d2jsp
Log InRegister
d2jsp Forums > Off-Topic > Computers & IT > Programming & Development > Abducts Crackmes
Add Reply New Topic New Poll
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
Jun 10 2012 10:04pm
Quote
Spam: This topic was closed due to excessive off-topic posts.
Piracy, 3rd Party Hacks: Software piracy and 3rd party hacks are not allowed.
Please review the rules here: Forum Rules


@mods: this thread has nothing to do with hacks or software piracy simply because reversing, decompiling, and debugging is all programming related and are valid skills used in the field. i am simply helping others learn or hone these skills.

@anyone interested: made the first crackme i am going to wait till i can make 1 or 2 more before releasing them. always check my last post for all the required info. might take me a day or two to finish two more quick crackmes simply because of my work hours.
Member
Posts: 2,736
Joined: Nov 28 2009
Gold: 34.00
Jun 10 2012 10:22pm
lmao @ mods
good when they have a clue about what programming actually is

This post was edited by eagl3s1ght on Jun 10 2012 10:22pm
Member
Posts: 16,144
Joined: Mar 27 2008
Gold: 14,618.00
Jun 11 2012 02:53am
@the guy who closed it: this is COMPLETELY legal imo (real world AND on jsp)

@others: we need to upload the crackme's as sourcecode, because linking binaries is not allowed.
Banned
Posts: 2,525
Joined: Jan 2 2012
Gold: 0.01
Warn: 10%
Jun 11 2012 05:10am
Quote (Richter @ 11 Jun 2012 09:53)
@the guy who closed it: this is COMPLETELY legal imo (real world AND on jsp)

@others: we need to upload the crackme's as sourcecode, because linking binaries is not allowed.


source code would kinda defeat the purpose :P

just post binary uuencoded/base64/mime/gpg asciiarmor ... where uuencode is just the most comfortable to use.

also good to know moderators know what they are doing :D

This post was edited by ikusus on Jun 11 2012 05:11am
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
Jun 11 2012 11:02am
Quote (ikusus @ Jun 11 2012 07:10am)
source code would kinda defeat the purpose :P

just post binary uuencoded/base64/mime/gpg asciiarmor ... where uuencode is just the most comfortable to use.

also good to know moderators know what they are doing :D


lol yea, but what do you expect most mods dont really have a clue about programming.

and yea a sourcecode would defeat the purpose simply because you wouldnt really have to reverse or debug anything to understand what it's doing or to find the password.

edit::

completed the second crackme. how do i uuencode these. i assume i need to pipe this to a file because for some reason when i use

uuencode crackme1 crackme1.uu

i just pipes output to stdout.

uuencode crackme1 crackme1.uu >> crackme1.uu

would work i suppose? (would of thought there would be a -o flag lol)

This post was edited by AbDuCt on Jun 11 2012 11:24am
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
Jun 11 2012 11:46am
Without further wait here are the first two missions of abducts crackmes. These are crackmes range from easy to hard that only require basic asm knowledge and basic knowledge of linux commands and programs such as objdump, gdb, strings, uuencode, uudecode, and a few more depending on the dificulty.

Rules:
1) patching is allowed but is highly unnecessary for easy levels.
2) post screenshot of the password is correct screen when you complete (please blank out the password somehow as to not ruin the crackmes for others.)
3) posting hints and help is allowed as long as you dont give out the answers directly

Other notes:
All binary files will be uuencoded into plaintext as to comply with jsps "no binary rule." To start using these crackmes simply copy paste the text from the corresponding links into a text file and enter the following command without quotes. "uudecode crackme#" where the # is the number of the crackme you are using.


Without any more talking here you go. I expect that these should take no more than 1-10 minutes for most of you lol. Thanks for participating. Also if anyone would like to create theyre own crackmes ranging from simple to hard please go ahead. You can either pm me the uuencoded binary text or post a link here and i will add it to the post.

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Crackme1 - easy (written in asm at&t syntax 32bit)
http://pastebin.com/Z2iYVrUw

crackme2 - easy (written in asm at&t syntax 32bit)
http://pastebin.com/3amVHfEH

This post was edited by AbDuCt on Jun 11 2012 11:47am
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
Jun 12 2012 10:57am
Without further wait here are the missions of abducts crackmes. These are crackmes range from easy to hard that only require basic asm knowledge and basic knowledge of linux commands and programs such as objdump, gdb, strings, uuencode, uudecode, and a few more depending on the dificulty.

