Jump to content
Tuts 4 You

[Don't touch ME] - Part 1


Kurapica
Go to solution Solved by crystalboy,

Recommended Posts

Difficulty : NAN
Language : Delphi
Platform : Windows x64
OS Version : Windows 7
Packer / Protector : None

Description :

Challenge : Make the application show a different message when clicking the button.

by default, it shows a simple "Hello World !" message.

Here are the challenge rules :

1 - No patching is allowed, It doesn't matter how you solve it as long as the SHA-1 of the original file stays "9F1CCEBBDAB4A0CEEC30C61F1D64C4B1DEAE8CBE"

2 - If your solution includes any coding then it should only be C#.

3 - Writing a simple tutorial is obligatory, don't post your solution if you don't want to write a tutorial.

4 - Don't use dUP / uPPP or similar tools but you can write your own tools if needed.

5 - your solution should be able to show the VA of the OEP and view first 9 bytes of that address before the victim loads kernel32.dll !

Screenshot :

Attached.

Part 1.rar

2016-09-21_172439.png

Edited by Kurapica
  • Like 1
Link to comment

crystal clear solution :D

I forgot to enable ASLR which made it easier :(

Although my intention was to show how to hunt the ImageBase dynamically for a 64bit victim.

well done

 

Edited by Kurapica
  • Like 2
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...