| Crazy |
Hint: The decrypted code will contain the success message as a string. |
2021-11-23 14:01 |
| Basic |
yes it's buggy but I found it after I uploaded |
2021-10-30 13:43 |
| D2 |
I am not planning to crack it or something(coz I can't), but I'm just curious what's this 'code meme mutation'? What did you mean by that? |
2021-10-17 07:28 |
| CrackMe_V3_Marquire |
Yea it kinda is, it's essentially a strcmp. But still enjoyable nonetheless. |
2021-10-16 07:33 |
| SanSuu |
finally cracked this crackme. Pretty good algorithm you got there. The hardest part except the algorithm was to find the procedure(main). |
2021-05-29 16:09 |
| spank me v1 |
you need a little bit restriction on patching or give a clue as to what it is you want people to patch.. for example I could've just edited some part to jump straight into the success part without even asking the serial number... and it'll make it less funny.. so you might want to put some restrictions that make people not allow patching to play easy mode. |
2021-05-28 07:19 |
| spank me v1 |
I did it the second way.. it's working now |
2021-05-28 05:33 |
| spank me v1 |
or what about setting all args to ) therefore serial=code/3 exactly? Is that the intended way? |
2021-05-28 05:21 |
| spank me v1 |
yeah this XOR is what I'm talking about, am I supposed to disable this by patching in a jump around it or what? |
2021-05-28 05:20 |
| spank me v1 |
hey, so your serial number XORs make it very hard to correctly align it with the generated serial.. I'm always off by 1 or 2. Any tips? |
2021-05-28 04:36 |
| spank me v1 |
I almost cracked it(I downloaded the required dlls).. seems your algorithm requires to to do some work to calculate the serial number |
2021-05-27 07:49 |
| spank me v1 |
dude it doesn't work coz you compiled it in debug mode, so SDK is required to run... Probably that's why it's removed the first time |
2021-05-26 15:16 |
| LateBird |
solved, needed to learn dozens of new windows functions and structures... thankfully most of my guesses was right. A bit more difficulty for level 2. I'd say 2.5-3.0 |
2021-05-25 15:45 |
| CrackThis |
I kinda see that you take time and get a random number based on that, but I couldn't identify what you do with the array initialization, but you take some values from the array depending on the random generator, and then you generate the 'password'. I'd like to see the source code. |
2021-05-19 13:45 |
| Mission: PowerGrid |
z3n well although it's L1, it's meant for people learning assembly. However, you can start by finding a good debugger and start analyzing the code. |
2021-05-15 13:28 |
| Guess The Password |
This was my first experience with arguably obfuscated code. Ngl, I thought that is the main algo and I took deep look into that with Ghidra, at the end I realized it's some kind of length analysis, and when debugged, it was embarrassing lol. Then, I immediately found the string cmp and I used your own decoder to find the pass.
I'm gonna enjoy writing it's writeup! |
2021-05-08 16:59 |
| insane password checker |
fantastic crackme! Although brute force difficulty != crackme difficulty in most cases I guess. |
2021-05-03 17:54 |
| Simple Crack Me |
please make sure to build in release mode or Windows installations who don't have Win10 SDK installed won't run your crackme.. |
2021-05-01 11:59 |
| BruteForceMe |
That was kinda easier than 2.5, made a Keygen that lists out all possible keys..
Here is all valid keys for the crackme
https://drive.google.com/file/d/1dNCX4QpN8b0B-NC1sqy5zD0Q0n5mY89a/view?usp=sharing |
2021-05-01 10:53 |
| Look Closer |
that was clever!
