aton's One to rule them all
| Download onetorulethemall.tar.gz, 401 b my first crackme, have fun!
Difficulty: 3 - Getting harder | Send a message to aton » View profile of aton » |
Solutions
Solution by lagalopex, published 26. jan, 2008; download (4 kb), password: crackmes.de or browse.
lagalopex has rated this crackme as boring crap.
Discussion and comments
| aton Author 25. Jan 2006 | by the way, the executable in the tar.gz is not suitable for developing an exploit (it is part of the crackme to find out why). i compiled it on my system without special care. use the sourcecode. |
|---|---|
| aton Author 25. Jan 2006 | no patching means: no static patching, no dynamic patching, including: "high-jacking".. ld_preload, ptrace, kmod, etc. etc. |
| Qnix 27. Jan 2006 | aton :p ....... |
| crp- 27. Jan 2006 | hehe funny qnix... you exploited the 1st version which actually had a "bug", which made it not exploitable at all ;) |
| Qnix 27. Jan 2006 | heheheh i didn't exploit anything ... it all wrong :p |
| Qnix 04. Feb 2006 | the solution still here !! moderators should remove my solution !! |
| zairon Moderator 05. Feb 2006 | Ok..... |
| taviso 03. May 2006 | Is this supposed to be a joke? there is no way that code is ever going to print "cracked". That off by one error is not exploitable with any compiler I have here, maybe with some obscure flag or specific version, but if that's the case you should provide an executable. Even if it did work, this isnt really a crackme, no original thinking is required, you can just copy and paste a stock exploit out of any of the numerous papers/books on the subject, anyone interested in the subject has surely already written their own examples which must be much more interesting than this. |
| taviso 03. May 2006 | Some research suggests this might be exploitable with earlier gcc versions (<3.3 ?), but if this is what you tested with, you should have stated that or provided an executable, I dont have an ealier gcc here. |
| crp- 03. May 2006 | according to a previous conversation with the crackme author, to figure out the specific compiler (version) needed to make this code exploitable is part of the challenge... |
| taviso 03. May 2006 | Okay, fair enough i suppose :) |
| lagalopex 06. May 2007 | no patching... but no compiler specified... what about coding our own compiler 8-) btw... who the h*ll has a 3.x compiler installed or which distribution still offers such an old compiler... to much hassle for a find-a-vulnerable-compiler-and-exploit-it "crackme" (it doesn't deserves to be called a crackME ;) ) |
| lagalopex 05. Jan 2008 | Question. Nowhere is mentioned, what the aim of this "crackme" is. Just executing it like: ./otrta 'Cracked!!! you are the lord of the base pointer ' Would output the perhaps expected string... ;) Is anybody thinking someone would solve this? Could aton perhaps post a solution? Including a vulnerable executable? (also he wasn here for a year...) |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.