Rules:
1) patching is allowed but is highly unnecessary for easy levels.
2) post screenshot of the password is correct screen when you complete (please blank out the password somehow as to not ruin the crackmes for others.)
3) posting hints and help is allowed as long as you dont give out the answers directly

Other notes:
All binary files will be uuencoded into plaintext as to comply with jsps "no binary rule." To start using these crackmes simply copy paste the text from the corresponding links into a text file and enter the following command without quotes. "uudecode crackme#" where the # is the number of the crackme you are using (on linux platforms).


I will be adding some windows crackmes sooner or later. I think ill do some easy ones in C# where you can use .net reflector and then make a bit more complicated ones where it asks my webserver for details to auth itself and people would need to packet log it and find a way to patch it or fool it (still pretty simple).

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Crackme1 - easy (written in asm at&t syntax 32bit linux)
Security master bob is trying to develop a password system to protect his 0day hacks from prying eyes, but since bob is just 14 years old he doesn't know much about security. Find the flaw in his password system and find the password.
http://pastebin.com/Z2iYVrUw

Crackme2 - easy (written in asm at&t syntax 32bit linux)
Security master bob found out how his old method of securing his 0day hacks was faulty and made the simple change to help protect his password from prying eyes. Debug the application and find the password.
http://pastebin.com/3amVHfEH

Crackme3 - easy (written in asm at&t syntax 32bit linux)
Security master bob is getting mad at all the skript kiddies finding his password so easily so he got rid of the static definition of his password all together. Debug the application and find the password.
http://pastebin.com/Xf49ux1S

This post was edited by AbDuCt on Jun 12 2012 11:13am
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
Jun 14 2012 12:45pm
creating a fourth crackme in the "medium" difficulty range. actually requires you to have a understanding of what is happening in the asm source. should be interesting to see who can figure it out. ill post it either tonight or tomorrow.
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
Jun 15 2012 01:38am
Without further wait here are the missions of abducts crackmes. These are crackmes range from easy to hard that only require basic asm knowledge and basic knowledge of linux commands and programs such as objdump, gdb, strings, uuencode, uudecode, and a few more depending on the dificulty.

Rules:
1) patching is allowed but is highly unnecessary for easy levels.
2) post screenshot of the password is correct screen when you complete (please blank out the password somehow as to not ruin the crackmes for others.)
3) posting hints and help is allowed as long as you dont give out the answers directly

Other notes:
All binary files will be uuencoded into plaintext as to comply with jsps "no binary rule." To start using these crackmes simply copy paste the text from the corresponding links into a text file and enter the following command without quotes. "uudecode crackme#" where the # is the number of the crackme you are using (on linux platforms).


change log:
june 15th 2012: added crackme4 and started the change log. will be adding some simple windows crackmes eventually.

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Crackme1 - easy (written in asm at&t syntax 32bit linux)
Security master bob is trying to develop a password system to protect his 0day hacks from prying eyes, but since bob is just 14 years old he doesn't know much about security. Find the flaw in his password system and find the password.
http://pastebin.com/Z2iYVrUw
http://paste2.org/p/2053392

Crackme2 - easy (written in asm at&t syntax 32bit linux)
Security master bob found out how his old method of securing his 0day hacks was faulty and made the simple change to help protect his password from prying eyes. Debug the application and find the password.
http://pastebin.com/3amVHfEH
http://paste2.org/p/2053393

Crackme3 - easy (written in asm at&t syntax 32bit linux)
Security master bob is getting mad at all the skript kiddies finding his password so easily so he got rid of the static definition of his password all together. Debug the application and find the password.
http://pastebin.com/Xf49ux1S
http://paste2.org/p/2053395

Crackme3 - medium/hard (written in asm at&t syntax 32bit linux)
Security master bob realized that no matter how he tried store a single password it could be reversed and found out. Knowing this he asked his skid friend for a new method and he learned about rule based passwords. Analyze the code and create a working password to satisfy the rules. (HINT: There is more than one password that satisfies the rules.) (PS: was very tired when i wrote this so there may be a bug or two but it DOES work as intended. I think the only real bug is that password length doesn't matter as long as the rules are satisfied but oh well.)
http://paste2.org/p/2053388

This post was edited by AbDuCt on Jun 15 2012 01:39am
Go Back To Programming & Development Topic List
Add Reply New Topic New Poll