You are here: Links of Interest » HEIG-VD » [SLO] Sécurité Logicielle » Labo 03 - Crackme
Labo 03 - Crackme
Table of Contents
Labo 03 - Crackme
Crackme 1
This crackme uses straight up strcmp
to test the password.
Solution: noideawetheriamthegoodpassword
Vulnerability: Hardcoded Strings
Crackme 2
This crackme uses a custom hashing algorithms to check the validity of the password. XORing all the bytes of the password together must equal to 0x56
.
Solution: Multiples. aaaaaaaaV
, xXxOVOxXx
, any string with all the characters except V
going in pairs
Vulnerability: Hash Collisions >_<
<uml> :eax = argv[1]; :var1 = 0; :var2 = 0; :eax = strlen(argv[1]); while (var1 < strlen(argv[1]) :var2 ^= argv[1][var1]; :var1++; endwhile if (var2 = 0x56) then :win!; stop else :fail!; end endif </uml>
Crackme 3
This crackme uses SHA1 to check the validity of the password.
Solution: qwertzuiop
Vulnerability: Rainbow Tables :)
<uml> :DIGEST = 1b6004ce49ab73225720b82d36eaaa4d6e511034; if (solution to crackme1) then (yes) end endif if (solution to crackme2) then (yes) end endif :hsh = SHA1(argv[1]); :v1 = 0; :v2 = 0; while (v1 ≤ 19) :v2 |= hsh[v1] ^ DIGEST[v1]; :v1++; endwhile if (v2 == 0) then (yes) :echo “Success”; else (no) :fail; end endif stop </uml>