PDA

View Full Version : new linux crackmes - let's crack them!


0xf001
January 15th, 2005, 17:12
hi all,

I have found some (for me new) linux crackmes:

http://racl.oltrelinux.com/crackme/index.html

as this is a potentialli italian site (at least not english), and I saw no links to solutions, I will start working on them ... , and post my efforts here ...

Would be cool if some guys can join and spread their knowledge, hehe!

Especially "newbies" are VERY welcome to join , and ask really _any_ question, starting by choice and use of tools etc, as that are the questions other people can benefit from!

just pick up one of the files and see how far you come! once you are stuck, post it here!

I hope to get a little more traffic into the forum, hehe

let's crack!


have fun! 0xf001

PS: i have just downloaded them, and no idea about difficulty and so on ...

0xf001
January 19th, 2005, 16:25
hi all,

I just wanted to try the qt crackme, and it showed, it needs some old libraries, of course
the shared libs

libstdc++-libc6.1-1.so.2
and
libqt.so.1

were missing on my system, and simply making a link from current libc / libqt to fake those files did not work, as it misses some symbols then.

So I found those required files in the rpms (google):

compat-libstdc++-6.2-2.9.0.16.i386.rpm
qt1x-1.45-16.i386.rpm

and did a
rpm2cpio compat-libstdc++-6.2-2.9.0.16.i386.rpm | cpio -idv
rpm2cpio qt1x-1.45-16.i386.rpm | cpio -idv

to extract the rpms files into the current dir, as we of course do not want to install them on the system.

then you can copy the 2 files mentioned in the beginning to the crackmes dir

then say export LD_LIBRARY_PATH=.:$LD_LIBRARY_PATH

so prepend the current path to the searchorder for shared libs.

now you can run this crackme

btw looking shortly into the disassembly tells this one is quite easy. like the gtkmm trythis you find the checkserial without knowing about Qt

have fun, 0xf001

PS: i did not yet try to "attack" it ...
PPS: I decided to upload those files, so you have it easy
just remove the .zip from the filename!
[edit] files are probably too big, I provide them somewhere else ....

0xf001
January 21st, 2005, 12:16
has anyone yet tried the blaad crackme (the Qt one)?

I found quite immediately the serial checking function. some hours later I had the serial algo (incl necessary data) reverse translated into C and verified it is correct.

now actually I am working on a method to break it. I am not sure if it is possible to reverse the hash algorythm. bruteforcing is not really an option... it is quite tricky, has anyone had a look at it?

regards, 0xf001

0xf001
January 25th, 2005, 06:02
hi!

I have looked again at this crackme and had _the idea_

I made a tutorial, which requires a little bit of math understanding. I can only recommend this crackme to everyone it is quite tricky in the first place.

For having difficulties getting the hash algorithm - but do not want to read the solution I do post it here as a help

for(C=0;C<0xf;C++)
S[0xe-C] = C + 1 + (0xFFC8 - (10*C & 0xff)) ^ ( S[0xe-C] ^ S[C] )

whereby S is the entered serial.

Have fun, 0xf001

dirty_deeds
February 7th, 2005, 23:01
I have been working through the "trythis" crackme(which 0xf001) has written about. It seems that after each check for a led, and before the led count is incremented, there is a section of code which is never reached. For instance, the section of code
0x0805305F - 0x0805307D
Any idea what is going on here?