| @Warning: Not really. 9/72 is pretty low detection rate. To analyze the binary, VirusTotal runs it in a sandbox and monitors every traffic connection. This includes traffic from the operating system itself, such as connections to the Microsoft time server to update the clock. |
==> |
| base on constant: 0xCBF29CE484222325 |
==> |
| user: admin
password: password
key 1: xx@oxxwwxx
key 2: x@x07x00xx
key 3: 2022 (3 times) |
==> |
| @X3eRo0: Then the answear to the flag is yes. I enjoy it a lot. Gonna make a write up soon :D |
==> |
| zh3r0{d1d_y0u_enjoyed_r3v3rs1ng_w1th0ut_b1n4ry_?}
Is that correct? |
==> |
| @nassimorg09:Good to see you have bypassed some anti debug tricks. You're still in the begin at solving this but good move. You might want to dig to how does crackme actually work. Hope someone can share there solution so other people can learn from it. |
==> |
| @PastorJimColerick: Just ignore him. It's not worthy. BTW seem that you also solve this crackme. Congrats :) |
==> |
| @xmaple555: I remember I just change a bit in last letter check. You can calculate it easy with script :) |
==> |
| Congratulation puelo :) |
==> |
| So "rock_noll_vo" means rockyou.txt and Fowler–Noll–Vo hash. Nice hint xD. Hope I can make solution soon. |
==> |
| if hash_64_fnv1a(key) == 0x6658A617BCCE24D5) then correct. Is that true?
|
==> |
| Hmm you forgot deleting the function at 0x4014A8. Using this function I was able to generate my own valid serial :)
Elvis/6nNx9Q============ |
==> |
| Hmm I have found out the idea. Nice crackme BTW :) |
==> |