Number of crackmes:
Number of solutions:
Comments:
Name | Author | Language | Arch | Difficulty | Quality | Platform | Date | Solution | Comments |
---|
Crackme | Infos |
---|
Comment | Link |
---|---|
I solved it, but it is requested to write keygen. | ==> |
Password : UZZZ Password can be multiple value, so there is no one password. | ==> |
@nopx64 You've probably either made a runtime debugging or made a patch to get that message. Patching is not allowed unless otherwise specified, You need to find the real password. | ==> |
----- spoiler ------- yallGayAsf ----- spoiler ------- | ==> |
Solved. -----Spoiler------ Starts with "x" character. -----Spoiler------ | ==> |
@cnathansmith As you said, there is no input even with commandline or argv ,argc etc.. | ==> |
@cnathansmith Yes, it is burried inside binary and i think it doesn't execute it. I examined the code and several function calls adds numbers like sub_691170. i manually changed EIP to .text.00691614 marking with Ctrl-N key on IDA Pro after sub_6915D0 executed. Then pressing F8 key displayed the Flag. .text:00691614 call sub_691170 .text:00691619 lea eax, [esp+28h+flOldProtect] .text:0069161D push eax ; lpflOldProtect .text:0069161E push 40h ; '@' ; flNewProtect .text:00691620 push 80h ; dwSize .text:00691625 push offset sub_691170 ; lpAddress .text:0069162A call ds:VirtualProtect .text:00691630 push offset asc_6931DC ; "..." .text:00691635 lea ecx, [esp+2Ch+Block] ; void * .text:00691639 call sub_691720 .text:0069163E call sub_6914B0 .text:00691643 call sub_6914E0 .text:00691648 call sub_691510 .text:0069164D call sub_691540 .text:00691652 call sub_691570 .text:00691657 call sub_6915A0 .text:0069165C call sub_6915D0 | ==> |
ZAYOTEM{FACTS_CAN_BE_SO_MISLEADING} | ==> |
ANSWER:MORDOR | ==> |
@cnathansmith Good algorithm to solve it. I manually calculated every digits 😀 | ==> |
@cnathansmith Thank you. I have already found the password equivalent of usernames such as "AAAAA" or "aa". Later, I thought about making a table for all the letters, but I gave up because it was a long job and I was struggling with cracking the password of the crackme file named Bobby. | ==> |
Bobby's medicine is : 07014620352040506000012238200008007020113308080020070008 | ==> |
We will see, who will pull the shortest time value out of his ass ? After all, we don't know the truth. | ==> |
Found valid usernames/passwords but couldn't solve algorithm yet. | ==> |
9 characters beginning with capital letter. 2 hours 20 minutes with manual unpacking using x64dbg. | ==> |
Use latest ILSpy. YAY - GOOD JOB | ==> |
@rrookie You are right, there is no loop. Only four characters are loaded. As you see, there is no print function also. I dedoded rest of the bytes with same xor value by manually. I thought that author wants this secret message. | ==> |
@Programista After your code snippet, Process enters 64-bit mode and your debugger doesn't follow it. After the "ret far" command, there is a code snippet which ends with "ret far" again. The codes in between are 64-bit instructions. To decode it easily, copy that code hex equivalent and paste it to online x64 disassembler. For example this online disassembler : https://defuse.ca/online-x86-assembler.htm Hint : EB instruction jumps next byte in 64-bit mode as you will see in online disassembler. So, delete EB and redisassemble it. Also search on this site with name "heaven" and there are two other heaven's gate related crackmes which has solution on it. | ==> |
What is the challenge ? I found password at memory and enteree it. It gives success message. It creates random password at every start the crackme file so there is no fixed password. | ==> |
@rrookie Yes,0x153168 is address of flag data which begins just after "did you capture the flag" message. It is xor'ed with 0x68657974 value four by four. | ==> |
ZAYOTEM{r3v3r53_3n61n33r}eyt | ==> |
ZAYOTEM | ==> |
Username : Any name Password : Sum of the ascii number of username characters. | ==> |
@cnathansmith Check your system because this file is trojan. Check with virustotal. | ==> |
Too easy. patched. | ==> |
It was really easy. | ==> |
Password : HkVf3z8MS2 | ==> |
"Knight's Tour" problem in Chess Board. Password : 00473049321562172950450261181334460148311433166351280344196035120443245508392059275207402356113642055425380958215326410657223710 | ==> |
@sporta778 Protectors like Enigma, Themida, VMProtect etc.. use obfuscation, anti-debug and many methods like viruses and trojans. So, those antiviruses give false alarms for these crackmes especially. | ==> |
@sporta778 if you scan with virustotal.com, lots of crackmes give false alarm because trojans use same methods like anti-debugging etc.. | ==> |
@JMac2 We gave argued with you previously. I posted a solution and administrators rejected and even you didn't like my solution. So there is no need to effort making a solution. If you are not blind other posts, no everybody post solution, just gives passwords in the comment section. If admins makes forbidden to everyone, it is okay for me. So, go your way. | ==> |
@sporta778 You are right. I am the first to reveal the password in the comment section on this site!!!. I look at other crackme files and a lot of people explained the password in the comment section and no one said anything, but whenever I do it, a crack head immediately comes and criticizes me. Take a look at yourself before criticizing me. Just the other day, you wrote the answer to the crackme file whose password was "pizza" in the comment section. Don't lose motivation, work harder. | ==> |
User ID : admin Password : 328c5620c90182b4de6d21cfca38a4ec | ==> |
@hacktooth No. I found serial in dump view and the others are brute force and some luck :) | ==> |
@sporta778 Greats. I couldn't find time to solve those xor's , adding 6, etc.. I was waiting for someone to figure this out so I could get rid of it :) | ==> |
username and password are 6 characters long and must be identical. Serial : 0000-0000-0000- No need to write a keygen. | ==> |
Solved. Password is 16 characters long. | ==> |
@JMac2 I think he made a mistake and kept us busy for nothing. He wants to cover up his mistake by saying that he forgot to say "You can patch". A virtuous person should accept his mistake and say it clearly. | ==> |
Multiple answers. solved. | ==> |
Part 1 : 15 Part 2 : 66 After solved, i checked solution text file inside zip file. | ==> |
Password : IM_GOOD | ==> |
Password : 7FEB3EB8230 | ==> |
It was too easy and it doesn't deserve this level of difficulty. | ==> |
"Yoniaga yrT .ekatsim a edam u!!" | ==> |
Password = jajajaja | ==> |
What is the challenge of this program ? It doesn't ask any username/password. | ==> |
@SUPERNOVA Yes, it gives repeatedly same values. So, i asked to the author whether he checked it or not. | ==> |
Did you check out ? does it work ? | ==> |
Key : 5418 | ==> |
Solved. Leet Hacker :) | ==> |