| ASMe | ASM CrackMe |
enjoyable solve, submitted writeup if anyone is stuck ^.^ |
2026-05-10 22:48 |
| Solve this if you hate yourself |
quite the nefarious challenge.. however nothing gets between gurneyburner52 and a solve. (writeup submitted!) ^.^ |
2026-05-10 20:15 |
| Ouroboros, Genesis |
@jitgeekin i read your writeup and i think u mixed up the lcg layer with the actual serial check. the lcg is real but it is used for the bytecode/opcode construction stuff, not as the final serial formula
for seed 0xACE1337, lcg^27(seed) = 66D97264
but that does not wipe dummy_target (for me)
the one that actually clears dummy_target is 078F64A6C9A63212
which comes from powmod(2, seed, 0xffffffffffffffc5)
i tested both against dummy_target and the powmod one clears/exits, the lcg27 one prints DONE but target stays alive/not wiped
additionally ScanAndWipe seems to use NtQueryVirtualMemory/NtReadVirtualMemory/NtProtectVirtualMemory/NtWriteVirtualMemory with an already-open process handle, not CreateToolhelp32Snapshot/Process32FirstW inside ScanAndWipe itself
not trying to be a chud, you had a very nice writeup, just think the lcg is a decoy layer and the vm program underneath is the real handshake ^.^ all love and it could be system differences, lmk.
|
2026-05-09 20:56 |
| Ouroboros, Genesis |
took about 20 minutes, fun crack. submitted a writeup ^.^
||serial = powmod(2, seed, 0xffffffffffffffc5)|| basically |
2026-05-09 20:27 |
| Keygen Me |
i've posted a relatively detailed writeup on this.
i was able to derive more keys than any of the other comments i am seeing, not sure why. recommend giving it a read! |
2026-05-09 20:16 |