- Prison Code Breaker Diary -

[ Crackme Info ]
Difficulty: 1 - Very easy, for newbies
Platform: Unix/linux etc.
Language: C/C++
Links: Click to refer
Click to Download

First, run the crackme, it requires to input the right password.
Launch gdb

$ gdb crackme

Check function symbols

(gdb) info func
0x0804831c  strcmp
0x08048450  main

Look over main function

(gdb) disas main

We see this part:

0x0804849d :    push   $0x80486a4
0x080484a2 :    lea    -0x20(%ebp),%eax
0x080484a5 :    push   %eax
0x080484a6 :    call   0x804831c 

So, the address 0x80486a4 may contain the real password
Let's check it.

(gdb) b *main+86
(gdb) run

After input, it stops at our breakpoint.
First, have a look at EAX

(gdb) x/s $eax
0xbfc5a498:     "japhcracker"

This is our input, let see the value at 0x80486a4

(gdb) x/s 0x80486a4
0x80486a4:     "47ghf6fh37fbgbgj"

Exit gdb, run the program and input the above string. It must be the password.

Have fun!@