Profile

Crackme	Infos
InDuLgEo V3-B — The DOS Intro Challenge

Comment	Link
JD-GUI failed but CFR succeeded in its mission. But it asks path, i enter c:\users\profilename\desktop and it gives "error occured". However, key works. Key is 7 characters long.	==>
@balazsofficial You are right. I forgot to mention it.	==>
Best tool is ILSpy to decompile it.	==>
--- SPOILER --- Password length should equal or greater than 8 chars. Password should contain al least one Capital Letter. Password should contain at least one lowercase letter. --- SPOLIER ---	==>
Password : R0b0_Su22y13378Pussy59283 This one got easy because i discovered "Rand" function from Watermelon crackme.	==>
Password : N!993R_K1ll3r It was hidden inside "rand" function. After several days, finally i found.	==>
The password for every crackme file on this site is "crackmes.one" (without quotes). As for this crackme file, it was specified as Multiplatform by the author of the program, but it was wrong. In fact, it is a Linux file and works under Linux derivatives.	==>
@InDuLgEo Thank you. I have used Softice, Sourcer, Turbo Debugger, Debug at old good DOS days. If i see anything related to DOS, it attracts me. At first, i only uploaded COM file but site manager rejected it because it doesn't have any description. Later, i uploaded solution but system only allows one file uploading. I wish I had compressed the 2 files into one and uploaded them. I asked the moderator but he didn't. After I uploaded the file, the system didn't allow me to upload the file again. I will try to upload again.	==>
@Elvis, author want patched file also but i could only uploaded pdf file. Can you combine my first uploaded COM file with this pdf file ?	==>
There are 3 sections in the program. In the first section, there is a blue image with a waving shape. After that, there is a fire effect in the second section. In the last section, there is a fractal but it is not an animated image. In the top rows, the messages are fixed and the phone ringing sound is heard intermittently. In the second section with the fire effect, is it to print text on the screen or to change the messages on the last screen that the programmer printed?	==>
Name : nightxyz Serial : 691604A0FA6FA1C99BCED0013AE788A2B39B56AFC0A96867BD2A1C31BE5DC9CE-OMGWTFBBQ	==>
I guess I'll make you angry again but this one didn't even take 10 minutes to crack. After seeing the part that checks the length of the password to 10 characters, I entered a random password. After the size check, after a few more steps, x64dbg showed a string as "awesome". I didn't even look at the memory area. I tried that and it worked. The previous crackme was harder in my opinion. If the password in the previous crackme file had been encrypted, my job would have been harder. The plus of this was that while debugging this, if I wanted to run another program directly, the debugger would detect it and the program would exit. And it wasn't even running under the debugger. Your obfuscated codes are very similar to the programs written by "nado" called "watermelon crackme" and "professional crackme", but I haven't been able to crack them yet. There is too much math and obfuscated code.	==>
Ida didn't work properly so i used X64dbg. ---SPOILER--- password is 47 chars long. ---SPOILER---	==>
@hmx78912 It's a nice crackme. It was hard at first, I looked at the same places over and over. I examined the anti-debug sections over and over. Then, while tracing line by line, I was looking at the registers and I found the place where the first character of the random password I entered was compared to the "c" character. Then, when I dumped it to the rsi+4 address, I saw the text crackme diagonally. There is a 36 byte difference between each letter. The following part of the code helped me find the result. 00007FF611D52473 \| 8BC3 \| mov eax,ebx 00007FF611D52475 \| 44:3A7E 04 \| cmp r15b,byte ptr ds:[rsi+4] 00007FF611D52479 \| 0F94C0 \| sete al 00007FF611D5247C \| FFC0 \| inc eax r15b is the address of the password I entered rsi+4 is the address of the real password. I am waiting v2, best regards...	==>
@hmx78912 While debugging with X64dbg, I saw that the first character of the real password was the character "c". Then, when I looked at the memory area where this "c" character came from, the letters appeared as "c r a c k m e" in a crisscross pattern, and when I tried that password, I saw that it was correct. So, as you can see, I didn't do brute force. Also, I'm not the first person to directly explain the password in the comments section of this site. If you look at the comments sections of other crackme files, you can see hundreds of examples. I sent a solution once, but I couldn't make the management like it either. Then I gave up sending a solution.	==>
