Jump to content
Tuts 4 You

[crackme] Find the flag by extremecoders

Extreme Coders
Go to solution Solved by kao,

Recommended Posts

Extreme Coders

@GIV: Good Work. :)


A little hint if someone else is interested in finding the actual flag. It consists of exactly 30 printable ascii characters.

  • Like 1
Link to comment
Share on other sites

They can do a simple compare of my patched file with original file. Is just a byte patch.

Is a xor and a compare operation and a simple jump to pass the bad boy message.


I have searched in memory the bad boy string, put a hwbp on access on the first letter then when it was triggered i looked in the call stack to see from where it was accessed and forward using the stack i have reached the actual check routine.

I have no patience to recompose the original string just i have put a compare to be equal (EAX=0) and so the program jumps always to good boy.

Edited by GIV
Link to comment
Share on other sites

The thing is, in an actual CTF you'd need the string. C'mon yer ol' lad, put a little extra effort in this, at least it is not the usual "überpacked" .NET file, too much of that sith has been posted here in the last year...

Edited by SmilingWolf
  • Like 2
Link to comment
Share on other sites

  • Solution



EDIT: I enjoyed it so much that I think it deserves a small writeup. Coming up in few hours.. :)

Edited by kao
  • Like 11
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...