Jump to content
Tuts 4 You

All Activity

This stream auto-updates     

  1. Past hour
  2. evandrix

    Flare On 6

    the pouet link http://www.pouet.net/prod.php?which=53563 containing http://demo.hack.se/crinkler_tutorial/crinkler_tutorial.zip is gone anyone can share a copy please?
  3. Today
  4. Yesterday
  5. DefCon42

    small, simple crackme

    that's true if you only have 4 variables to work with, but that might not always be the case (even four wasn't instant on my machine); it's relatively easy to make it large enough that a bruteforce becomes ineffective
  6. fasya

    Flare On 6

    Any hints where to look for the flag in level five(demo)? I have no clue where to look for :(
  7. TobitoFatito

    Agile.net (6.4.0.31)

    I Released a way of patching these vm's, here https://github.com/TobitoFatitoNulled/Venturi77CallHijacker but you'll need to manually inject agile for now (will try to fix the issue asap tho. My disc is TobitoFatito#5573
  8. Last week
  9. hellxsuicide

    Agile.net (6.4.0.31)

    So do you have discord or something, i was actually able to unpack some things, but I think there needs to be done some string decryption. And sorry for the late response.
  10. MaxII

    Safengine Shielden v2.3.8.0

    Hi Any tutorial on how to patch HWID? I read sound's tutorial but it's in Chinese and I can't read Chinese, google translate was bad too.
  11. There is quite an extensive documentation available at http://help.x64dbg.com/en/latest/introduction/ConditionalBreakpoint.html, however if you don't feel like reading, just use Break Condition "0", Log Condition "r9 != 0" and uncheck "Fast Resume" (since fast resume will skip logging if break condition != 0).
  12. VirtualPuppet

    small, simple crackme

    Well, mathematically, it’s just a question of finding 4 variables that, when multiplied with their factor and summed together yields a value within the allowed limit. one could either brute force it or calculate it by hand. Even if you increase keylength, the key will be easy to recover as long as you calculate the key parts separately.
  13. DefCon42

    small, simple crackme

    can't complain about a bruteforce, though i could probably have made it impractical with a longer key length
  14. Well, from the basics I know (regarding ssl).... AES is the only useful... the best...end end with aes would be cool ::P ....and.,... please try not to use winrar, it is closed-source software.... if you like cracking then obviously use open-source systems and share open systems/codes/... etc Read up on the GNU operating system
  15. Well, from the basics I know (regarding ssl).... AES is the only useful... the best...end end with aes would be cool ::P
  16. VirtualPuppet

    small, simple crackme

    There are many working keys. One of them is "$^CQE!#(Mrfe%&&$": The key was brute forced using a quickly written C++ executable: The code for the C++ executable is as follows:
  17. DefCon42

    small, simple crackme

    People who patch this instead of trying to find the key are boring :^) Language : C++ Platform : Windows x64 OS Version : Windows 10 Packer / Protector : None Description : This is a simple crackme i made over the course of the last 30 minutes. Hopefully you get a little fun out of it. Screenshot : crackme.exe
  18. ForlaxPy

    First Crackme

    [*] Changed the text How I did it? [*] Added +1 to sum factorial How I didt it? For now that the addresses are well know you can easily calculate the string value and change edit these reg values by patching the exe so it always return what ever you want.
  19. Teddy Rogers

    The (Legally) Free PC Games Topic...

