Cr4ckm3 is a small cracking game in which you search for password by using "unusual" [debugging] tools.
The exercises are pretty easy, you need to use tools like strings, strace, gdb, gprof or g++/clang++ sanitizers.
To make sure you have all the right versions of all the required tools, there is a Docker build file. To build the Docker image:
bash ./docker/build.sh... and play the game, run the following:
bash ./docker/run.sh
# now you're in the container
cat README.md # to see instructions
cd crackme/
ls # you'll see all the challenges here- do not look into makefile or src sources
- do not change chmods
Just clone the repository and fire make - it will build up a crackme directory. The first level is called warmup, so just fire ./crackme/warmup. Hack it with strace or strings.
The password you will find is the next level file name (so if you find password is something, then the next file to hack is ./crackme/something).
The game was made by Dominik Czarnota & Dariusz Zielinski for university classes at AGH University of Science and Technology in Cracow.
Level 0 - warmup - strace / strings
Level 1 - strace / grep
Level 2 - strace, knowledge of file descriptors (and which file descriptors are usually opened for an executable?)
Level 3 - strace (did you know that you can read about syscall using man? e.g. man 2 read)
Level 4 - one of g++ / clang++ sanitizer (refer to man g++ or read up documentation) should tell you what's wrong; you have to fix the program in here (so yeah, cp the source, change something and recompile)
Level 5 - strace
Level 6 - the binary is compiled with -pg flag; use gprof
Level 7 - gdb