Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crackme is too easy #1

Closed
bartavelle opened this issue Jun 23, 2015 · 5 comments
Closed

Crackme is too easy #1

bartavelle opened this issue Jun 23, 2015 · 5 comments

Comments

@bartavelle
Copy link

You should have used something that can't be trivially solved with instruction counting. A fixed memcmp would require more work.
@syclops
Copy link

syclops commented Jun 24, 2015

Way to spoil the fun for everyone else.

@bartavelle
Copy link
Author

I took care not to post the solution, so you are still free to try it the hard way.

I filled this issue quickly and laconically in the hopes that it wouldn't be hard for the author to replace the strlen with a loop using a fixed number of steps. The cool thing about this obfuscation scheme, if I understand it correctly, is that it should not be possible to differentiate between conditional branches just by counting instructions.

@syclops
Copy link

syclops commented Jun 24, 2015

Hopefully the author does replace it. But in general even mentioning what you did in the first comment can leak some information, so I'd be careful. It's always more fun to let everyone take a shot with a blank slate. :)

@xoreaxeaxeax
Copy link
Owner

Thanks, added a new version; same as original, but with a new key and constant time strcmp. Should prevent the easiest solutions.

@bartavelle
Copy link
Author

great !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bartavelle @syclops @xoreaxeaxeax