| As I mentioned, it is a "shy" application :-) Just kidding, it is part of the "protection", but more or less a little trick. You cannot actually use the mouse to register the program, think otherwise. |
==> |
| cnathansmith, thanks for your excellent work on the solution! Since I didn't specify the text of the message box, all meaningful texts will be ok :-) Nevertheless, you have explained a great way to solve it, respect!
Here is another valid key: timo2425525899 |
==> |
| Have a look at the crackmes.one startpage, you'll find the invite link there. :-) |
==> |
| infected, thanks for trying my crackme! You are right, the way decribed in the solution only works with "00" as bytestring in keyfile. So the result after adding is "0x00". If you have another bytestring the dl-register will have another value. // Since the comment section isn't moderated it would be better to ask your questions in the discord channel. |
==> |
| @nightxyz Nice, good job! For those who want to try this crackme too, other keys are also possible. |
==> |
| I would like to point out that finding a key (or at least describe it) is the goal, as I forgot to mention it in the description;-) |
==> |
| Thanks seawolf for your nice writeup! |
==> |
| @cnathansmith: Thanks for your solution, well written with good explanations. |
==> |
| @hashtan: see FAQ -- https://crackmes.one/faq |
==> |
| This crackme welcomes us with code obfuscation, to be more precise with control-flow transformation that removes the structured flow (tigress obfuscator?). Basically it cyphers the username and extend it. Afterwards the cyphered username string gets hashed word-wise. The main challenge seems to keep track on the flow since the code is overbloated with useless instructions and uses unconventional arithmetics for simple tasks. |
==> |
| I see. So, there's only one questions not answered right now... |
==> |
| Go on, you are on the right track but there are more questions to answer :-) |
==> |
| First of all, this crackme wins the award for the best user interface and excellent coding style. Furthermore, it comes with some anti-debug tricks and a really sophisticated algo. You really need reversing skills for that and a complete understanding of the code. The challenge among other is that the name is generated based on the serial and not as usual the other way around. I did not manage to fully understand/reverse the code, but was able to generate a name/serial combination:
Name: DDDI
Serial: 747474745
Thanks Fatmike for that nice crackme! It reminds me on the old days... ;-) |
==> |
| Any hint for this? |
==> |
| Nice crackme, had fun with it! Thanks.
The MD5 of the key is: 07f76385ff987707d0188b805b11d2fb |
==> |
| Looks like "Enigma Protector" was used here. |
==> |
| I got this one:
Mission Accomplished! Get your flag!
[+] 30302D32312D43432D44412D37392D3731} |
==> |
| Not an easy one, thanks.
Not to spoiler, the MD5 of the key is: 7813d1590d28a7dd372ad54b5d29d033
|
==> |
| You need to create a valid keyfile to make the program run. |
==> |
| For me it looks like "PasEc!23" is the password, while the "c" is an unicode character (4100). |
==> |
| I thought that "adm1n1strat0r" will lead me to the solution, but it won't. Anymore hints? |
==> |
| Does the password contain non-printable characters? |
==> |
| You don't need much keys of the keyboard:-) An easy one. Thanks. |
==> |
| I am a bit stuck. Sometimes it hashes MD5, sometimes it hashes SHA1. Is that intended? |
==> |
| Yekong, a got a challenge with my answer because the "enter-key" is taking into the length check and so it doesn't fit. Is that part of the protection? |
==> |
| Good for beginners. PIN is hardcoded. |
==> |
| @MARI0x83 Correct, it won't start without a valid keyfile :-) |
==> |
| With a little patient you'll find the hardcoded key :-) |
==> |
| This is an excellent example of classic reversing! A few lines of code lead to a great puzzle. Really nice one. There are several serials possible. Here's mine: PUEXz~B. |
==> |
| Yep, one serial for each program start. |
==> |
| Nice crackme for beginners. No need for patching here. A serial can be sniffed and the algo is good to follow. I would rate this as level 1-2. Thanks. |
==> |
| Is my assumption correct that the code consists of 5 characters and thus the arrangement of the pixels is changed? |
==> |
| I think it manipulates the code at runtime. |
==> |
| I cannot even start the program, it crashes due to an illegal cpu instruction (vpxor). Or is this part of the protection? |
==> |
| For me the program crashes on an illegal instruction or is this part of the protection? Any hint? |
==> |
| @SofiaB8921
It takes the value of a character of the username, add the value of the current position and the value 101 to it. The result will be stored as a new charakter. So for the username "timotei" the password would look like: ("t"+0+101),("i"+1+101=Ù),("m"+2+101=Ï),("o"+3+101=Ô) ... In the end the result will be: ÙÏÔ×ÝÏÔ |
==> |
| Nice crackme. Looks like you searching for some "followers" :-) |
==> |