ZeroCoder's crackme v18.0
| Download xg_cm18.zip, 1 kb (password: crackmes.de) Browse contents of xg_cm18.zip find protection
Difficulty: 5 - Professional problem to solve | RatingWaiting for at least 3 votes View profile of ZeroCoder » |
Solutions
Solution by bRaiN_faKKer, published 09. mar, 2006; download (49 kb), password: crackmes.de or browse.
bRaiN_faKKer has not rated this crackme yet.
Discussion and comments
| pxor 09. Jun 2005 | Yo anyone here try to crack this one yet ? looks nasty i think im close but there is something that i dont know ... if u tryed this on please contact me pxor@go2.pl TIA |
|---|---|
| ap0x 12. Jun 2005 | .bornofobia solved this one, and Yes it is nasty. You must write a bruteforcer to solve it. But it will take ages because filename must is 12 chars long, so forget it! |
| pxor 12. Jun 2005 | i cant even find correct hash from name and file extension that will pass the comparision of proc thats check is file name and file extension or shit from comman line is correct all values that i find and that passed this proc produce garbages and bruteforce method tooks about 2 years on my pc :D there must be some smarter method |
| ZeroCoder Author 15. Jun 2005 | hehe.. .bonofobia - the best :)) ok, pxor for you (and all other peoples) tips: .pif |
| ap0x 16. Jun 2005 | Yea I kind a figured that one out my self, but bruteforceing is still nessesary. I mean bornofobia was luky to find a colision... But that is not the real filename, is it? :) |
| ZeroCoder Author 17. Jun 2005 | yes, not real filename... but .bonofobia know true name ;)) |
| ap0x 18. Jun 2005 | What about i send you my bruteforcer, and you give me the correct file name, so I can finaly sleep at night :))) |
| pants 19. Jun 2005 | I haven't looked at #18 yet, but it sounds similar to #19 - if so then using a GA will help. (GA on #19 finds the pass quite quickly (~1 second with similar keyspace)). |
| ZeroCoder Author 21. Jun 2005 | hahahah... 2apox: you can send me any bruterforce and other @@@, but if you can't find correct filename, you not receive true filename!!! 2pants: ah, you best, you know all... but i can't see any your solution for any my crackmes... ok, or send password for #19.. show me. don't f#ck brain. .bonofobia solved it, and find correct filename... but not true!!! |
| pants 22. Jun 2005 | I'll bite :) Like you I don't write solutions, it's just for fun - but I will help where I can (like here). GA wasn't necessary, but was fun to write and works very well. I enjoy your crackmes - keep them coming :) /pants. ( SPOILER: pass for #19 is somewhere on this page ... hxxp://www.anekdot.ru:8084/an/an0410/f041031.html ) |
| ZeroCoder Author 22. Jun 2005 | ok.. hmm... anekdot.ru??? |
| pants 02. Jul 2005 | I took another look at #18 today (didn't work on w2k before, needs PE header patch). @pxor & ap0x: This can be solved without BF. Part2 can be done on paper. Part1 is helped by GA - but produces too *many* valid solutions (100's (so far) of valid collisions produce working messagebox). Narrowing of search space (ie knowing correct number of chars between '\' and 'if' would help....) Don't give in - it's a nice crackme :) @ZeroCoder: Yes, pass for #19 is on there - I have no idea what it means (couldn't find a translation) :) |
| asept!c 05. Jul 2005 | Got a question-regarding that hint ".pif". So if we don't enter any arguments in the command line crackme will process it's filename and replace *\* from the start of the path with *"* and that means it will process in second part *pif"* but *pif"* has no valid solutions then. So my question is do we enter arguments or we just change the filename (then every filename will have *"* processed in crackme algo, else it will have last byte of the argument entry processed)? If we change just the filename then the extension is not .pif but something else?! |
| ZeroCoder Author 17. Aug 2005 | ohh.. pants cracked and this |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.