Reading Time : 2min

Linux Nomanprodhans License Checker 0x03 Crackme Solution


Difficulty: 2.0/6.0

Platform: Unix/Linux

Language: C

Architecture: x86-64


Description by Author: This binary is for beginners to practice reversing. Don’t patch the binary, try to create a keygen to solve it.


Key hints in this crackme:

  • command line arguments
  • use of atoi function in C
  • hexadecimal & decimal number system
  • ASCII character coding

Testing the Program

This program is 64bit ELF binary file

Lets try running it

as you can see it is asking for license as an argument, lets give it 12345 as example

And obviously it was incorrect license key

Ghidra Decompiler

Ghidra did the decompiling job very well, all i had to do was correcting main function with argc and argv.

C code explained

I have renamed some variables to more understanding names
at line 14 you can see the program checking if license key is given as an argument.
at line 21 inside while loop the program converting all ascii characters into their corresponding decimal integer value and adding it into “total” variable
and at last at line 29 it is checking if the value of “total” variable is equal to 32hex or 50 in decimal

so all we have to do is provide characters adding up to 50 in decimal

here i am providing 5 ten times as license key

And we get the activation message.

you can try other variations like

999995 = 9+9+9+9+9+5 = 50
8888882 = 8+8+8+8+8+8+2 = 50
1234567895 = 1+2+3+4+5+6+7+8+9+5 = 50
etc.

but keep in mind to use only numbers not characters as atoi function will return 0 in this case

IDA Disassembly

now lets check how its disassembly looks like inside ida?

here is the code to check if license key is provided as an argument

argument check

if not then this block of code will run and show us message we saw at the beginning when we tried to run the program without any argument

message if no argument is provided

if we provide the argument this block will run

condition check for while loop

and after setting up initial variables it will run this loop where all converted integer values are being added inside “total” variable

while loop

and when loop end mean all integer values are summed up, value of “total” variable will be compared against 32h i.e 50 in decimal and if it matches “activation” message will be shown and if not “Wrong” message will be put at command line as shown in the beginning.

if condition