Author:
X3eRo0

Language:
C/C++

Upload:
2:17 PM 06/07/2021

Download

Platform
Unix/linux etc.

Difficulty:
4.0

Quality:
4.0

Arch:
x86-64

Description

x86_64 linux binary (tested on ubuntu, should run on any distro). Takes input through stdin and outputs "Correct Password" if it's correct, "Wrong Password" if it's not. Written in C Don't patch the binary, of course - find the correct input. SHA256: 2078795d5f56c25c09301d345f07a93df915693f9976633040d9093d1a303e98 ./xvm 29bea5fdd57949fb349e7e06c40ad4578aca6b8af6787bf39a9474857db01649 ./pyaz.xvm

• Comments
• Solutions

Cr4ckC0ca1n3 on 6:28 PM 06/12/2021: I am a bit stuck. SPOILERALERT i know it is a vm of some kind but i do not know which variable is the instruction pointer and which variable is the stack pointer and which variable is the instruction register of the vm so it is quite hard for me to decipher the instruction set of the vm. Any help?

X3eRo0 on 1:28 PM 06/13/2021: It is easy to recognise the registers used by VM if you can recognise the code which emulating lets say the call instruction. it will add or sub from the sp and it will assign something to the pc. so you if you see this pattern you know which variable is sp and which one is pc. this is how you can sort of reconstruct the whole vm context.

Cr4ckC0ca1n3 on 9:04 PM 06/13/2021: Ok so now i got the instruction set somehow figured out, but the problem is i do not know how the two variables you have used get refreshed so to speak, because at the start of the function they get initialized at 0 and then the function calls another function which does some magic and then it initializes them to the correct things, i do not really know so i am kinda also lost as to how those two variables get initialized. My guess is that they either point to a 'memory location' inside the program in the vm or either a 'register' (also a memory location but you know, like it is a register to the vm) based on what kind of an instruction is next. So I would like to know the structure of each of the machine code operations (like which part is the opcode which part says which register to use or something like that). I now know the instruction set (roughly) but i just want to know how the vm parses the instructions so to speak and also how you implemented the 'registers' of the vm. Can you explain it to me like I am 5 years old because i am kinda lost right now. XD (here is the instruction set i have figured out sorta (some parts are a shot in the dark): https://pastebin.com/vyJajfeF)

4aca7f6c on 9:44 PM 06/19/2021: It's been a while since I've had time to do a crackme. I finally got a little time, and chose yours at random from the front page. I just wanted to say thanks, because it was perfect for me! Easy enough to do pretty quickly, and not boring. I love these VM-style challenges.

X3eRo0 on 1:44 PM 08/10/2021: 4aca7f6c - Dude amazing writeup

You must me logged to submit a solution