Thread replies: 31
Thread images: 1
Thread images: 1
File: uplink2010122716054855.png (134KB, 1280x1024px) Image search:
[Google]
134KB, 1280x1024px
Is anyone here interested in solving a crackme? It involves writing a keygen. x86_64 or AArch64 binary.
>>
>>59883723
gib binary plos
>>
>>59883755
x86_64: https://transfer.sh/nPNw5/validkey
AArch64: https://transfer.sh/3PZOt/validkey-aarch64.elf
>>
>>59883793
ok, REing rn. is this a ctf chall or something you made yourself?
>>
>>59883836
Something I cooked up myself. I'm not sure if the difficulty is too high or too low for the average RE. I feel like I stripped out a lot of things I should've done, but two friends of mine struggled to even come up with the first step of it.
>>
>>59883844
interesting debugging detection lol.
>>
>>59883945
Liberally adapted from Gozi
>>
>>59883723
hi i'm just some retard that took a systems programming class where we were taught how to read x86 assembly
what's a "crackme" and is it something i can participate in?
i'm assuming i have to actually write x86 instead of just figuring out what it does
>>
>>59884540
>what's a "crackme" and is it something i can participate in?
A crackme is a program that is intended to be reverse engineered. There is usually a well-defined goal. In this case: Generate a valid key that makes the program return exit status 0 (EXIT_SUCCESS).
>i'm assuming i have to actually write x86 instead of just figuring out what it does
You have to first figure out what it does, then write a program that generates a valid key (or you could do all the math yourself and assemble the pieces manually, but it'll be a painful experience).
>>
thought this was going to be a fun way to kill sometime,
was not disappointed.
thanks op.
>>
>>59884631
You're welcome. How was the difficulty?
>>
>>59884646
If I wasn't stuck with Hopper and being unable to run the program (I'm on the go and am used to Ida), it *probably* would've been easier. However I'd rate it between a medium and a high difficulty with just static analysis. I also don't really know if my answer works tho so it may be higher/lower.
>>
>>59884672
Hm, I see, thanks. I can check a key if you want me to; I don't really mind the basic format being shown.
I guess I'll take it down a bit for my next iteration. It's really interesting to see how easy it is to forward engineer and be like "Have I done enough?", but painful to reverse. Might get easier if you could debug it.
Thanks for sticking with it!
>>
>>59884700
Just left the hotel, when I come back I'll post :)! Thanks for making this, it was quite fun and honestly enjoyable. You should make a github repo with the src/binary. Definitely make more!
>>
I've been wanting to get into RE for a while. Are there any decent free tools for Linux/Windows? Any decent learning resources?
>>
retard again
i'm on Windows so I put it in cygwin
did objdump -d validkey and the printout is larger than what the terminal can store
this obviously isn't like my school projects
do i just dive in or is there a better way?
>>
>>59884717
Glad to hear that. I guess I'll set up the current one in the next few hours on github. I still need to write down the design rationale for individual parts and why I did certain "wtf?" parts the way I did.
>>59884723
IDA Free or radare2. Everyone I know learned RE from trying to hack consoles and they more or less dived in directly. I get the question a lot, and a very experienced reverse engineer told me "probably watch whatever is on youtube about it, ask questions in IRC, do CTF problems that have writeups" and that "it can take years to be proficient, there's no worry in not being good at first". Interestingly enough, this is arguably the only time I've been told youtube tutorials are worth anything.
You may also want to watch reverse engineers above your skill level at work. Occasionally, @fwosar (Twitter; he'll usually send a tweet before streaming) does Twitch streams.
>>59884742
Best experience is apparently had with IDA Pro + decompiler, but you'd go broke trying to get one, if they even sell to you. Some people swear by radare2 instead.
Other than improving your tooling, all you can do is get your feet wet.
>>
>>59883793
Do they both have the same solution?
>>
>>59884915
Yes, they do. Some people are more used to AArch64 from (newer) embedded platforms, so I just made both.
>>
>>59883723
does anything even use keys anymore? isnt everything just using some online activation/drm shit now?
>>
having a crack at it now
>>
What's the use of something like radare2 as opposed to just good ol' gdb?
And RSA is probably way above my skill level. Is there a projecteuler-esque site where I can try these out starting at a beginners pace?
>>
>>59883723
what's the prize?
>>
>>59885111
how about skill points?
>>
>>59885154
I do it for the money at work every day already
>>
>>59884834
thanks for being helpful in your replies (to everyone).
i honestly expected most of these responses to be some variation of "kys". though, to be fair, that is based on being here, not in how your posts presented.
>>
>>59885002
As far as I know, keys are still used in tandem with online actication, such as Introversion's Multiwinia. Most of it is (1) having a unique identifier that has a certain degree of fat-fingering protection, (2) nostalgia for the era of keys only, and (3) the fun of coming up with an algorithm.
>>59885095
Enjoy!
>>59885105
radare2 et al. are for static analysis and usually have tools to accompany that, such as flow graphs, being able to view the current section as hex or disasembly and others. gdb is mainly a debugger, which means you'd rather use it to try and observe the program in execution. Sometimes, it's much more helpful to see what effects a routine just had, rather than just try and trace the assembly in your head.
>>59885105
AFAIK https://www.microcorruption.com/ has a very gentle introduction curve that gets progressively harder until it breaks your spirit.
>>59885111
A fuzzy, warm feeling in your heart that you've managed to beat a puzzle.
I'm sorry there's not more in it for you.
>>59885305
Reverse engineering is a highly difficult art. There's nothing to be gained from just turning people away.
>>
>>59883723
Way out of my league sadly.
when i saw the private key i knew my chances of solving are very slim
>>
>>59884717
I've finally gotten around to putting it on github.
https://github.com/sympt0m/keygenme/releases/tag/v1.0
You really don't want to read the source code (or even the source code file names) or DESIGN.md unless you want a big spoiler already.
>>
>>59883723
allowed to use z3 or similar to bruteforce a key or is it strictly a re exercise?
>>
>>59887134
Whatever puts the meal on the table at the end of the day. If it works, it works.
Thread posts: 31
Thread images: 1
Thread images: 1