[SPOILER AT THE END]
The anti-patch was easy to bypass. I just attached a debugger and stepped over the entire PatchGuard init check. Once that's bypassed you can do anything. Great work on the static puzzle! I decoded the key by taking the little-endian bytes of 0x50475550475547, XOR-ing the 16-bit pairs at offsets 1, 3, 5 with 0x3333, and setting the first byte to 0x74 ('t'), which revealed the key: tftcftc |
==> |