| good for learning |
==> |
| impossible wow.. |
==> |
| ono |
==> |
| 416 == str[0] + str[1] + str[2] + str[3] |
==> |
| SDLKJFOPEI**************** |
==> |
| 1. Write how to disable all the anti-debugging functions
StartAddress
sub_401AA0
sub_401BA0
bypass all
then done with ce windbg |
==> |
| check hashed input with sha256 and data.
cant find rt
System.Windows.Form.MessageBox::Show |
==> |
| if (this.richTextBox_0.Text == Form0.getString_0(107396704))
{
MessageBox.Show(Form0.getString_0(107396675));
MessageBox.Show(Form0.getString_0(107397090));
debug and get strings:
RASBERRYONTO********
SG9sbHkgU2hpdC************************** (base64 encoded data)
decoded:
Holly Shit! You did it! DM ME ON ***************
|
==> |
| 1min crack |
==> |
| dump and see how it make pw.
pw = pw + ((int)id[i]).toString() |
==> |
| dump and two goals complete
encrypt:
key = random(100000,1000000)
value = (value + key) * -1
press -:
encrypt ( enc_health.decrypt() - 5 )
press +:
encrypt ( enc_health.decrypt() + 5 )
isBeingDebugged:
exit()
getModuleHandle("vehdebug-x86_64.dll"):
exit()
HasAllowedHost():
exit()
blabla |
==> |
| was very ez |
==> |
| easy base64 str |
==> |
| gg |
==> |
| gg |
==> |
| gg |
==> |