Leaderboard

https://dr4gan0x.github.io/dr4gan-portfolio/?post=prometheus-12-layers I hope this write up catches your interest

Threw this into Binary Ninja, turned out to be Rust-compiled ELF64 PIE not C as DiE claims, debug strings like src/main.rs src/vm/dispatcher.rs src/crypto/sbox.rs give it away, main at 0x41bea0 is just the lang_start trampoline real logic sits in sub_41a0c0 which drops into the verification orchestrator sub_418a10 running all 12 layers with bitwise AND accumulation no early exits, layers 1-3 are RDTSC delta and clock_gettime CLOCK_MONOTONIC anti-debug gates, 4-5-6 enforce the 28-char [A-Z0-9_] format with underscores pinned at positions 10/15/23 last 4 digits only and ASCII sum exactly 1901, identified the core hash at sub_433b80 as SipHash-2-4 from the init vectors 0x736f6d6570736575 0x646f72616e646f6d 0x6c7967656e657261 0x7465646279746573 aka "somepseudorandomlygeneratedbytes" with rotation constants 13/32/16/21/17/32 two rounds per block four at finalization, the actual crack comes from Layer 10 which splits the key into four 7-byte segments each hashed with independent k0/k1 pairs reducing the search space from 36^24 down to 4x36^6 roughly 2^33 which is the single architectural weakness in the design, brute-forced the last 4 digits first against Layer 6s YEARHASH/KEY01020 keys in 10K iterations got 2026 then segment 4 in 1.3K then segments 2 and 3 each in ~2.2B iterations then segment 1 with sum-constraint pruning total 55 seconds single core, validated against all remaining layers including the full-key SipHash triplet layers 7/8/9 with three different key pairs and the polynomial evaluation through MurmurHash3 fmix64 at five prime evaluation points all passed clean, key is PR0M3TH3U5_F1R3_ST34L3R_2026, I have a full writeup sitting around too lazy to format it properly but if anyone wants I can publish it

The crackmes.one CTF is officially live, built by the RE community, for the RE community. https://crackmesone.ctfd.io/ Start at: Sat 14 February 2026 00:00:00 UTC Enter the matrix and prove your skills. See you there!

Thank you very much for detailing the solution and method/s taken to solve. Would it be possible to get a PDF copy please? Ted.

issue resolved by adding private readonly DataEncryption _encrypt = new DataEncryption();

Bypassed the license check but unpack is too complicated. The imports are very heavy wrapped. Can do it but few hours manual work will need.

Hello. I have organised it in two different formats. I also added the modified solver.c file as an extra. Thank you. Link: drive

Hello everyone I have been developing my own EXE protection and encryption system for a long time Taking inspiration from solutions like VMProtect and Themida I am trying to build a structure that includes various security layers such as packer encryption obfuscation anti dump and more To test this work and identify its shortcomings I prepared a small test EXE The application is a simple program that asks for a license key and your goal is to crack this application and gain access I encrypted and protected this test application using the protection system I developed Download link https://dosya.co/x5e4xyewg94d/CrackMe.exe.html VirusTotal analysis https://www.virustotal.com/gui/url-analysis/u-a65e75a253a80ae0a2ef0e23a218db163333faf2ce84401f76168cb764444c2a-a6822794 I kindly ask you to analyze it using reverse engineering techniques and try to break it and if possible share with me The parts you found difficult The weaknesses you found easy The strong and weak points of the protection My goal is purely to learn see my mistakes and make the system more robust For experienced experts it may be a simple application please excuse that in advance I hope it will be an educational exercise for beginners and intermediate level users Thank you in advance to everyone who participates Good luck to all

Yes, please post crackme's in the correct area, read the description at the top of the category in the link below, thank you... https://forum.tuts4you.com/forum/146-challenge-of-reverse-engineering/ Ted.

I would appreciate a full writeup! Also, please consider publishing your solve to crackmes.one, where the author cross-posted this challenge.

It seems that although the executable looks protected, no real encryption or obfuscation has actually been applied. There is also a possibility that I accidentally tested the original executable file. I will review my program and fix any shortcomings in the protection pipeline. Thank you for your feedback. Would you like me to open a new thread after I make the corrections?

