north123 Posted October 13, 2017 Posted October 13, 2017 Difficulty : 5Language : Borland DelphiPlatform : Windows x32OS Version : Windows XP +Packer / Protector : VMProtect v 3.x Description : enter password Screenshot : 123.exe
SmilingWolf Posted October 14, 2017 Posted October 14, 2017 (edited) So you spam people to do the job for you and simultaneusly post the thing as a challenge? Ok. You know what? Whatever Login pass: 65412312345 Attached is the ripped algorithm of the generator, I'm throwing this one in for free for sh*t and giggles. src.7z Edited October 14, 2017 by SmilingWolf 1
ragdog Posted October 14, 2017 Posted October 14, 2017 Why VMProtected? is your algo to simply that you must protect it?
north123 Posted October 14, 2017 Author Posted October 14, 2017 SmilingWolf Thank you very much) please forgive me
SmilingWolf Posted October 15, 2017 Posted October 15, 2017 11 hours ago, ragdog said: Why VMProtected? is your algo to simply that you must protect it? Simple is quite the understatement. 11 lines in asm, and IDA sums it up nicely as: unsigned int __stdcall Generate(unsigned int inputNum) { return 234567891 * __ROL4__(123456791 * (inputNum ^ 0xABD13D59), 16) % 100000000u; } Also, it's neither his algorithm nor a challenge created by him. It came into my inbox as a crack request. 1
LiuXing Posted November 6, 2017 Posted November 6, 2017 Oh, wonderful. I thought VMProtect 3.x is perfect packer for Anti-Reversing. But SmilingWolf changed my concept. How did you unpacked VMProtec 3.x easily like this? I am a beginner of reversing. Please post good article about the VMProtect newest versions.
JohnWho Posted November 10, 2017 Posted November 10, 2017 On 6/11/2017 at 2:59 PM, LiuXing said: Oh, wonderful. I thought VMProtect 3.x is perfect packer for Anti-Reversing. VMProtect can be powerful if used properly. 1
SmilingWolf Posted November 10, 2017 Posted November 10, 2017 (edited) Which implies using virtualized sections of code inside the application, something which this program's author blatantly failed to do. By the way, I didn't unpack the program. I only had to get around VMProtect's anti debugging (easy with ScyllaHide's preset) and debug it to retrieve both the password and the algorithm. As a pure packer it's meh IMO. Then again, that's not its main purpose, as the name suggests. It is a really interesting virtualizer. Edited November 10, 2017 by SmilingWolf 2
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now