For this year’s birthday the most awesome gift I received was from hasherazade 🙂
I am very thankful to her for making my birthday so special 🙂
This crackme is a bootloader written in 16-bit assembly. This is how this look like.
After attaching the process to IDA I placed a breakpoint in the user input and this is the algorithm which calculates the password.
sub_7C5C proc nearpush sixor ax, axmov word_7DCB, axloc_7C62:test cx, cxjz loc_7C72xor byte ptr word_7DCB+1, ahlodswdec cxadd word_7DCB, axjmp short loc_7C62loc_7C72:pop siretnsub_7C5C endp
After calculating, the result is compared with 0x39A.
There can be lots of possible collisions in this algorithm. I used a dictionary file to find all possible combinations of 0x39a. This is the cpp code using inline assembly.
This is cpp version where I’ve written the algorithm in cpp.
The results: http://pastebin.com/9rMwwVgq
Any of these passwords work 🙂 but the correct password to unlock the source code in the link is “awesome” 🙂
Once again Thank You so much! <3