There is absolutely nothing encrypted, virtualized, or obfuscated in the exe. private void BtnCheck_Click([Nullable(2)] object sender, EventArgs e) { if (this.txtLicenseKey.Text.Trim() == "QUJU-329D-4936-GSBW-AVSK-U8") { base.Hide(); new SuccessForm().Show(); return; } MessageBox.Show("Invalid License Key!", "Error", MessageBoxButtons.OK, MessageBoxIcon.Hand); }

I guess nobody wants to help

@cTrI the site will not disappear, bcoz the webdav server configured connection to single only no parallel connections allowed, if u use multiple winscp clients from the same location(ip) then u may abuse...

i copied this the function name CalculateAuthorizationCode() from Eaton.SSE.Security.Authorize.dll and i addedd the prefence to some dll which functions are used inside this main function here is my function code string CalculateAuthorizationCode(string registrationCode, AccessLevel accessLevel, uint numberOfDays, IEnumerable<string> allowedEquipmentList) { if (string.IsNullOrEmpty(registrationCode)) { throw new EatonException("Bad Authorization Code Request (RegistrationCode is empty)."); } if (!AccessLevelHelper.IsValidUserAccessLevel(accessLevel, CommonUtils.ProductType, false)) { throw new EatonException("Bad Authorization Code Request (Access level invalid)."); } bool flag = numberOfDays < 1U || numberOfDays > 730U; if (flag) { throw new EatonException("Bad Authorization Code Request (Number of days value is out of range)."); } if (allowedEquipmentList == null || allowedEquipmentList.Count<string>() <= 0) { throw new EatonException("Bad Authorization Code Request (Allowed Equipment List is Empty)."); } try { StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append(registrationCode); stringBuilder.Append("!"); stringBuilder.Append(accessLevel.ToString()); stringBuilder.Append("!"); stringBuilder.Append(numberOfDays.ToString()); stringBuilder.Append("!"); foreach (string text in allowedEquipmentList) { stringBuilder.Append(text); stringBuilder.Append(","); } if (stringBuilder.Length > 1) { stringBuilder.Remove(stringBuilder.Length - 1, 1); } byte[] array = _encrypt.EncryptTextToBytes(stringBuilder.ToString(), CryptoKey.Registration); LoggerInterface.WriteLine(LogLevel.Information, string.Format("Authorize.CalculateAuthorizationCode (), Code is {0}.", stringBuilder), LogControl.Encrypt); return CommonParse.BytesToString(array, FormatType.Hexadecimal); } catch (Exception ex) { LoggerInterface.WriteLine(LogLevel.Exception, ex.ToString()); } return string.Empty; } } i have compile error at this line byte[] array = _encrypt.EncryptTextToBytes(stringBuilder.ToString(), CryptoKey.Registration); An object reference is required for the non-static field, method, or property 'Program._encrypt please can some one guide me here i uploaded my csharp project https://we.tl/t-kLfapytJBX

Unpacked CFF Explorer_protected_unp_cl.7z

judging by the error u posted you have to instantiate the _encrypt variable... Somewhere in app writes for example : Tesdsfasdft _encrypt so to instantiate you write : _encrypt = new Tesdsfasdft then u call any method.. if you continue have any problem PM @CodeExplorer , dont bump the thread

ArmDot .NET v2026.1 (Built-in License System) This one uses the built-in license system of the ArmDot .NET.. Provide a serial or an unpacked or a patched variant that accepts a serial. File Information Submitter whoknows Submitted 01/31/2026 Category KeygenMe View File

ArmDot .NET v2026.1 File protected with Hide strings Obfuscate control flow Obfuscate names Obfuscate namespaces and some virtualization accepted solution - unpack OR tell what is doing. File Information Submitter whoknows Submitted 01/30/2026 Category UnPackMe (.NET) View File

Should I download all the necessary courses now? They are truly amazing, but from what I know, WebDAV isn't very stable. I'm honestly worried that the site might disappear...but I'm worried that downloading (too much) might put too much strain on the server.