Link : https://crackmy.app/crackmes/baby-s-first-crackme-4903

My solving method :

Objective & Challenge description

Basically, this is a Java crackme in a JAR. It asks for password and the description says no patching required.

Planned method :

decompile the JAR file → dump base64 table → emulate checks in Python (no patching).

Tools I have used

• Ghidra — decompile.
• Python 3 — decode + emulate.

Solution

Decompile

• Unzip the challenge and open the JAR in Ghidra.
• Find class v (basically the only one you will find xD)
• Open the static initializer __jnt__() (because this indicates that it runs on class load).
• Look for:

  • A long Base64 string assigned to a variable (often pSVar4).

  • The base64 alphabet string ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/.

    Those indicate an int[] table is being built.

Explanation on why Base64 alphabet + decoding code points to an int[] table :

1. Why __jnt__() / “static initializer” runs when the class loads? Why We use __jnt__() as the benchmark for us to start analyze it?