| Level 2 |
Solution: set a breakpoint on `cmp cl, byte ptr ds:[r8+rax]` and examine the address held in `r8`. Navigate to that address in the memory dump, and you will see the following bytes: `28 3F 2C 3F 28 29 3F AB AB AB AB AB AB AB AB AB`. The `AB` bytes are junk data, but if we decrypt the sequence `2C 3F 28 29 3F`, we get the word "reverse," which consists of exactly 7 characters. To decrypt it, use the formula: `correct character = encrypted byte ^ XOR value`. In this case, the XOR value is `5A` (i.e., `xor cl, 5A`). Decrypting it yields the word "reverse." If you want to patch the program, you need to patch the character count check first, and only then the password validity check. |
2026-07-11 06:19 |
| Level 2 |
I'm a beginner, so the only thing I've managed to find out is that the password consists of 7 characters; the code also checks each character individually, so I think I'll be able to find the password now. |
2026-07-11 05:44 |
| Baby Keygen 4 |
A12X567X911 it's solution. I’m new to reverse engineering, but here’s how I did it. The code first specifies that the string must be exactly 11 characters long; otherwise, an error occurs. Moving further through the code, you can see the program retrieving the first character of the string buffer (at `ebp - 8`) and checking it: the first character must be 'A', the fourth 'X', and the eighth 'X'. The other characters can be anything. I didn't write a keygen; you can figure it out without one. |
2026-07-10 15:20 |
| Easy Rust crackme |
Hi! I’m a beginner, so please don’t judge too harshly. Basically, I decided to patch this software; I found two instructions that verify the username and password—specifically, `test al, 1`. I simply changed both instructions to jump to the address that displays the success message, thereby bypassing the login and password check. Now the program reports success even if you enter the wrong password. |
2026-07-08 13:40 |