2005 Cracking Challenge

by [WYZ] on 11-05-2005, 21:32
Topic: MRC
Tags: Challenges
Languages:

[WYZ] has set up a nice 'Cracking Challenge' for all you programmers out there. On the Karoshi forums you can find a link to a CRACKME.BIN file. What's in a name...

Running the file gives you a request for a name and a registry number. The challenge is to find out both this name and the registry number. If entered correctly, the program will not hang nor errors will appear. A simple 'Ok' in the screen is the reward for a successful crack. Let [WYZ] know as soon as you've found it out, the first person writing him the correct answer wins!

Happy debugging, you can find a direct link to the file right here

Relevant link: Karoshi Corporation

Comments (25)

By Manuel

Ascended (15691)

Manuel's picture

11-05-2005, 21:34

looks like something for BiFi Smile

By [WYZ]

Champion (406)

[WYZ]'s picture

11-05-2005, 21:53

...[OK] may appear with a few wrongs name/reg. Smile I will check if they are right.

By [WYZ]

Champion (406)

[WYZ]'s picture

11-05-2005, 22:32

The weak point has been repaired.

By Sonic_aka_T

Enlighted (4130)

Sonic_aka_T's picture

12-05-2005, 01:03

w00t0r!

By [D-Tail]

Ascended (8232)

[D-Tail]'s picture

12-05-2005, 01:06

Woei!

By mth

Champion (484)

mth's picture

12-05-2005, 03:33

I don't really understand this challenge. I studied the CRACKME.BIN and uncovered the validation algorithm. I made a small Python function that for a given name returns the matching code. But this works for any name of a particular length, so I don't know which name you are looking for.

By ro

Guardian (4109)

ro's picture

12-05-2005, 07:58

yeah, whaz the deal and whaz it gotta do with msx? (oh, or is it a MSX bin file?.. uh?!)_

By wolf_

Ambassador_ (9767)

wolf_'s picture

12-05-2005, 11:35

ok, sonic and D-tail's reaction in this post and the basic FM tune below, both at the same time, are just plain scary ^_^

By wolf_

Ambassador_ (9767)

wolf_'s picture

12-05-2005, 11:36

-FM

By Guillian

Prophet (3230)

Guillian's picture

12-05-2005, 12:42

It i not very clear, but perhaps:
KONAMI
987333777186512901

But of course, as mth said, it depends on the name they are looking for Wink

By boukichi

Resident (33)

boukichi's picture

12-05-2005, 13:57

BKC001
998301731034330640

if the challenge's purpose is not finding something paricular name and key,
the answer is made a key?

By [WYZ]

Champion (406)

[WYZ]'s picture

12-05-2005, 15:07

Yes! Guillian and boukichi name/register are right but Guillian wins only for minutes.
Really great!!

Gullian, do you want to start a new challenge?

and the 3rd position???

By [WYZ]

Champion (406)

[WYZ]'s picture

12-05-2005, 15:11

mth said:

I don't really understand this challenge. I studied the CRACKME.BIN and uncovered the validation algorithm. I made a small Python function that for a given name returns the matching code. But this works for any name of a particular length, so I don't know which name you are looking for.

Impressive!!!! mth. Could you link the program please?

By Latok

msx guru (3672)

Latok's picture

12-05-2005, 15:23

I think these kind of challenges rule Smile

By Guillian

Prophet (3230)

Guillian's picture

12-05-2005, 15:24

> Gullian, do you want to start a new challenge?

I don't have time right now for doing it. What a about you making a new CRACKME? Wink

By [WYZ]

Champion (406)

[WYZ]'s picture

12-05-2005, 15:30

Sorry I recived a mail at Thu, 12 May 2005 03:46:36 +0200 with a detailed working methode of the programa and:

name: mthmsx
code: 101843429054789469

So mth wins!!! O_O alucinante!!!

MTH mail PS : So I don't really know what kind of answer you expect to see...

This mail is the best answer I never read.

By SLotman

Paragon (1214)

SLotman's picture

12-05-2005, 15:48

I dont get the point with this.... Was it to try an "unbreakable" keygen scheme?
Because most of the cracking attempts would just bypass the keygen check and put anything as the name and serial... just a thought Tongue

Anyway, I arrived too late to even attempt looking at the code ^_^

By ro

Guardian (4109)

ro's picture

12-05-2005, 17:13

yeah, so what's the point here?

By snout

Ascended (15187)

snout's picture

12-05-2005, 19:21

. <- the point

By mars2000you

Enlighted (5497)

mars2000you's picture

12-05-2005, 19:27

or this point > ?

or maybe this point > !

By mth

Champion (484)

mth's picture

12-05-2005, 21:00

Spoiler alert!

This is the program I made for calculating the code for a given name. Note that the CRACKME.BIN only accepts names of length 6.

def encode(name):
	check1, check2, check3 = 5, 7, 0
	code = ''
	for char in name:
		check1 = (check1 + (ord(char) >> 4)) % 10
		check2 = (check2 + (ord(char) & 0x0F)) % 10
		check3 = (check1 + check2 + check3) % 10
		code += str(check1) + str(check2) + str(check3)
	return code

Basically, these are the same steps as in the assembly program, but the Python program outputs the right code instead of hanging when the wrong code was input.

By adrcunha

Expert (117)

adrcunha's picture

13-05-2005, 00:26

I believe the point here is creating a hash function, and not a protection key. Such hash function could be used for level passwords, hiscore submission, etc. But since Maarten published the keygen code, I believe such hash function is now useless. Smile

By mth

Champion (484)

mth's picture

13-05-2005, 19:12

For a secure hash, it doesn't matter if the algorithm is public (usually it is). What matters is that it is very hard to get from the hash back to the original. For example, to create a password hash from a password should be quick, but to finding a password that matches a given password hash should take a very long time.

By adrcunha

Expert (117)

adrcunha's picture

14-05-2005, 00:28

You're pretty right, Maarten. But unfortunately it's not the case of this hash algorithm. Tongue

By [WYZ]

Champion (406)

[WYZ]'s picture

14-05-2005, 01:21

Well, a hash algorithm is not the goal of this challenge but a debugging exercise. This algorithm is a very simple mathematic calculation and the automodificated code is the easy obstacle. Btw , a new mth crack challenge coming soon?