Solving X3eRo0's CrackMe The Hard Way

Fri, 03 Sep 2021 17:50:32 +0000

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” ― Edward Snowden

In this post, I will make an attempt to solve X3eRo0’s crackme named Pyaz. Below is the information provided on crackme’s page

;------------------;----------------;------------;
| Platform | Difficulty: | Quality: |
| Unix/linux etc. | 4.0 | 4.0 |
;------------------;----------------;------------;

;-------------;
| Description |
;-------------;-------------------------------------------------------------------;
| x86_64 linux binary (tested on ubuntu, should run on any distro). Takes input |
| through stdin and outputs "Correct Password" if it's correct, "Wrong Password" |
| if it's not. |
| Written in C |
| Don't patch the binary, of course - find the correct input. |
;---------------------------------------------------------------------------------;
| SHA256: 2078795d5f56c25c09301d345f07a93df915693f9976633040d9093d1a303e98 ./xvm |
| 29bea5fdd57949fb349e7e06c40ad4578aca6b8af6787bf39a9474857db01649 ./pyaz.xvm |
;---------------------------------------------------------------------------------;

We will reverse this one by looking at the disassembly only (unlike last time we used Ghidra). This is because, unlike last crackme, this is a complex one and I like to feel like GOD after solving a difficult crackme by looking at the disassembly! (obviously many can do the same but that’s just how I feel!)

Radare2 on Siddharth Mishra

Solving X3eRo0's CrackMe The Hard Way