Jump to content
View in the app

A better way to browse. Learn more.

Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Featured Replies

Posted

Language: C/C++
Platform: Windows x64
OS Version: Windows
Packer / Protector: None

Description:

This is my very first created "CrackMe" and I'd love to get feedback/suggestions on it (especially how I could make it harder without packing/obfuscating/virtualizing the binary)!
The challenge is to find the correct password and the correct response.

Screenshot:

J1kPucb.png

PleaseCrackMe.exe

Spoiler

hunter2

Time required - 15 seconds and a simple scan for strings..

 

To make any decent crackme, you need to learn at least basics of reversing. So, you can start by reading tutorials. For example, "simple crackme tutorial" would be a nice Google search for starters. You can also read solutions for different CTFs (Capture The Flag contests). For example, FLARE-ON always starts with very simple crackmes (and get difficult really quick), and there's plenty of solutions available.

Once you know how reversing process works, you'll be able to come up with more complex ways to protect your code.

  • Author
6 hours ago, kao said:
  Reveal hidden contents

hunter2

Time required - 15 seconds and a simple scan for strings..

 

To make any decent crackme, you need to learn at least basics of reversing. So, you can start by reading tutorials. For example, "simple crackme tutorial" would be a nice Google search for starters. You can also read solutions for different CTFs (Capture The Flag contests). For example, FLARE-ON always starts with very simple crackmes (and get difficult really quick), and there's plenty of solutions available.

Once you know how reversing process works, you'll be able to come up with more complex ways to protect your code.

Haha, I hoped someone would fall for it! hunter2 isn't the correct one, try again :b.

It accepts the password and prints "Well done" message. Sounds like a solution to me. 

huUv3rE.png

If the goal was to find any other message, you should have specified that in the crackme description.

 

EDIT: I'm not aware of any specific attack to the hash you're using. So, it boils down to bruteforcing a specific 64bit hash value which is considered out-of-reach for desktop computers. Or am I missing something else?

 

Edited by kao

  • Author
4 minutes ago, kao said:

It accepts the password and prints "Well done" message. Sounds like a solution to me. 

huUv3rE.png

If the goal was to find any other message, you should have specified that in the crackme description.

Sorry, I thought that "haven't you? :X" is clear enough, my bad!
To clarify, the correct message includes "tuts4you"!

Tip:

Spoiler

Check the exports.

 

Edited by phasermoon

The correct message is 

Spoiler

GJ, tell me on tuts4you!

But, as I explained in my previous post, it's pretty much impossible to obtain password which will yield this message.

 

And there are no exports in your file - so your hint is either wrong or I didn't guess the true meaning of it.  In either case, I truly hate "do random shit until you figure out what obscure stuff author wants you to do"-style of crackmes, so I'm out.

 

 

Create an account or sign in to comment

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.