Hey cracker,
Today I am going to crack the “robot[1]: find key” from crackmes.one . You can download the binary from here.
It’s a keygen like crackme. We need to reverse it, analyze the key checking algorithm and generate a key. So I ran the binary and I got this…
![](https://blog.knightsquad.org/wp-content/uploads/2023/01/robot1_crackme_run_binary_noman.png)
I checked my current directory and what, I have been hacked!!! 😋😋
So the program created a file called “YOU_WAS_HACKED.txt” in my current directory with the content “Gotcha! You should probably check what you run next time :)”. However, I opened the binary with Radare2 and decompiled the main function.
First the program is checking if I am running it as ./robot1 or not. Then it’s doing some subtraction but interestingly it’s taking the 4th character from “./robot1” which is ‘o’ and subtracting it with ‘k’ and the result is 4.
![](https://blog.knightsquad.org/wp-content/uploads/2023/01/robot1_crackme_r2_decompile_1_noman.png)
Then it’s checking if I’ve passed a total of 4 arguments. So I ran the program with 4 arguments and now its asking for a key 🤓
Unfortunately I don’t have a key but now I’m going to create one. So back to the decompiled code again
![](https://blog.knightsquad.org/wp-content/uploads/2023/01/robot1_crackme_r2_decompile_2_noman.png)
The program is checking if I supplied a key of length 19. Otherwise it is exiting with a message. However, the program contains two arrays with some values. Then its xoring these two arrays element by element and checking if the result is the same as the correct key.
![](https://blog.knightsquad.org/wp-content/uploads/2023/01/robot1_crackme_r2_decompile_3_noman.png)
So, we can write a script to generate the correct key.
I created the following script
#! /usr/bin/evn python
key_array_one = [0] * 19
key_array_one[0] = 0x1a
key_array_one[1] = 0x43
key_array_one[2] = 0x53
key_array_one[3] = 0x51
key_array_one[4] = 0xa
key_array_one[5] = 0x41
key_array_one[6] = key_array_one[1] + 0x13
key_array_one[7] = 0x1c
key_array_one[8] = 0x2
key_array_one[9] = 0x5c
key_array_one[10] = 0x18
key_array_one[11] = 0x1c
key_array_one[12] = 0x5
key_array_one[13] = 0x3
key_array_one[14] = 0x10
key_array_one[15] = 0x5b
key_array_one[16] = 0x3
key_array_one[17] = 0x68
key_array_one[18] = 0x14
key_array_two = [0] * 19
flag = False
for i in range(0, 19):
if flag:
key_array_two[i] = 0x30 + i % 10
else:
key_array_two[i] = 0x61 + i % 10
flag = flag == False
key = ''
for i in range(0, 19):
key += chr(key_array_one[i] ^ key_array_two[i])
print(f"Robot 1 Key : {key}")
![](https://blog.knightsquad.org/wp-content/uploads/2023/01/robot1_crackme_solved_noman.png)
It was an easy crackme but fun and I enjoyed solving it.
Happy Cracking 🤟🤟