/crackme2

Welcome to the GitHub repository dedicated to solving the Crackme2 challenge. If you're someone who thrives on intellectual curiosity and the allure of adventure, you've come to the right place. This repository is your ultimate guide to cracking the password for the elusive executable known as Crackme2.

Crackme2: Unmask the Password Adventure 🕵️‍♂️🔓

The challenge: Crackme2 Repository 🏴‍☠️

Commands used: cd, ls, cat, less, apt, vim, strings, ltrace, export

Steps:

1. Clone the repository

  $ git clone https://github.com/alx-tools/0x06.c.git

Clone Repository

2. Change to the folder

  $ cd 0x06.c

3. List the contents of the folder

List Contents

4. Execute the program

Execute Program

As we can see, we need to install some packages.

5. Install necessary packages 📦

  • Add the resource to the apt sources

    $ vim /etc/apt/sources.list
    Add Resource

    Todo: Add this at the end of the file. 📝

    `deb http://security.ubuntu.com/ubuntu xenial-security main`
    Todo

  • Update the package list 🔄

    $ sudo  apt update
    Update Package List

  • Install the necessary package ⚙️

    $ sudo apt install libssl1.0.0
    Install Package

6. View the normal output 👀

View Output

7. Inspect the contents of the executable file

  $ cat crackme2 | less

Inspect Executable

Note: We notice some readable text formats.

Note

8. We notice some readable text formats. To see it more clearly, we can use the strings command.

Strings Command

Note: We notice some hash values.

Hash Values

9. If it's a hash, we can attempt to brute-force it with common passwords. You can find websites that offer this service. Hash Values

10. Crack it Hash Values 11. Congrats !:) But now How to pass the password to the file we have to know what the execute file looking for .We have to investigate it
Let's debug it using ltrace which is primarily used to trace calls made by programs to library functions.

  $ ltrace ./crackme2

Install Package

Explain 🥸:

  • First line "__libc_start_main" : it's a function that set the program environment. which means the file is looking for a specific environment name
  • Second line "strncmp(str1,str2,n)": which means it compares a given number of characters of two strings.
  • Other lines : we see strncmp repeated with a string called jennieandjayloveasm

Conculation : we are looking for the environment variable jennieandjayloveasm.

12. trying to set that environment variable to anything

  $ export jennieandjayloveasm="whatever"
  $ ltrace ./crackme2

Install Package

Explain 🥸: we notice at the end there are two hashes strncmp(str1,str2)
str1 hash of : is the same as what we found previously "thepassword"
str2 hash of : "whatever" the value of jennieandjayloveasm

13. set the environment variable to the password

  $ export jennieandjayloveasm="abc***"
  $ ./crackme2

Install Package

note 🥸. In some tasks they said to Create a file with the password, no new line, and no extra space

  $ printf "the_password" > filename

Using a normal editor will automatically create a new line at the end , if we created it with printf the will be No newline