whitecr0w Easy Peasy

https://crackmes.one/crackme/5d295dde33c5d410dc4d0d05

Crackme writeup by @310hkc41b https://twitter.com/310hkc41b

crackmes.one user b1h0 https://crackmes.one/user/b1h0

Date: 05/oct/2019

To analyze this file I have used Ghidra and x64dbg, simply by trying both tools and seeing the differences. It is good to contrast and train in both dynamic and static.

Ghidra - notes

Load executable and Analyze.
Search in Symbol Tree left dialog the text "main".
In Listing you can see at address 0040155a the username that is: "iwonderhowitfeelstobeatimetravel"
Next, at address 0040158c the password is revealed to us: heyamyspaceboardisbrokencanyouhelpmefindit?
In the code decompilation window you can also see clearly.
I think we don't need anything else.

x64dbg - notes

Its a 64bits Windows exe
Strings with the username and password are also revealed quickly and without problems from 00401553: "iwonderhowitfeelstobeatimetraveler", "heyamyspaceboardisbrokencanyouhelpmefindit?".

The string in .rdata section at 0000000000488000

What else?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

b1h0-whitecr0w_Easy_Peasy.md

b1h0-whitecr0w_Easy_Peasy.md

whitecr0w Easy Peasy

https://crackmes.one/crackme/5d295dde33c5d410dc4d0d05

Crackme writeup by @310hkc41b https://twitter.com/310hkc41b

crackmes.one user b1h0 https://crackmes.one/user/b1h0

Date: 05/oct/2019

Ghidra - notes

x64dbg - notes

Files

b1h0-whitecr0w_Easy_Peasy.md

Latest commit

History

b1h0-whitecr0w_Easy_Peasy.md

File metadata and controls

whitecr0w Easy Peasy

https://crackmes.one/crackme/5d295dde33c5d410dc4d0d05

Crackme writeup by @310hkc41b https://twitter.com/310hkc41b

crackmes.one user b1h0 https://crackmes.one/user/b1h0

Date: 05/oct/2019

Ghidra - notes

x64dbg - notes