Password : Qk*{i9}6	==>
Password : crackme	==>
Password : ElementaryMyDr!!	==>
Password is 21 characters long. It gets windows usernames like DESKTOP-XXXXXXX/Username and makes some calculations. I am busy to solve mathematics but i found my own password.	==>
Password : e4444	==>
Password : ppppp	==>
Password : M1d3s19	==>
I found first pair manually using calculator to get 7326. Numbers 66 x 111 is first pair. Then started with oBo.. but didn't pass criteria. Then started with Boo... and worked. I asked gemini other pair, it gaved me J and c char but i din't calculate. So, i manually calculated every step. Only AI gavr me second pair but i didn't use.	==>
Boozy :)	==>
Password : 4921	==>
Correct pattern : 121212121	==>
Password : thisisverysecret In x64dbg, a few lines later, letters are shown vertically. So, your obfuscators doesn't work very well.	==>
password : correct	==>
Lots of passwords. One of them is : BP!9$d!!	==>
I tested with 66 characters long password and didn't get DEADC0DE code with anyway. Did you test this crackme before publish ?	==>
Password : Alon Alush	==>
Password : iiiiiii}	==>
Username : zzzzzzzzzz Password : 1220 Sum of the username letters decimal equivalent. For example if you enter only A char for username, then password is decimal equivalent 65. username : A password : 65	==>
@Mattpackman Patch is not allowed otherwise specified.	==>
@Enhancer Password is 4 chars. Total is decimal 895. It also adds Line Feed character as a fifth char. So, 5 x 0ah = decimal 50. Now result is 945.	==>
Password = 3p(smaller than sign)n Password is 4 characters long.	==>
Password : 3p	==>
Key = ThisPasswordIsRandomAsFuck	==>
@gimi001 Read Faq at menu.	==>
pseudo code: var1 = length of name looptimes = var1 repeat looptimes { var1 = (var1 * 19660Dh) + 3C6EF35Fh char result array[] = (var1 mod 5Eh) + 21h } split result with xxxx-xxxx-xxxx... format or xxxx-xx if odd length of input name. if result hex value contains letter like 7A, 4B etc.. then add 0Ch to that value. For example 7A becomes 7M, 3B becomes 3N. 3B645B becomes 3N64-5N	==>
I only used getdlgitemtexta breakpoint and used F7, F8 keys.	==>
Interestingly, i debuged program with x32dbg in my notebook and same password worked. But without debugger, password doesn't work in my notebook. In my desktop, password works without debugger.	==>
@fatmike I don't have discord account and discord unavailable in my country temporarily. On my desktop computer, I deleted zip file and exe file. Also turn off my computer and start again. Download zip file again and extracted exe file. Started exe file and entered my password. It says "Well Done". Something is wrong with your crackme because my password doesn't work on my notebook which is same operating system windows 10 x64.	==>
I completely closed my x32dbg and executed exe file. My password works only on my computer. Did you try it on another computers ?	==>
@fatmike In my computer, it works without debugger. But it doesn't work on another computer. You used rand function inside program, maybe it doesn't work properly.	==>
Name : 1234 Serial : 11111111-bbc39b72-94229d8a	==>
I simply removed with cffexplorer but in x64dbg, i couldn't bypass. So, i decided not to struggle with more.	==>
Name = FATMIKE Key = x8hpx8hpx8hpx8h	==>
I used X64dbg , ScyllaHide Basic profile. First, i found the point where user key gets. After that, i traced step by step. I bypassed Int 4 trap. I "traced into" every "call juggler_v2.7FF72EDE9860" because "Trace over" failed. After loading all libraries, I continued to stepping. Somewhere in loop, I saw "curly bracket" next some register. The other register shows my entered key first character. I remembered the password structure for first revision of this crackme and I guessed that this crackme has same type password. I executed loop 32 times and write everey character to a paper. Finally it worked. I can't write solution but i solved with this way and a little bit luck :)	==>
Key = {7h3_h4nd_0f_90d_h0v321n9_480v3}	==>

JD-GUI failed but CFR succeeded in its mission. But it asks path, i enter c:\users\profilename\desktop and it gives "error occured". However, key works. Key is 7 characters long.

