this is my old solution back from the end of 2024, i just found that on my drive - so i decided to share. this writeup was never accepted on crackmes.one as the author has likely abandoned the site
replace the condition at 75 ? C7 04 24 ? ? ? ? E8 ? ? ? ? E8 with jn, enter any password to get "access granted" message.
if we look into generate_password function we can see that it calls getpid function at E8 ? ? ? ? 89 45 ? 8B 45 ? 89 44 24, which returns the pid of the current process
This paper examines a race condition in Discord's super reaction system that occurs when rapidly placing multiple super reactions through the API. When exploited, this condition causes all reactions to share the same animation state and creates unintended client behavior.
Discord's super reaction system was introduced as a premium feature allowing users to place animated "burst" reactions. The implementation uses a combination of REST API calls and client-side animation state management. This research explores how rapid concurrent API requests can exploit weaknesses in this system.
| #!/bin/bash | |
| read -p "Are you sure you want to continue? (y/N) " -n 1 -r | |
| echo | |
| if [[ $REPLY =~ ^[Yy]$ ]]; then | |
| echo "Removing 'june'..." | |
| find / \( -path /proc -o -path /sys -o -path /dev -o -path /run -o -path /var/run -o -path /tmp -o -path /snap -o -path /var/lib/snapd \) -prune -o -type f -name 'june' -exec rm -f {} + |
$ sudo touch /tellinq/home/tellinq.sh$ sudo locate tellinq$ sudo killall -9 -I tellinq