Cracking fptisthebest's 'Super easy password crack for kids' with Ghidra | Step-by-Step Tutorial
Video Tutorial
Introduction
In this tutorial, we’ll analyze and crack a simple C/C++ CrackMe created by fptisthebest. This is a great exercise for learning basic reverse engineering with Ghidra.
CrackMe Details
- Name: Super easy password crack for kids
- Author: fptisthebest
- Language: C/C++
- Platform: Windows
- Architecture: x86
- Difficulty: 1.0/5.0
- Quality: 4.0/5.0
- Upload Date: May 8, 2025
- Description: Good luck kiddo
- Source: crackmes.one page
Prerequisites
Before we begin, ensure you have the following tools installed:
- Kali Linux with Ghidra installed
- The target program: “Super easy password crack for kids”
Step 1: Initial Analysis
First, let’s open the binary in Ghidra and let it analyze the file. Once analysis is complete, we can start looking for clues.
Step 2: Using the Strings Window
Open the Strings window in Ghidra (Window > Strings). Here, you will see all the text strings used in the program. Notable strings include:
- “Enter the password:”
- “Access granted!”
- “Access denied!”
- “hello”
Step 3: Identifying the Password
Typically, in simple CrackMes, the password is stored as a plain string. In this case, the string hello appears among the other messages. This is a strong indicator that it is the password.
Step 4: Testing the Password
Run the program and, when prompted for the password, enter:
1
hello
You should see the message:
1
Access granted!
Conclusion
This CrackMe demonstrates the basics of reverse engineering with Ghidra:
- Using the Strings window to find hardcoded values
- Recognizing common patterns in simple C/C++ binaries
- Testing your findings in the actual program
While this challenge is intentionally easy, it is a great starting point for beginners. In more complex CrackMes, passwords may be obfuscated or constructed at runtime, requiring deeper analysis.
Disclaimer
This tutorial is for educational purposes only. Always ensure you have permission to reverse engineer any software.