| CrackMe with password |
It's hard in that I haven't figured out how the rest of your validation code works. However, if you look at the PE file in a disassembler the instructions mov dword ptr ss:[rsp+40], 746F6F72 ... etc are a little too obvious since 74, 6F, 72 etc are charcodes in hex. In fact, I'm quite new to RE and have never tried reversing executables with custom VMs and would love to know how it works! |
2026-01-27 14:03 |
| CrackMe with password |
rootaccess1337
I can find it in the stack (follow rsp+rax+40 in dump at 1400014C4!) |
2026-01-27 12:34 |
| TooManyChecks |
Flag(ByO@$$_a_B0$$) |
2026-01-26 12:46 |
| Keygen Me |
SSZFV-9SCML-6E7J3-WT9R8-X9JB worked for me. Function FUN_14000BB10 in Ghidra suggests that the serial is has 28 (0x1C) characters, of the form XXXXX-XXXXX-XXXXX-XXXXX-XXXX, and X must be A-Z excluding I and O or 2-9. I am not sure how the serial is generated but it is argument passed to memcmp (pointer in the RDX register). |
2026-01-08 09:30 |
| Hide n Seek |
Hey @Elvis can I DM you on Discord (or Reddit)? |
2026-01-06 15:59 |
| Hide n Seek |
Will the correct password cause flag.exe to be launched or is that a red herring? |
2025-12-29 07:31 |