Here we catch the password before the test function takes it as a parameter.
The parameters are stored in the stack before of the execution of the function.
In this case two parameters are sent in the function, the stored password and the password we guess.
CTF
Crackme challenge resolution with Radare2 (crackme0x02)
That one is quite similar to the crackme0x01, the password is stored in the stack.
Crackme challenge resolution with Radare2 (crackme0x01)
Here I check the password in the source code.
It’s also possible to view how it’s the requested (password) string stored in memory.
Crackme with Radare2 (crackme0x00a)
Here I replace the JNZ instruction by JZ to skip the check.
It’s not the most elegant way to resolve it, as in this case it’s possible to view directly the string value.