crackme writeup

static/posts/crackmes-license-checker/post.typ

@@ -0,0 +1,68 @@
+#let post_slug = "crackmes-license-checker"
+#let post_preview_image = "cover.png"
+#let post_summary = "Reverse engineering license-checker from crackmes.one"
+
+= Crackmes.one license-checker solution
+First get a feel for the program.
+```sh
+$ ./license_checker_1 
+Usage : ./license_checker_1 <license key here>
+./license_checker_1 12345
+12345 is not a valid license key.
+```
+
+Open it up in biunary-ninja and go to the main function:
+
+#image("/static/posts/crackmes-license-checker/image.png")
+
+Notice the key is visible, so strings would have worked here too.
+
+```c
+if (!strcmp(arg2[1], "KS-LICENSE-KEY-2021-REV-1", "KS-LICENSE-KEY-2021-REV-1"))
+{
+  puts("
+    Congratulations ! You have successfully registered your premium service.");
+  exit(0);
+}
+```
+
+Immediately the keys are visible. Trying it:
+
+```sh
+$ ./license_checker_1 KS-LICENSE-KEY-2021-REV-1
+Congratulations ! You have successfully registered your premium service.
+```
+
+Looking at the program, what it does is verify the right number of inputs are present, and test the inputs against a known string. 
+
+= Solution 2
+
+The fastest solution would have been to use strings:
+```sh
+$ strings license_checker_1 | grep -v '\.' | grep -v '_'
+XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+XXXXXXXXXXXXXXXXXXXXXXXXXXXX
+XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+exit
+puts
+printf
+strcmp
+u3UH
+Usage : %s <license key here>
+KS-LICENSE-KEY-2021-REV-1
+;*3$"
+main
+```
+Here it's easy to guess which of these results is the key.
+
+
+= Notes
+Author: NomanProdhan\
+Challenge Link: https://crackmes.one/crackme/619eda7b33c5d455dece628d
+
+I'm new to "crackmes" this so the challenge description feels appropriate to try.
+
+Description:\
+This is a simple license checker made with C. This is for complete beginners.
+
+I used binary-ninja-free. It feels much cleaner than IDA-free or ghidra which I've used for CTF's in the past. Very much overkill for this challenge though.