Hacker News new | comments | show | ask | jobs | submit login

Don't want to take the wind out of anyone's sails, but this program is hardly hard-to-hack. Bravo for getting to grips with ELF, assembly and reverse engineering. But this article represented just the first few steps on a long an intriguing road.

If it was hard-to-hack then I would expect (at least) the following:

  * Output messages can't be discovered using "strings"
  * Program is self-encrypted
  * Password isn't even stored, just hash result.
The "hard-to-hack" program presented would take about 30 seconds using IDA[1].

[1] http://www.hex-rays.com/idapro/

(And I consider myself an amateur at this kind of thing).




That was mostly the point of the article: that it wasn't so hard to hack in the end and all the information needed to break it was visible in plain sight.

Like you said, if you really wanted to write a hard to hack binary, just use a strong hash without the plaintext on a hellish password. Heck, just leave the hash in the strings output :)




Applications are open for YC Winter 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: