Jump to content
View in the app

A better way to browse. Learn more.

Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Featured Replies

Posted

Language : Assembly
Platform :  Windows x32/x64
OS Version :  Windows 7, 8, 10
Packer / Protector : None

Description :

Found this one while cleaning my box, can you find the key?

Screenshot :

im1.jpg.01550fb1d55470da0dc6549b2728bd78.jpg

Rule  : Tell us  how you cracked it.

Baby Crackme #1.exe

Solved by kao

Go to solution
  • Solution

That is most likely not your crackme. But what the hell.. :)

 

Load it in IDA, decompile serial check and it will look like this:

      if ( ++idx >= 29 )
      {
        if ( count_of_sevens == 1 && String[6] == '7' )
        {
          v5 = (unsigned __int8)entered_key[0];
          if ( entered_key[0] )
          {
            LOBYTE(v5) = entered_key[4];
            if ( v5 )
            {
              LOBYTE(v5) = entered_key[8];
              if ( v5 )
              {
                LOBYTE(v5) = entered_key[12];
                if ( v5 )
                {
                  LOBYTE(v5) = entered_key[16];
                  if ( v5 )
                  {
                    LOBYTE(v5) = entered_key[21];
                    if ( v5 )
                    {
                      part1 = getintfromkey(0, 4, 0);
                      part2 = getintfromkey(0, 4, v6);
                      part3 = getintfromkey(0, 4, v7);
                      part4 = getintfromkey(0, 4, v8);
                      part5 = getintfromkey(0, 5, v9);
                      part6 = getintfromkey(0, 8, v10);

                      v11 = part1 * (unsigned __int8)entered_key[7];
                      v12 = part1 * (unsigned __int8)entered_key[6];
                      v13 = part1 * (unsigned __int8)entered_key[4];
                      if ( v11 == part5
                        && v12 == part3
                        && !(part1 * (unsigned __int8)entered_key[5])
                        && v13 == part4
                        && 1000 * v13 + 10 * v12 + v11 == part6 )
                      {
                          ...show good boy message...

There are some checks for specific character values:
* char 6 must be "7", there may not be any other "7" in the key;
* char 5 must be "0";
* chars 4,8,12,16,21 may not be "0";

Key is split into in several parts:

part1 = first 4 chars
part3 = chars 8..11
part4 = chars12..15
part5 = chars16..20
part6 = chars21..28

Then it does some simple multiplication and checks the result.

At this point you have 2 options:
- make a tool that will randomly choose part1 and chars 4 and 7, do the multiplication to calculate parts 3, 4, 5, 6 and see if it passes all checks.
- remember math lessons from school and figure out the only possible combination that will pass all checks.

First one is much faster, second one will be .. challenging.

Either way, you should arrive at the only possible solution:

Spoiler

12388079866699041114210001802

 

Well, in fact, there is infinite number of valid keys. You can append random characters to the key above, they are not checked.. :D

 

  • Author
7 hours ago, kao said:

That is most likely not your crackme. But what the hell.. :)

 

Load it in IDA, decompile serial check and it will look like this:


      if ( ++idx >= 29 )
      {
        if ( count_of_sevens == 1 && String[6] == '7' )
        {
          v5 = (unsigned __int8)entered_key[0];
          if ( entered_key[0] )
          {
            LOBYTE(v5) = entered_key[4];
            if ( v5 )
            {
              LOBYTE(v5) = entered_key[8];
              if ( v5 )
              {
                LOBYTE(v5) = entered_key[12];
                if ( v5 )
                {
                  LOBYTE(v5) = entered_key[16];
                  if ( v5 )
                  {
                    LOBYTE(v5) = entered_key[21];
                    if ( v5 )
                    {
                      part1 = getintfromkey(0, 4, 0);
                      part2 = getintfromkey(0, 4, v6);
                      part3 = getintfromkey(0, 4, v7);
                      part4 = getintfromkey(0, 4, v8);
                      part5 = getintfromkey(0, 5, v9);
                      part6 = getintfromkey(0, 8, v10);

                      v11 = part1 * (unsigned __int8)entered_key[7];
                      v12 = part1 * (unsigned __int8)entered_key[6];
                      v13 = part1 * (unsigned __int8)entered_key[4];
                      if ( v11 == part5
                        && v12 == part3
                        && !(part1 * (unsigned __int8)entered_key[5])
                        && v13 == part4
                        && 1000 * v13 + 10 * v12 + v11 == part6 )
                      {
                          ...show good boy message...

There are some checks for specific character values:
* char 6 must be "7", there may not be any other "7" in the key;
* char 5 must be "0";
* chars 4,8,12,16,21 may not be "0";

Key is split into in several parts:

part1 = first 4 chars
part3 = chars 8..11
part4 = chars12..15
part5 = chars16..20
part6 = chars21..28

Then it does some simple multiplication and checks the result.

At this point you have 2 options:
- make a tool that will randomly choose part1 and chars 4 and 7, do the multiplication to calculate parts 3, 4, 5, 6 and see if it passes all checks.
- remember math lessons from school and figure out the only possible combination that will pass all checks.

First one is much faster, second one will be .. challenging.

Either way, you should arrive at the only possible solution:

  Reveal hidden contents


12388079866699041114210001802

 

Well, in fact, there is infinite number of valid keys. You can append random characters to the key above, they are not checked.. :D

 

Yeah I tried to figure out a math formula to solve the system but it didn't pan out. Then I thought about your second option but since it would involve some brute force I gave up

Create an account or sign in to comment

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.