Language: C/C++
Platform: Windows x64
OS Version: Windows
Packer / Protector: None

Description:

This is my very first created "CrackMe" and I'd love to get feedback/suggestions on it (especially how I could make it harder without packing/obfuscating/virtualizing the binary)!
The challenge is to find the correct password and the correct response.

Screenshot:

PleaseCrackMe.exe

Spoiler

hunter2

Time required - 15 seconds and a simple scan for strings..

 

To make any decent crackme, you need to learn at least basics of reversing. So, you can start by reading tutorials. For example, "simple crackme tutorial" would be a nice Google search for starters. You can also read solutions for different CTFs (Capture The Flag contests). For example, FLARE-ON always starts with very simple crackmes (and get difficult really quick), and there's plenty of solutions available.

Once you know how reversing process works, you'll be able to come up with more complex ways to protect your code.

6 hours ago, kao said:

  Reveal hidden contents

hunter2

Time required - 15 seconds and a simple scan for strings..

 

To make any decent crackme, you need to learn at least basics of reversing. So, you can start by reading tutorials. For example, "simple crackme tutorial" would be a nice Google search for starters. You can also read solutions for different CTFs (Capture The Flag contests). For example, FLARE-ON always starts with very simple crackmes (and get difficult really quick), and there's plenty of solutions available.

Once you know how reversing process works, you'll be able to come up with more complex ways to protect your code.

Haha, I hoped someone would fall for it! hunter2 isn't the correct one, try again :b.

It accepts the password and prints "Well done" message. Sounds like a solution to me. 

If the goal was to find any other message, you should have specified that in the crackme description.

 

EDIT: I'm not aware of any specific attack to the hash you're using. So, it boils down to bruteforcing a specific 64bit hash value which is considered out-of-reach for desktop computers. Or am I missing something else?

 

Edited February 5, 20196 yr by kao

4 minutes ago, kao said:

It accepts the password and prints "Well done" message. Sounds like a solution to me. 

If the goal was to find any other message, you should have specified that in the crackme description.

Sorry, I thought that "haven't you? :X" is clear enough, my bad!
To clarify, the correct message includes "tuts4you"!

Tip:

Spoiler

Check the exports.

 

Edited February 5, 20196 yr by phasermoon

The correct message is 

Spoiler

GJ, tell me on tuts4you!

But, as I explained in my previous post, it's pretty much impossible to obtain password which will yield this message.

 

And there are no exports in your file - so your hint is either wrong or I didn't guess the true meaning of it.  In either case, I truly hate "do random shit until you figure out what obscure stuff author wants you to do"-style of crackmes, so I'm out.