Skip to content

randomname124290358349/SimpleCrackMe

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.github/workflows
.github/workflows
 
 
controllers
controllers
 
 
models
models
 
 
resources
resources
 
 
views
views
 
 
README.md
README.md
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

SimpleCrackMe

SimpleCrackMe Logo

A Simple Crackable Application

🔐 Challenge

Welcome to SimpleCrackMe! This is a simple authentication challenge for beginners interested in reverse engineering and application security.

Your Goal

Challenge Goal

Your mission is to find a valid username and password combination to successfully log in to the application. The credentials are randomly generated each time the application starts, making this a perfect exercise for those learning about reverse engineering techniques.

🚀 Getting Started

Prerequisites

  • Python 3.11 or higher
  • PySide6

Installation

  1. Clone the repository:

    git clone https://github.com/randomname124290358349/SimpleCrackMe.git
cd SimpleCrackMe

  2. Install required dependencies:

    pip install -r requirements.txt

  3. Run the application:

    python main.py

Pre-built Binary

If you prefer using a pre-built executable, download the latest release from the Releases page.

💡 Hints

Need a hint? Click here!
  1. The application uses a Model-View-Controller (MVC) architecture.
  2. Look for where and how the user credentials are generated.
  3. Finding a way to inspect the application's memory during runtime might be helpful.
  4. Try to understand how the authentication logic works.

🛠️ Technical Details

Code Explanation (SPOILER WARNING!)

Architecture

This application follows the Model-View-Controller (MVC) architectural pattern:

  • Model (UserModel): Manages data, logic, and rules of the application
  • View (MainWindow): Handles the user interface and user interactions
  • Controllers (LoginController, TestController): Process user input and update the model/view accordingly

Authentication System

The authentication system uses a simple in-memory dictionary to store user credentials. The interesting part is that the username and password are randomly generated each time the application starts:

def __init__(self):
    ascii_letters_and_numbers = [_ for _ in 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890']
    random_user = "".join([choice(ascii_letters_and_numbers) for _ in range(10)])
    random_pass = "".join([choice(ascii_letters_and_numbers) for _ in range(10)])
    self.users = {
        random_user: {"password": random_pass, "name": "Admin", "role": "admin"},
    }
    self.current_user = None

This makes each instance unique, requiring users to analyze the running application rather than the static code.

Security Vulnerabilities

The primary vulnerability in this application is that the credentials are stored in memory as plaintext. A proper reverse engineering tool can be used to scan the application's memory and find these credentials.

UI Implementation

The UI is implemented using PySide6 (Qt for Python) with a simple login form. The application uses signals and slots to communicate between the UI components and the controllers.

🔧 Building from Source

To build the executable yourself:

pip install pyinstaller
pyinstaller --name=SimpleCrackMe --onefile --windowed --add-data "resources;resources" --icon=resources/icons/icon.ico main.py

The project includes a GitHub Actions workflow (see build.yml) that automatically builds Windows executables for each tagged release.

🙏 Acknowledgments

About

A simple python/PySide6 application designed to be cracked.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v0.0.1 Latest
May 11, 2025

Packages

 
 
 

Contributors

Languages