Leaderboard

Hi, His Unpacker is for Vanilla Only not for Modded Version.

Phew! It has been close to 4 years and after a lot of wandering here and there I can proudly announce that I'm now able to calculate a valid serial for any name. Here are a couple. kao GCZ4B-QTD22 0xec FZNUL-THK22 Time taken to generate a key can vary from 2-5 minutes and takes about 12 GB of Physical RAM running on a Nvidia Tesla T4 GPU (2560 CUDA cores). Providing more RAM and CUDA cores may further reduce the time but I ran it on Google Colab and that's what they offer. I plan to do a write-up on my blog later but here it is in short. Initially, I felt the only way to solve the system of equations within a feasible time frame is through a quantum computer using something like Grover's search but the quantum computers available for public use (IBM Q Experience) at this time do not have enough qubits. So this approach had to be discarded. On deeper analysis, I found the system of equations is nothing but a system of Multivariate Quadratic (MQ) Polynomials. There's a field of Crypto related to this - Multivariate cryptography. Such cryptosystems are considered hard even for a Quantum Computer to attack let alone a classical machine. Luckily, there's an ongoing challenge based on the exact same idea - Fukuoka MQ challenge. It turns out small MQ systems particularly which are under-determined (more unknowns than equations) are solvable by classical machines within an accepting time frame and people have posted tools/algorithms to solve them. One of them is libFES . There's also a GPU implementation of FES which I have used here. So that's how it went. Thanks @kao for the challenge. Really learned a lot!!! Its a silver medal for now. Considering such systems of equation are solvable, generating a key within 1 sec could also be possible given the MQ challenge site posts that this cryptosystem is based on a signature scheme (Type -IV). Once we calculate the private key, generating the signature within 1s should be possible.

VVVVVV is now open source - https://github.com/TerryCavanagh/VVVVVV Huge archive of abandonware games for various platforms: https://oldgamesdownload.com/

Difficulty : 6 Language : C++ 14 Platform : x86 OS Version : Windows 7 + Packer / Protector : The Enigma Protector v6.4 Description : Patch HWID and unpack it. Screenshot : Enigma 6.4 UnpackMe.zip

The problem is defining what a good crackme is and where we draw the line. Being able to decide whether an unpackme would be good enough would require for the moderator to essentially solve the challenge themselves as well, which might require too much time for a simple approval, or worse, it might not always be within the skill set of the moderator him-/herself. A random idea that popped into my mind today: It might be possible to incorporate a system that is similar to how crackmes.de used to do it in the past when it was still online. What they did was only approving challenges that also provided an example solution with a full disclosure on the techniques used to protect the challenge or make it interesting. The example solution would only be visible to the staff and to the original author. The way I see it, this has a couple of advantages: It makes the approval procedure more objective. Staff would judge the actual contents of the challenge, rather than having to guess or solving the challenge themselves first. It makes the approval procedure a lot less time consuming. It forces the creator of the challenge to actually think of something interesting and not impossible. Effectively, they have to be able to solve their own challenge, and be able to convince one of the staff members the challenge is interesting. Some downsides would be: UnpackMes protected by new (updates of) obfuscators might not be possible anymore this way. The author might not have the skill to reverse the new technique that is applied either and the UnpackMes is more of an incentive for other, more experienced reverse engineers to have a look at it. As a consequence of the above, collaborative reversing might also be more discouraged by this methodology, since these UnpackMes without a solution would be denied. I also don't know if the current forum software supports any kind of system like this? I can imagine staff not wanting to get spammed with private messages about approval of a challenge either, so it might require a dedicated system, which might require some more coding to get it to work. I don't think I am eligible for a moderator, nor do I think I would be having time for it.

Enigma Done ... KoiVM seems modded. couldn't able to do till now !!