Description
This one should be at least hard to crack, if you manage to crack it congrats u a real heker(im not saying this is uncrackable and best secured but its definetly not for the newbies)
I'm still not used to how this difficulty rating system works so i set it to 5[HARD]
pavler on 2:39 PM 05/27/2024: "lockcmpxchg8beax" - think it would be a bit harder, solved in 10min literally
justAuser on 5:10 PM 05/27/2024: lockcmpxchg8beax
Though got bsod when I went in too deep (went verz deep) :"D
justAuser on 5:15 PM 05/27/2024: Btw is this you?
https://github.com/cutemastermind?tab=repositories
"What can I say..." :D
imeow256 on 10:50 AM 05/28/2024: congrats guys didn't expect you to crack it with such rapid!
yeah @justAuser thats my github profile lol :D
Kache0 on 7:37 PM 05/30/2024: yeah lockcmpxchg8beax its just there in plain text
imeow256 on 9:49 AM 06/01/2024: @Kache0 what are you talking about, what tool did you use to find it in plain text?
Barimor on 3:47 PM 06/01/2024: It was awesome, but I thought lockcmpxchg8beax☺ it isn't a password.
cnathansmith on 7:16 AM 06/04/2024: @imeow256 It just directly compares the input to the deobfuscated password
.text:0000000140018F95 mov rdx, [rbp+230h+Str2] ; Str2
.text:0000000140018F9C mov rcx, rax ; Str1
.text:0000000140018F9F call j_strcmp
You just break there and check the arguments and there isn't really anything to solve
imeow256 on 11:17 AM 06/04/2024: @cnathansmith ohh shit i fucced it up then
survivalizeed on 1:26 PM 06/06/2024: All this strange obfuscation to then do a simple string compare ... password is "lockcmpxchg8beax".
imeow256 on 5:56 PM 06/08/2024: @survivalizeed could you give me some advice or a better way to check for correction?
MouadDS on 3:57 PM 06/09/2024: solved in less than a minute (im a starter)
Hapten on 10:49 PM 06/25/2024: @imeow256, is it possible you could make a video, or just somehow explain how am i supposed to deobfuscate everything after "Enter password" and overall get the password.
survivalizeed on 1:12 PM 06/26/2024: @imeow256 there is not the ONE way of doing a good obfuscated compare. I highly encourage you to take a look on virtualization tools and how they work. Tigress/VM Protect have some nice devirtualization blogs you can learn a lot from :)
imeow256 on 12:54 PM 06/27/2024: @survivalizeed thank you i will definitely take a look!
Keep on 9:49 PM 07/23/2024: cant find the password with ida, dbg, or dnspy this program is objectively horrible
newport on 4:41 PM 08/15/2024: string references isnt there, i dont think theres obfuscation i tried x64dbg and ghidra and neither could figure out where it is. patching did NOT work sadly (im a patching man)