Upload:
1:56 AM 12/17/2021
Description
Hi there, the rules is on crackme. is not difficult bypass the anti-debugger
but find the key, you'll have to use your neurons...
You must be logged in to post a comment
mucomplex on 5:54 PM 01/09/2022: Password input is bugged. It is not replace inside memory
mstik13 on 8:05 AM 05/19/2022: NiceOne!, that was fun!
db123 on 7:37 AM 06/22/2022: char v15m[16] = { 0x4E, 0, 0x69, 0, 0x63, 0 , 0x65, 0, 0x4F, 0, 0x6E, 0, 0x65, 0, 0x21, 0 };
memcpy(&v15, v15m, sizeof(v15));
char v16m[16] = { 0x2D, 0, 0x5F, 0, 0, 0 , 0, 0, 0x80, 0x50, 0x5D, 0x61, 0xF8, 0x7F, 0, 0 };
memcpy(&v16, v16m, sizeof(v16));
memset(&si128, 0, sizeof(si128));
si128.m128i_i8[0] = (uint8)strlen(username);
si128.m128i_u8[8] = 0x0F;
userpassword[0] = (si128.m128i_i32[0] ^ *(unsigned __int16*)&v15);
userpassword[1] = (si128.m128i_i32[0] ^ WORD1(v15));
userpassword[2] = (si128.m128i_i32[0] ^ WORD2(v15));
userpassword[3] = (si128.m128i_i32[0] ^ WORD3(v15));
userpassword[4] = (si128.m128i_i32[0] ^ WORD4(v15));
userpassword[5] = (si128.m128i_i32[0] ^ WORD5(v15));
userpassword[6] = (si128.m128i_i32[0] ^ WORD6(v15));
userpassword[7] = (si128.m128i_i32[0] ^ HIWORD(v15));
userpassword[8] = (si128.m128i_i32[0] ^ v16.m128i_u16[0]);
userpassword[9] = (si128.m128i_i32[0] ^ v16.m128i_u16[1]);
userpassword[10] = (si128.m128i_i32[0] ^ v16.m128i_u16[2]);
userpassword[11] = 0;
You must be logged in to submit a writeup
Solution by dev0:
Thank you bl4ack!
Solution by mstik13:
Thanks for this it was a NiceOne!
Tools Used:
Ghidra, x64dbg