maxodrom1 on 10:27 AM 09/27/2022: Tryed to post the solution but couldn't, don't know why. Replace 6 bytes with nop on 7ff6f7c36be4
WhatsUp on 2:30 AM 09/28/2022: The program loads code from a resource, then creates a shadow dll and jumps into it.
After that, it does some anti-debugging check and asks for a flag.
It finally starts to encode the input at address ~1B51 (relative to the shadow dll) and at address 1BF0 calls `memcmp` to compare it with preset answer.
However the encoding procedure is complicated and I lost motivation here. Maybe come back later.
I think it's still a good puzzle but could be made less complicated.
nth2579 on 1:52 PM 09/29/2022: @WhatsUp Thanks for your reply :D, I'll make it easier.
@maxodrom1 Patching is not a good way to solve this ;)
Redmal on 6:07 PM 10/26/2022: FLAG: 977330285cd3cb4bfb15b09d132fae6ffe533729a21ce274f325440827164cc7
You must me logged to submit a solution
Write a comment
Share how awesome the crack me was or where you struggle to finish it! Stay polite and do not spoil the solution/flag!
Rate the difficulty
How would you rate the difficulty of this crackme ?