Squery's Threaded Deception

Author:
Squery

Language:
C/C++

Upload:
2024-09-05 22:33

Download

Platform:
Windows

Difficulty:
2.8

Quality:
4.0

Arch:
x86-64

Downloads:
22

Size:
40.00 KB

Writeups:
0

Comments:
11

Description

My first crackme! No idea if it's difficult or not, pretty classic though! (the crackme is in french but it's just a console app asking for a password) the messageboxes are called when a debugger is detected :p

Comments (11)
Writeups (0)

You must be logged in to post a comment

volaoenlean on 2024-09-10 15:31: What is the solution? Disable the checks that appear when debugging? If so, I solved it relatively easily, good job.

Yanderome on 2024-09-11 23:35: @volaoenlean you should also find the correct password.

os123 on 2024-09-14 05:39: [Click to reveal]

_int2eh on 2024-09-15 21:58: Managed to get the string "3Z___R3V3RU3", but something is still missing... Any light?

Tragos on 2024-09-18 19:03: Can someone post a solution or help me? I have tried breaking when the memory point of the refusal message is accesses but the debugger just goes through it and I've tried both IDA and x64dbg for attaching to the new process that is created but I also got no results from that. This is the first time i've worked with threads and processes and there are no guides nor helpful info online. I know both where the main method is and where the password evaluator is, I just cannot seem to find a way to debug it

os123 on 2024-09-20 08:31: [Click to reveal]

_int2eh on 2024-09-21 02:41: Finally, be able to finish the challenge. Interesting challenge!!

Nex0 on 2024-09-27 01:42: thread parts quite fun but the flag is too ez to get XD

micmic35 on 2024-10-08 12:25: could someone please upload a solution? captured the remote thread, saw what it mostly does but seems like I keep missing the comparison.

dev0 on 2024-10-16 11:29: @micmic35 The thread subroutine/function takes the password input and XORs each byte by 0xa0. A std::stringstream is then used to convert each of those bytes to the hexadecimal integer value of that byte. The majority of the code in the function is the MSVC compiler emitting the STL template code for the std::stringstream and std::string which takes a bit to get used to.

junfer001 on 2024-10-27 13:04: I got so far to figure out its using XOR. im really a noob and Chatgpt did most of the work i pasted from ghydra hahaha. But what follows after that? My logic was to try to find a hardcoded password and XOR it back with the ofset into the corect password. but i lack the knowledge to find it since debugers get flagged and program closes

Show all spoilers

You must be logged in to submit a writeup

crackmes.one

crackmes.one

Squery's Threaded Deception | Level 1