CRACK Solution
BACK SEVEN
CRACK subtractive cipher

Prerequisites
Unlocks
DOOR
Techniquesubtractive cipher
Rulenonzero
SampleDOOR
Walkthrough
Four bytes. The crackme knocks 7 off every char you type before it checks. Feed it the word that lands on the stored targets.
Subtractive cipher: the check does plain minus 7, so add 7 back to each target to read the password.
Hints
- HINT 1: Length is locked at 4. Note the sub 0x07 sitting before every compare.
- HINT 2: Each target was made by taking a letter and subtracting 7. Run that backward.
- HINT 3: Add 7 to 0x3D 0x48 0x48 0x4B and you get 0x44 0x4F 0x4F 0x52.
Reject Samples
- DOO
- DOORS
- door
- DOOS
Verifier Listing
; g12_easy1: subtractive cipher. Each input byte has 0x07 SUBTRACTED, then the
; result is matched against a stored target. Technique: subtractive cipher (key
; 0x07). To decode you ADD 0x07 back to each target. r0 = 1 on accept.
; Accept rule: nonzero.
;
; targets = 0x3D 0x48 0x48 0x4B -> password "DOOR"
; 'D'(0x44)-7=0x3D, 'O'(0x4F)-7=0x48, 'O'(0x4F)-7=0x48, 'R'(0x52)-7=0x4B
len r1
cmp r1, 4
jnz bad ; exactly 4 bytes
mov r7, 0
ldb r0, [r7]
sub r0, 0x07
cmp r0, 0x3d
jnz bad
inc r7
ldb r0, [r7]
sub r0, 0x07
cmp r0, 0x48
jnz bad
inc r7
ldb r0, [r7]
sub r0, 0x07
cmp r0, 0x48
jnz bad
inc r7
ldb r0, [r7]
sub r0, 0x07
cmp r0, 0x4b
jnz bad
mov r0, 1
ret
bad: mov r0, 0
ret