==>

@balazsofficial You are right. I forgot to mention it.

==>

Best tool is ILSpy to decompile it.

==>

--- SPOILER --- Password length should equal or greater than 8 chars. Password should contain al least one Capital Letter. Password should contain at least one lowercase letter. --- SPOLIER ---

==>

Password : R0b0_Su22y13378Pussy59283 This one got easy because i discovered "Rand" function from Watermelon crackme.

==>

Password : N!993R_K1ll3r It was hidden inside "rand" function. After several days, finally i found.

==>

The password for every crackme file on this site is "crackmes.one" (without quotes). As for this crackme file, it was specified as Multiplatform by the author of the program, but it was wrong. In fact, it is a Linux file and works under Linux derivatives.

==>

@InDuLgEo Thank you. I have used Softice, Sourcer, Turbo Debugger, Debug at old good DOS days. If i see anything related to DOS, it attracts me. At first, i only uploaded COM file but site manager rejected it because it doesn't have any description. Later, i uploaded solution but system only allows one file uploading. I wish I had compressed the 2 files into one and uploaded them. I asked the moderator but he didn't. After I uploaded the file, the system didn't allow me to upload the file again. I will try to upload again.

==>

@Elvis, author want patched file also but i could only uploaded pdf file. Can you combine my first uploaded COM file with this pdf file ?

==>

There are 3 sections in the program. In the first section, there is a blue image with a waving shape. After that, there is a fire effect in the second section. In the last section, there is a fractal but it is not an animated image. In the top rows, the messages are fixed and the phone ringing sound is heard intermittently. In the second section with the fire effect, is it to print text on the screen or to change the messages on the last screen that the programmer printed?

==>

Name : nightxyz Serial : 691604A0FA6FA1C99BCED0013AE788A2B39B56AFC0A96867BD2A1C31BE5DC9CE-OMGWTFBBQ

==>

I guess I'll make you angry again but this one didn't even take 10 minutes to crack. After seeing the part that checks the length of the password to 10 characters, I entered a random password. After the size check, after a few more steps, x64dbg showed a string as "awesome". I didn't even look at the memory area. I tried that and it worked. The previous crackme was harder in my opinion. If the password in the previous crackme file had been encrypted, my job would have been harder. The plus of this was that while debugging this, if I wanted to run another program directly, the debugger would detect it and the program would exit. And it wasn't even running under the debugger. Your obfuscated codes are very similar to the programs written by "nado" called "watermelon crackme" and "professional crackme", but I haven't been able to crack them yet. There is too much math and obfuscated code.

==>

Ida didn't work properly so i used X64dbg. ---SPOILER--- password is 47 chars long. ---SPOILER---

==>

@hmx78912 It's a nice crackme. It was hard at first, I looked at the same places over and over. I examined the anti-debug sections over and over. Then, while tracing line by line, I was looking at the registers and I found the place where the first character of the random password I entered was compared to the "c" character. Then, when I dumped it to the rsi+4 address, I saw the text crackme diagonally. There is a 36 byte difference between each letter. The following part of the code helped me find the result. 00007FF611D52473 | 8BC3 | mov eax,ebx 00007FF611D52475 | 44:3A7E 04 | cmp r15b,byte ptr ds:[rsi+4] 00007FF611D52479 | 0F94C0 | sete al 00007FF611D5247C | FFC0 | inc eax r15b is the address of the password I entered rsi+4 is the address of the real password. I am waiting v2, best regards...

==>

@hmx78912 While debugging with X64dbg, I saw that the first character of the real password was the character "c". Then, when I looked at the memory area where this "c" character came from, the letters appeared as "c r a c k m e" in a crisscross pattern, and when I tried that password, I saw that it was correct. So, as you can see, I didn't do brute force. Also, I'm not the first person to directly explain the password in the comments section of this site. If you look at the comments sections of other crackme files, you can see hundreds of examples. I sent a solution once, but I couldn't make the management like it either. Then I gave up sending a solution.

