Very simple barebones crackme exercise for Ghidra (or similar tools)
This exercise's intent is to help understand reverse engineering tools and how to analyse a simple piece of code.
The application prompts the user for a password and the exercise expects the coder to be able to produce a valid key generator allowing any user to login. By analysing and following the code in a tool like Ghidra, it will become obvious that there is more to it than meets the eye. It will be very hard to generate valid admin keys, so other methods of exploitation are needed.
This makefile is almost as simple as it can be and it's targetting MacOS machines. Other architectures can be added by adapting or replacing the compiler call and most likely, nothing else is needed.
Inside the src dir, there's a very simple (and unoptimised) implementation of one of the possible solutions for the keygen. The first print simple outputs valid keys for this exercise. Commenting that print and uncommenting the padding+print part of the code outputs a valid passwords that can be piped to the crackme application in order to exploit it and escalate previleges.
Have fun!