├── GraxCode's CrackMe Hard.jar
├── Java CrackMe 2.jar
├── README.md
├── noverify's crackme 3.jar
├── noverify's crackme 4.jar
├── noverify's crackme 5.jar
├── noverify's crackme 6.jar
├── noverify's crackme 7.jar
└── solutions
    ├── crackme-1.md
    └── crackme-4.md


/GraxCode's CrackMe Hard.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/GraxCode/java-crackmes/62573ea09fc7a3c1b401f062e2020c69e76d3c13/GraxCode's CrackMe Hard.jar


--------------------------------------------------------------------------------
/Java CrackMe 2.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/GraxCode/java-crackmes/62573ea09fc7a3c1b401f062e2020c69e76d3c13/Java CrackMe 2.jar


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Java-CrackMes
 2 | Welcome! This is a collection of java crackmes i made.
 3 | 
 4 | | Crackme       | Difficulty    | Estimated time | Short description    | Key format    | Solution |
 5 | | ------------- | ------------- | -------------- | -------------------- | ------------- | :------: |
 6 | | #1            | ★★★☆☆       | 1 hour         | Annoying obfuscation | 32-bit int    | ✓        |
 7 | | #2            | ★★★☆☆       | 1.5 hours      | Annoying obfuscation | 32-bit int    | ✗        |
 8 | | #3            | ★★★★☆       | 6 hours        | Dynamic invokation   | 64-bit long   | ✗        |
 9 | | #4            | ★★☆☆☆       | 45 minutes     | Easy but tricky      | length 16 hex | ✓        |
10 | | #5            | ★★★★★       | 5 hours        | Annoying subroutines | hex           | ✗        |
11 | | #6 (*NEW*)    | ★★★☆☆       | 2.5 hours      | Lockpicking a door   | alphanumeric  | ✗        |
12 | | #7 (*NEW*)    | ★☆☆☆☆       | 30 minutes     | For beginners        | hex           | ✗        |
13 | 
14 | Run each file with `java -jar <crackme>.jar <key>`, if that does not work, use `java -cp <crackme>.jar <class with main method> <key>`.
15 | The goal is to find a working key to input as argument, without bruteforcing the program, but with writing a keygen (that should not take longer than 30 seconds) or calculating the key by hand. Solutions with only the key are *not* accepted, you should explain how you solved it and attach the keygen you wrote (if you used one). Every crackme has been tested for a working key. There can be multiple solutions for some crackmes, but you do not have to find every solution. If you want to, you can submit solutions via issues, and I will add them to the repository.
16 | 


--------------------------------------------------------------------------------
/noverify's crackme 3.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/GraxCode/java-crackmes/62573ea09fc7a3c1b401f062e2020c69e76d3c13/noverify's crackme 3.jar


--------------------------------------------------------------------------------
/noverify's crackme 4.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/GraxCode/java-crackmes/62573ea09fc7a3c1b401f062e2020c69e76d3c13/noverify's crackme 4.jar


--------------------------------------------------------------------------------
/noverify's crackme 5.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/GraxCode/java-crackmes/62573ea09fc7a3c1b401f062e2020c69e76d3c13/noverify's crackme 5.jar


--------------------------------------------------------------------------------
/noverify's crackme 6.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/GraxCode/java-crackmes/62573ea09fc7a3c1b401f062e2020c69e76d3c13/noverify's crackme 6.jar


--------------------------------------------------------------------------------
/noverify's crackme 7.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/GraxCode/java-crackmes/62573ea09fc7a3c1b401f062e2020c69e76d3c13/noverify's crackme 7.jar


--------------------------------------------------------------------------------
/solutions/crackme-1.md:
--------------------------------------------------------------------------------
 1 | # Solution for CrackMe #1
 2 | <details>
 3 |   <summary>Spoiler warning</summary>
 4 | The way to solve this crackme is to overcome the obfuscation, and then interpret the bytecode correctly. 
 5 | A working key can be generated using this method:
 6 | 
 7 | ```java
 8 | int user_code_temp, user_code_crc, valid_code_crc;
 9 | 
10 | // a bit of optimization
11 | valid_code_crc = "XVCe".hashCode();
12 | 
13 | // outer, "permutation" loop
14 | for(int user_code = 1; user_code != 0; user_code++) {
15 |     user_code_temp = user_code; 
16 |     user_code_crc = user_code_temp << 8;
17 | 
18 |     // inner, basic validation loop
19 |     for(int j = 0; user_code_temp > 1; j++) {
20 |         if ((-(user_code_temp%2)) == 0) {
21 |             user_code_temp >>= 1;
22 |         } else {
23 |             user_code_temp = user_code_temp ^ 2;
24 |             if (user_code_crc << 2 == 0) {
25 |                 // a bit more optimizations
26 |                 break;
27 |             }
28 |             user_code_temp--;
29 |         }
30 |         user_code_crc = (user_code_crc << user_code_temp) ^ (user_code_temp % 5);
31 |         if ((user_code_crc << 2) == user_code_temp) {
32 |             user_code_temp = user_code_temp ^ 6;
33 |         }
34 |     }
35 | 
36 |     // second stage validation
37 |     // at this point, if this validation passes, we print the valid input value
38 |     if (user_code_crc == valid_code_crc) {
39 |         System.out.println(String.format("%d", user_code));
40 |     }
41 | }
42 | ```
43 | 
44 | The full explanation can be read at http://www.nullsecurity.org/article/crackmes_one_noverify_graxcode_java_crackme_1
45 | 
46 | 
47 | </details>
48 | 


--------------------------------------------------------------------------------
/solutions/crackme-4.md:
--------------------------------------------------------------------------------
 1 | # Solution for CrackMe #4
 2 | <details>
 3 |   <summary>Spoiler warning</summary>
 4 | 
 5 | There are two main methods. The real one is synthetic and hidden by some decompilers.
 6 | The actual main method takes in a hex[16] and reverses it, and then calls the fake main method.
 7 | Then it xors the value with `0xCAFEBABE` converted to BigInteger. Then it calls `AuthKey.valueOf` with the BigInteger converted to a decimal string. 
 8 | But the only possible number it takes to solve the crackme is `15542048963542891100`, which is hidden inside the `valueOf` method.
 9 | With that information you can calculate the key easily.
10 | 
11 | </details>
12 | 


--------------------------------------------------------------------------------