# Easy\_CrackMe

We will be solving the Easy\_CrackMe challenge.

Download Location : [Reversing.kr](http://reversing.kr/download.php?n=1)

## Static Analysis

Opening the binary in IDA shows the graph view of the entry function `WinMain` . The below function shows a call to `DialogBoxParamA` which performs call to function `DialogFunc` as callback.

![](https://1804885456-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FIo3S6x9y21ea77Yw303B%2Fuploads%2Fu9O267nVmltk8zg5uGtq%2Fimage.png?alt=media\&token=88de25c1-e626-4f30-a5d1-1374cd4df453)

```
int WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine,int nShowCmd){
    DialogBoxParamA(hInstance,0x65,0,DialogFunc,0);
    return 0;
}
```

Lets disassemble `DialogFunc` function. This function in turns does some checks and calls `sub_401080` function. The computational checks if failed, would exit the program.

```
int DialogFunc(HWND arg1,int arg2,int arg3){
    if(arg2==0x111){
        if((unsigned)arg3 == 2){
            EndDialog(arg1,2);
            return 1;
        }
        else if(arg3 == 0x3E7){
            sub_401080(arg1);
            return 1;
        }
    }
    return 0;
}
```

The sub function now seems interesting so lets deep dive into `sub_401080`. The following shows the disassembled view of sub function.

![](https://1804885456-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FIo3S6x9y21ea77Yw303B%2Fuploads%2FZTCdU8ZaNwb1AFjDMpYd%2Fimage.png?alt=media\&token=a83c79f8-1837-4fc7-b5b8-3dc3144b079c)

The if condition denotes that in the whole string the 2nd character i.e string\[1] is 97 i.e `a`. string\[0] is 69 i.e first character of string is `E`. Next string\[2] equals Str2 i.e `5y`. The remaining string\[4] equals aR3versing i.e `R3versing`.

String = `Ea5yR3versing`.