Jump to content
Tuts 4 You

[FindThePassword] Old School


Ownage

Recommended Posts

Not too much to say about but let the following be a storyline of the challenge:


 


"This program is believed to be used to check validity of superheroes' secret passwords."


 


Your objective is to analyze the program and find the secret passswords.


 


It's up to you if you want to submit your answer here or via PM to me.


It will be up for a week then I will post my detailed solving method.


 


Enjoy it!


OldSkewl.zip

Link to comment
Share on other sites

Hint:

Only common english words are used. Use a dictionary file to find the intended words.
The basic one from BackTrack 5 works: /pentest/passwords/wordlists/darkc0de.lst

Link to comment
Share on other sites

My best guess is below. Some things still don't add up, though.

 

If there's any problem, you could send me an PM and explain your steps. I will help you if you think you missed things. I'm curious about your way of passing the anti debug part. Congratulations, anyway!

 

Edit: to be sure i have not sent you/others on wrong path. your solutions is correct :)

Edited by Ownage
Link to comment
Share on other sites

I'll wait for you "detailed solving method" - maybe after that I'll comment on how I got around anti-debug. :)


 


As for problems - on my computers (Xeon W3550 with 64bit Win7 and i5-2500K with 32bit XP) the correct answer won't show the messagebox. In VMWare it works correctly.


My best guess is that you have a race condition somewhere in the code.

  • Like 1
Link to comment
Share on other sites

I'll wait for you "detailed solving method" - maybe after that I'll comment on how I got around anti-debug. :)

 

As for problems - on my computers (Xeon W3550 with 64bit Win7 and i5-2500K with 32bit XP) the correct answer won't show the messagebox. In VMWare it works correctly.

My best guess is that you have a race condition somewhere in the code.

Lol

I still have a AMD Athlon XP3200+ @ 2.2 Ghz single core.

Long time i wanted to upgrade but never really felt the need...

Link to comment
Share on other sites

@GIV: try to reverse any game based on Unreal 3 engine. Or wait until IDA finishes analysis of 10MB+ executable. You'll feel the need then. ;)


@Ownage: any chance to see your "official solution"? :)


Link to comment
Share on other sites

For my accounting program what i have is more than sufice.


I will consider upgrading in a year or two.


:)


For you is another story kao...that is why our knowledge levels are diferent in your advantage.


:)


Link to comment
Share on other sites

I cant't find enough time to complete the official solution. Whoever wants can post here and I will send them the complete source code of the challenge.


Edited by Ownage
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...