==>

Password : Qk*{i9}6

==>

Password : crackme

==>

Password : ElementaryMyDr!!

==>

Password is 21 characters long. It gets windows usernames like DESKTOP-XXXXXXX/Username and makes some calculations. I am busy to solve mathematics but i found my own password.

==>

Password : e4444

==>

Password : ppppp

==>

Password : M1d3s19

==>

I found first pair manually using calculator to get 7326. Numbers 66 x 111 is first pair. Then started with oBo.. but didn't pass criteria. Then started with Boo... and worked. I asked gemini other pair, it gaved me J and c char but i din't calculate. So, i manually calculated every step. Only AI gavr me second pair but i didn't use.

==>

Boozy :)

==>

Password : 4921

==>

Correct pattern : 121212121

==>

Password : thisisverysecret In x64dbg, a few lines later, letters are shown vertically. So, your obfuscators doesn't work very well.

==>

password : correct

==>

Lots of passwords. One of them is : BP!9$d!!

==>

I tested with 66 characters long password and didn't get DEADC0DE code with anyway. Did you test this crackme before publish ?

==>

Password : Alon Alush

==>

Password : iiiiiii}

==>

Username : zzzzzzzzzz Password : 1220 Sum of the username letters decimal equivalent. For example if you enter only A char for username, then password is decimal equivalent 65. username : A password : 65

==>

@Mattpackman Patch is not allowed otherwise specified.

==>

@Enhancer Password is 4 chars. Total is decimal 895. It also adds Line Feed character as a fifth char. So, 5 x 0ah = decimal 50. Now result is 945.

==>

Password = 3p(smaller than sign)n Password is 4 characters long.

==>

Password : 3p

==>

Key = ThisPasswordIsRandomAsFuck

==>

@gimi001 Read Faq at menu.

==>

pseudo code: var1 = length of name looptimes = var1 repeat looptimes { var1 = (var1 * 19660Dh) + 3C6EF35Fh char result array[] = (var1 mod 5Eh) + 21h } split result with xxxx-xxxx-xxxx... format or xxxx-xx if odd length of input name. if result hex value contains letter like 7A, 4B etc.. then add 0Ch to that value. For example 7A becomes 7M, 3B becomes 3N. 3B645B becomes 3N64-5N

==>

I only used getdlgitemtexta breakpoint and used F7, F8 keys.

==>

Interestingly, i debuged program with x32dbg in my notebook and same password worked. But without debugger, password doesn't work in my notebook. In my desktop, password works without debugger.

==>

@fatmike I don't have discord account and discord unavailable in my country temporarily. On my desktop computer, I deleted zip file and exe file. Also turn off my computer and start again. Download zip file again and extracted exe file. Started exe file and entered my password. It says "Well Done". Something is wrong with your crackme because my password doesn't work on my notebook which is same operating system windows 10 x64.

==>

I completely closed my x32dbg and executed exe file. My password works only on my computer. Did you try it on another computers ?

==>

@fatmike In my computer, it works without debugger. But it doesn't work on another computer. You used rand function inside program, maybe it doesn't work properly.

==>

Name : 1234 Serial : 11111111-bbc39b72-94229d8a

==>

I simply removed with cffexplorer but in x64dbg, i couldn't bypass. So, i decided not to struggle with more.

==>

Name = FATMIKE Key = x8hpx8hpx8hpx8h

==>

I used X64dbg , ScyllaHide Basic profile. First, i found the point where user key gets. After that, i traced step by step. I bypassed Int 4 trap. I "traced into" every "call juggler_v2.7FF72EDE9860" because "Trace over" failed. After loading all libraries, I continued to stepping. Somewhere in loop, I saw "curly bracket" next some register. The other register shows my entered key first character. I remembered the password structure for first revision of this crackme and I guessed that this crackme has same type password. I executed loop 32 times and write everey character to a paper. Finally it worked. I can't write solution but i solved with this way and a little bit luck :)

==>

Key = {7h3_h4nd_0f_90d_h0v321n9_480v3}

==>

crackmes.one

crackmes.one

nightxyz's profile

0

1

137

Crackmes

Latest writeups

Latest comments