Especially that you modifying an inbuilt function that causes 'abnormal' behavior! How did you even do that? |
2021-04-30 16:31 |
| Overflow_ME |
9 days no progress, so here is the solution password:
functioncallbyoverflow
|
2021-04-29 05:26 |
| Overflow_ME |
It is an exploitation based crackme. So by default no patching is allowed. You have to look for and exploit possible vulnerabilities in the crackme. Also do string analysis or something to find the success message. read Readme.txt for more info. |
2021-04-26 01:47 |
| SecureSoftware v1.5 |
thank you @giacomo270197 for your comprehensive solution. One of the best solution write ups I have ever read. |
2021-04-19 09:16 |
| Crackme_OF |
By the way, the password for solution_file.rar : solutionbypranav007 |
2021-04-07 03:13 |
| Crackme_OF |
strngl Hey! Got your solution! Nice one! Also you can use a file to write null characters to stdin(the way I used), but this is new info to me!! Good job! |
2021-04-07 03:07 |
| Advanced crackme |
and for all yes, you are allowed to patch out the anti-debugger if it is failing to work properly.. |
2021-03-28 15:12 |
| Advanced crackme |
This is an older crackme, which is not actively supported.. anyway, yes it can sometimes fail, but not always.. It's a side effect of my early anti debugger.. but most of the cases it should be fine.. message me on pranavappu007 at the discord server on crackmes.one, if you want more help. |
2021-03-28 15:11 |
| Drew's Cookie Challenge |
I do not have the debug version of visual C++ runtime.. please make sure to upload release versions of the code, as otherwise I have to install visual studio Windows 10 SDK for crack.. |
2021-03-28 14:26 |
| Crackme_OF |
Thanks! Upload a writeup, I'll love to read it! |
2021-03-27 06:25 |
| SecureSoftware v1.5 |
also try to get a real key in addition to patching it, so that the key works in an unpatched version... And for others no the patching doesn't count as a solution |
2021-03-25 17:39 |
| SecureSoftware v1.5 |
mohammadali Are you sure you defeated all the anti-debugging protections?? :wink: |
2021-03-25 17:36 |
| SecureSoftware v1.5 |
hey! Well there is a lot of stuff in it! Make sure you read the Readme fully. |
2021-03-23 05:20 |
| chrisK's crackme v03. Try it, it's not that hard ! |
This one have just the right amount of difficulty to be interesting..! I have identified that you process the string first and then validation is performed.. Anyway I'll probably upload a solution when I crack it! |
2021-03-23 03:41 |
| SecureSoftware |
Me too, didn't have a discord account at first, but it's worth it. I'm also kinda busy, so I'll email you when I get time. |
2021-03-15 02:55 |
| SecureSoftware |
thanks!.. Well, you can join the discord server, and I'm there along with a very good community. It's fun! |
2021-03-15 02:53 |
| My Dog5 |
oh, so mohammadali, s4gr00_x, me are all idiots. Okay. I just simply asked why don't you superior intellectuals put your stuff into some higher levels, so that idiots like us won't crawl into your shit? For me, I never had to crack an md5 or similar in a *L2 crackme*. That's all. Please don't misguide us idiots into shit like this. Thanks. |
2021-03-15 02:14 |
| My Dog5 |
what? *sighs* well, as I understand, you take the input string, creates the md5 hash of the input string, and compares it to the md5 string stored in the system. For a valid input to work, we have to find an input that gives the exact same md5 as what you've stored. And how to get it? Reversing the hash.
I talked to one of the "solvers" and he said he just googled the hash to get a solution. That is not how a crackme's solution should be found. You can say we're crying and all, but that doesn't change that your idea of this crackme is flawed.
Comparing hashes to check password is actually a commercial way of storing password, because it is that secure. You can do it here, as long as the algorithm is not that strong and can be reversed. MD5 is a real algorithm that is commercially being used!
