🔍 CrackMe4 – Reverse Engineering Writeup
⬇️ Download Analyzed File🧩 Objective
Analyze the binary crackme4 to identify the correct password and understand the program’s logic.
🧪 Step 1: Initial Disassembly with objdump
objdump -d crackme4 | grep -A10 strcmpWe locate a call to strcmp@plt, indicating string comparison for password checking:
4006d5: call 400520 <strcmp@plt>
4006da: test %eax,%eax
4006dc: jne 4006ea <compare_pwd+0x70>🧪 Step 2: Attempt to Run the Binary
ltrace ./crackme4Initially failed due to missing permissions:
Can't execute `./crackme4': Permission denied✅ Step 3: Grant Execute Permission
chmod +x crackme4🧪 Step 4: Run with No Argument
ltrace ./crackme4Output shows:
Usage : ./crackme4 password
This time the string is hidden and we used strcmp🧪 Step 5: Run with Incorrect Password
ltrace ./crackme4 test123Output:
strcmp("my_m0r3_secur3_pwd", "test123") = -7
printf("password \"test123\" not OK")🎯 Step 6: Run with Correct Password
ltrace ./crackme4 my_m0r3_secur3_pwdOutput:
strcmp("my_m0r3_secur3_pwd", "my_m0r3_secur3_pwd") = 0
puts("password OK")✅ Final Confirmation
./crackme4 my_m0r3_secur3_pwdResult:
password OK🧠 Conclusion
- 🔐 Correct Password:
my_m0r3_secur3_pwd - 🛠 Tools Used:
objdump,ltrace,chmod - 🧠 Skills Applied: Static + Dynamic Analysis, Binary Inspection