dandelion_msla on 2026-07-10 22:11:
[Click to reveal]Thanks! I was able to reverse this one with 5Ah
programcracker on 2026-07-11 00:53:
a little harder than level 1, it was so nice getting it correct after finding out what the program needed me to do :D
jase282 on 2026-07-11 05:44:
I'm a beginner, so the only thing I've managed to find out is that the password consists of 7 characters; the code also checks each character individually, so I think I'll be able to find the password now.
jase282 on 2026-07-11 06:19:
Solution: set a breakpoint on `cmp cl, byte ptr ds:[r8+rax]` and examine the address held in `r8`. Navigate to that address in the memory dump, and you will see the following bytes: `28 3F 2C 3F 28 29 3F AB AB AB AB AB AB AB AB AB`. The `AB` bytes are junk data, but if we decrypt the sequence `2C 3F 28 29 3F`, we get the word "reverse," which consists of exactly 7 characters. To decrypt it, use the formula: `correct character = encrypted byte ^ XOR value`. In this case, the XOR value is `5A` (i.e., `xor cl, 5A`). Decrypting it yields the word "reverse." If you want to patch the program, you need to patch the character count check first, and only then the password validity check.
kungfufk on 2026-07-11 15:26:
[Click to reveal]use xref and look for data length comparison