Please check the FAQ. It is mentioned that no commercial packing/encrypting systems can be used. Since you used a commercial method to hash your password, you violated the rules. Just simple as that. |
2021-03-14 02:48 |
| My Dog5 |
mohammadali dude you did it! HAHA lol. Hey are you on the discord server? I'm there at pranavappu007 |
2021-03-13 15:51 |
| My Dog5 |
mohammadali you are a strong patcher, you patch everything.. A new crackme by me is coming, I suggest you try patching that.. also do a writeup! |
2021-03-13 15:48 |
| My Dog5 |
s4gr00_x He didn't even design it, he straight up copied some md5 implementation, wrote a wrapper and there you go! This is how you should not build a crackme. |
2021-03-13 11:59 |
| My Dog5 |
what? he said it is extremely hard as I understand...and btw you won't get the solution by understanding the last cmp instruction, you have to reverse the goddamn md5 to get the real input and thus the solution... It is actually banned to use commercial or open source strong algorithms in the crackme.. let alone something like md5 |
2021-03-13 11:57 |
| crackme_you_s**t v1 |
You can request in the discord server to remove the crackme. Or maybe even update it? |
2021-03-13 03:46 |
| Keygen Me Part 1 |
I don't even have IDA pro |
2021-03-12 16:40 |
| Advanced crackme |
ali0gamer please post a solution writeup |
2021-03-11 09:12 |
| CrackMe2 - Classical cipher |
Nice classical cipher. Liked it very much! |
2021-03-11 05:47 |
| Keygen Me Part 1 |
Personal opinion ofc, but I think it should be L3 for the sole reason it's C++. It feels like searching for a tiny piece of gold in a whole river |
2021-03-11 04:59 |
| My Dog5 |
Hey! Is the challenge is to reverse the md5 hash of a string???? |
2021-03-09 15:22 |
| SecureSoftware |
It is intended to me a keygenme |
2021-03-04 04:31 |
| SecureSoftware |
ali0gamer well if it's really easy then generate a valid .key file instead of patching the .auth file. You were actually supposed to do that, although I'll allow patching on .auth for now |
2021-03-04 04:30 |
| SecureSoftware |
ragnar_crackbeard87 well, you have to follow the thread start after printing InitialChecks.. It's actually an anti patching mechanism, you have to prevent it from executing. For more details, join the website discord server and find me as PranavAppu007. |
2021-02-26 01:49 |
| FindMySecret |
MaxP unless ebp-0x10 is accessible from another thread.. |
2021-02-25 15:50 |
| SecureSoftware |
ragnar_crackbeard87 yes, there are anti debugging/patching implemented. You can disable it if you wanted, although it is not preferred. You are generally expected to use static analysis to reverse the crackme |
2021-02-25 15:47 |
| SecureSoftware |
Scopes how did you do that? Did you patch the crackme? |
2021-02-24 14:45 |
| SecureSoftware |
4epuxa just 2 numbers? |
2021-02-21 06:09 |
| FindMySecret |
mohammadali I couldn't completely understand what is going on in hook installation.. But I can see that you have modified MEssageBoxA function with a jump to some custom function, so that if you call MessageBoxA your function will be called. Also, is your project working on crackmes? Have you tried it with my crackme? |
2021-02-02 05:53 |
| FindMySecret |
https://discord.gg/2pPV3yq
open this link and you can join crackmes discord server.. I'm inside that( you might want to create an account..) |
2021-01-30 02:58 |
| FindMySecret |
mohammadali wow that is some hard stuff! could you please explain using an example? |
2021-01-29 14:40 |
| FindMySecret |
4epuxa join on the discord server and look for PranavAppu007.. |
2021-01-29 14:39 |
| FindMySecret |
4epuxa not really, it generated the number randomly, so the solution is just explaining how you cracked it. Post it in the solutions. |
2021-01-26 01:57 |
| FindMySecret |
Well, for all crackmes in this website, they add their on password, which is crackmes.one. Check FAQ. |
2021-01-23 14:55 |
| FindMySecret |
You might want to use a tool tho, I think it's a little big to handle without a tool, but then again if you are a pro then you can handle |
2021-01-23 02:44 |
| FindMySecret |
Yes, there is a small mathematic equation for randomization.. Message me at PranavAppu007 on discord if you want help.. |
2021-01-23 02:35 |
| crackme |
It would be better to have the program in english... |
2021-01-20 05:12 |
| unlockme |
For those who said it was too easy for Level 3, I didn't knew the standards as this was my first attempt... I have posted a new one which now I think should be L3, consider this as L1 from now. |
2021-01-13 09:14 |
| Advanced crackme |
The password of the ZIP file is 'crackmes.one', if you are from outside |
2021-01-13 08:55 |
| ORiGiN KeygenMe |
Windows Defender complained it is a trojan virus.. |
2021-01-13 02:34 |