| That was a cool Crackme.
I have a question: what reverse software do you guys use?
I used Ghidra, but it seems people decompile the binaries manually somehow.
Anyway, I solved it and here is explanation how (read the text below if you have no concept how to solve the task):
When you run the program, it gets path of it's location (in my case, it was /home/johnnysins/Downloads/), next it changes all the "/" into "$" and changes the letters into letters that go 30 (or as it was written in the code - 0x1e) bits earlier (according to ASCII table).
When you enter the password, it just compares it to the modified path.
So, the passwords $, $JQ, $JQOG, etc. are valid.
Here is the decompiled source code - https://pastebin.com/NAEXAi8S =) |
==> |
| What reverse software do y'all use? |
==> |