BunnX's getacces Crackme (Password)
| Download getaccess.zip, 16 kb (password: crackmes.de) Browse contents of getaccess.zip getaccess crackme
Difficulty: 4 - Needs special knowledge | Send a message to BunnX » View profile of BunnX » |
Solutions
Solution by Bargest, published 12. nov, 2013; download (2 kb), password: crackmes.de or browse.
Bargest has rated this crackme as quite nice.
Discussion and comments
| iSSoGoo 07. Apr 2013 | I actually don't know what you mean with "Password is correct with a probability of 256", because the "XOR ECX,00000012" in 00401567 tests if the resulting checksum is equal to 12h. I wrote a simple program which bruteforces every combination and there are a lot more than 256! Probably a few billion! Here are some: 6?zbui|hC8^j 5<zbui|hC8^j 4=zbui|hC8^j 3:zbui|hC8^j 2;zbui|hC8^j 18zbui|hC8^j 09zbui|hC8^j /&zbui|hC8^j .'zbui|hC8^j -$zbui|hC8^j ,%zbui|hC8^j +"zbui|hC8^j *#zbui|hC8^j ) zbui|hC8^j (!zbui|hC8^j '.zbui|hC8^j The code which is calculated from the password is probably a CALL or JMP, but I don't have a clue so far why you would need 12 bytes ;) |
|---|---|
| BunnX Author 07. Apr 2013 | Hm, I won't disclose to much. Yes, the xor Check is only one Byte long, so every 256th password "could" be correct. This is only a check, cause the wrong password can crash the program and not the check whether it is the right password. You will see if you patch this. If you enter the right, you will get automatically the success message. If it's wrong and the xor is disabled, i'm really sure.. the programm will crash. Ah, this was to much. :/ Greetings :D |
| BunnX Author 07. Apr 2013 | "The code which is calculated from the password is probably a CALL or JMP, but I don't have a clue so far why you would need 12 bytes ;)" ^^Have Read this to late, why I'm explaining... ;) |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.