    Hyper Light Drifter Mutant Year Zero Ted.
  20. At a long enough password length, even with enormous computing power, one is more likely to find a collision than the original password. After more than 2^128 combinations are tried for the example AES-128 HMAC used. However since the character set is limited, its not exactly clear which passwords might have shorter length collisions and using which other character set. As well depending on the decryption algorithm, the collision password may not correctly decrypt. Keep in mind that the verification algorithm and decryption algorithm are 2 different things. The verification part is merely to save the trouble of decrypting garbage data and a mere convenience. Old WinRAR versions would just extract without checking validity. In these cases an automated attack would require knowing something about the decrypted data that could be verified for correctness. Unless pre-image attacks against AES become available or quantum computers then simply an 8 character password dictionary resistant with a good enough character set is enough for most usages. If you are worried about the NSA, then probably you would want to use something completely different given they are famous for backdooring algorithms and AES was standardized in part by them.
  21. hello , you can use " crunch " to generate a custom wordlist then change " rar " files extention to " zip " and finally you can use " fcrackzip " , all what i've mentioned is available on " kali linux OS " Greetz
  22. Hi guys, oh la la!Thanks for that new infos.I tried for fun this tool you talked about kao and made first some test rar files with short 3 letter / digits passwords and the tool found it out very quickly!Wow!I didnt expected this.So I see using short passwords isnt a very good choice to protect files if they should be keep protected if its needed for any reason. Question: So what kind of password would be a really good one using the lowest lenght?So you said a lenght of minmum 6 would take 144 +/- days right.What passwords are you using kao? 😀 So I think I need to find any good mixed password with symbols / signs but also one which I do remember later again or maybe just a long set or quote. I think nobody can remember passwords like $&9(S$%EKNm which looks strong.Or maybe using some letters which are not used in other most languages would be also good like ßÄüÖ.Hhhmm. One more question about this tool and the password.def file where I need to enter for what it should check for.I think its only helpfully if I know what letter / signs I did use in my own passwords right. Example: If I know my password used only digits then I should only set $1 into like this... # Password definition [$1] * ...or this... # Password definition [$1 $a $A $!] * ..for digits,lower,upper case letters & extraterrestrial signs / symbols. Password like 1_Az for example.Lets say I dont know anything about the used password so then I should use just a ? like this... # Password definition [?] * ....and in commandline using -l1 -g127 for min & max lenght to check for also if it could take 100 years (+/- few seconds). What is if I use a 100 byte lenght password?Just entering 0123456789 copy this and just paste another 9 times + any symbol after like this ' or just entering the second keyboard line from left to right ^1234567890ß´.Anyway,just thinking around you know. greetz
  23. fRiESLVe

    Paradise dUP2 Skin

    View File Paradise dUP2 Skin Submitter fRiESLVe Submitted 08/16/2019 Category diablo2oo2 Universal Patcher (dUP)
  24. Version Full

    2 downloads

  25. ForlaxPy

    My First CrackMe

    The sample is not working for me/ insta crash on the launch. I'm over win10, latest .NET 4.7
  26. ForlaxPy

    HTTP MITM tool

    if you're familiar with c# you can use fiddlerCore and easily code a program that auto get these http requests and eitehr redirect them to somewhere else or change the response. Here is a demo on the usage of it http://fiddler.wikidot.com/fiddlercore-demo
  27. CodeExplorer

    New Device Login - email send to me a lot!!!

    Finally I was able to solve that problem: https://www.lifewire.com/set-up-filter-yahoo-mail-1167129 So I've choose to place New Device Login message subject in a separated folder and all works ok.
  28. MistHill

    Obfuscated VM CrackMe

    password: "viva la revolution" How the password verified? Here, check my entered password against the correct one, both encrypted. Obviously, the encrypted password at RVA 00011054 is 18 characters long. But, what is the encryption or decryption algorithm? Don't dive into that, instead I assume the algorithm is symmetrical. This time, I entered the right length password "123456789012345678". At entry of the subroutine, Ecx=004FF534, we can find the entered password at allocated buffer 008F0000: Copy and paste with the correct cipher password from RVA 00011054: 008F0000 12 EC C5 CB AC FC 86 96 23 7C 7D 57 46 5C 43 4F 008F0010 56 2D 2A 00 Run to the end of loop at 01323461, we got: 008F0000 12 76 69 76 61 20 6C 61 20 72 65 76 6F 6C 75 74 .viva la revolut 008F0010 69 6F 6E 00 ion.
  29. endered

    Flare On 6

    It's my 4th time to participate this wonderful reversing feast.
  1. Load more activity
×
×
  • Create New...