "Done" # ****************************** # ****************************** # Method = System.Text.Encoding.GetString # BytesIn = "QWN0aXZlIGZhbHNlIQ==" # Result = "Active false!" # ****************************** # ****************************** # Method = System.Text.Encoding.GetString # BytesIn = "IQ==" # Result = "!" # ****************************** | 2023-05-23 16:07 |
| MediumCrackme | Iv made a nab video, Dk if it fits, anw here to explain myself | 2023-05-23 14:30 |
| MediumCrackme | PS: Its OEM based, caught 1 Key for my hown. In that case, i found my Key with an Hook via Harmony = https://postimg.cc/CZPnVrBh | 2023-05-11 16:03 |
| MediumCrackme | Key is = 09imUwTTE0uFC1DBVKYB+m5D3REGoerkkYun7dt6xdB844hVj91BRJ5qDeuDsMhc This was funny, and hard! Thank you very mutch :) | 2023-05-11 16:00 |
| MediumCrackme | lets go all agaain.. ^^ | 2023-05-11 14:21 |
| easy crackme. | Pass is = 1488_xach. Done with harmony | 2023-05-08 18:04 |
| The New Ultimate CrackMe | This one is not hard. After a bit of fight, you will find the Zeus Anti-Debug Dll. Its a kind of easy PE to patch. Disable the bloody dam thing. Patch the code again so you can use any Tech. This step is not necessary but it releases the "Kraken". Using the same methods, now you can peek up the new ctor values. Breakpoint there and sniff the pass = https://i.postimg.cc/zf353QP3/Screenshot-3.png | 2023-04-21 10:54 |
| VirtualGuard Keygenme | Same... Cant patch this one, only bypass via dbg. If someone knows how to make a valid patch... Thanks for the Crackme! | 2023-03-22 15:23 |
| Br34k_M3 1337 | This one is something... Reversing this kind of app, is a pain. Sniffing is easier. Just put a breakpoint on the System.Reflection.Invoke() Method. Since all methods are Invoked in a dynamic way, analyze all instructions, until you find John Wick! Thanks for this crackme pall! | 2023-03-22 11:33 |
| Level: Hard | The code needs a patch to apply the logic. Since it's using the text from the Btn01, you can change the getText() call from the Btn01 object to the Textbox01. All in IL code. After that the sniffed pass will work! Thanks for the Crackme. | 2023-03-21 23:35 |
| Crack me | Deluxe, can you type some hint, so I can make some Char exclusions on the bruteforce Algo? Thanks for all! | 2023-03-16 12:49 |