Crackme
After spending time exploiting various Linux programs through the Protostar and Fusion exercises, a change of scenery and change of approach will help to round out our binary exploitation knowledge.
This section will tackle "crackmes," which are dummy pieces of software crafted by programmers and designed to be "cracked," or have their protections removed/bypassed, by others. Crackmes are posted across various sites online, such as crackmes.one.
For these exercises, I will be working in a Windows 10 environment and utilizing the freeware version of IDA by Hex-Rays. Unlike gdb, which is a debugger, IDA is a disassembler. Disassemblers are less concerned with dynamically stepping through running software and are more focused on features that aid in static analysis, such as graphical views of assembly code (with that said, IDA also includes a debugger).
All crackmes downloaded from crackmes.one will contain locked .zip files - the password is "crackmes.one". Additionally, keep in mind that since these are executables from "untrusted publishers," you may need to briefly adjust/disable your virus protection.
Here are my writeups, along with the topics introduced:
This section will tackle "crackmes," which are dummy pieces of software crafted by programmers and designed to be "cracked," or have their protections removed/bypassed, by others. Crackmes are posted across various sites online, such as crackmes.one.
For these exercises, I will be working in a Windows 10 environment and utilizing the freeware version of IDA by Hex-Rays. Unlike gdb, which is a debugger, IDA is a disassembler. Disassemblers are less concerned with dynamically stepping through running software and are more focused on features that aid in static analysis, such as graphical views of assembly code (with that said, IDA also includes a debugger).
All crackmes downloaded from crackmes.one will contain locked .zip files - the password is "crackmes.one". Additionally, keep in mind that since these are executables from "untrusted publishers," you may need to briefly adjust/disable your virus protection.
Here are my writeups, along with the topics introduced:
0x00 - "Keygenme #2" by OldSoft - first keygen to generate acceptable serial numbers
0x01 - "simpledatas_keygenme_1" by simpledata - second keygen to bypass serial number protection
0x01 - "simpledatas_keygenme_1" by simpledata - second keygen to bypass serial number protection