White Rabbit crackme!

UPDATE: We already got the three winners. Good job guys! However, we are waiting for the writeups to select the reward for the best one – so if you are still in between of doing the crackme, don’t give up!

UPDATE2: We got first writeups! All the upcoming ones will be linked under the section “Writeups”. The submission for the contest closes 20th February.

UPDATE3: Contest closed! The winner is @Eleemosynator with his writeup available here. Both writeups were very good and detailed, so we decided that the second one, by @pieceofsummer, also deserved a distinction and a bonus reward. Big thanks to both authors!


This time I would like to introduce a small contest organized by me and Grant Willcox. I wrote a small crackme and he volunteered to sponsor the rewards. The first 3 solutions will be rewarded by books chosen by the winners.

The crackme is a 32bit PE file. It shouldn’t be too difficult, but I didn’t want to make it boring either, so it has few tricks.

rabbit

Disclaimer: I am not an author of the graphics used in the application, such as ASCII arts, icons and others. I don’t claim any rights to them.

Rules:

You need to find the flag in format flag{...} and submit it ASAP to any of us as a DM on twitter (@hasherezade or @tekwizz123). After we announced that the contest is closed, we would like you to make a writeup explaining how did you solved it.

There will be an additional reward for the best writeup – so even if you was not the fastest, you still have a chance to get a book for free.

If you have any questions, you can write them as comments to this post and I will be answering them. I am not giving hints via private messages – I want the contest to be fair for everyone.

At the end I will publish my own writeup with a detailed explanation.

Download:

https://goo.gl/6iG4Ri (password: crackme)

Mind the fact, that the crackme contains some small obfuscation and malware-like tricks, so it may be flagged by some of the AV systems as malicious. False positives are very common when it comes to crackmes – it can’t be helped, sorry! I recommend you to run it on a Virtual Machine.

6iG4Ri.qr

check_mark  Finished? You can rate it!

Writeups:

About hasherezade

Programmer and researcher, interested in InfoSec.
This entry was posted in CrackMe and tagged , . Bookmark the permalink.

9 Responses to White Rabbit crackme!

  1. s4r says:

    hi , thanks for that crackme. Are we supposed to perform a bruteforce or any kind of cryptographic attack for “Password#2” or there is a more elegant solution ?

    • hasherezade says:

      If you are trying to brutforce the Password#2, please don’t. It is hopeless. There is another, much easier way to get it. Just follow the rabbits 🙂

      • s4r says:

        By brute-force i was meaning “intelligent bruteforce” with the condition we have. 🙂
        Anyway i’m still stuck on that for hours, I’m probably missing something obvious in the crypto implementation. thanks for ruining my weekend haha

      • hasherezade says:

        don’t overthink it, you are not supposed to break the crypto here. it is much simpler 😉 just search for the hint

  2. ‪Moshe says:

    Thanks, waiting for the write-up,

  3. ‪Moshe says:

    thank you, you are so inspiring

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s