north123 Posted October 13, 2017 Share Posted October 13, 2017 Difficulty : 5Language : Borland DelphiPlatform : Windows x32OS Version : Windows XP +Packer / Protector : VMProtect v 3.x Description : enter password Screenshot : 123.exe Link to comment Share on other sites More sharing options...
SmilingWolf Posted October 14, 2017 Share Posted October 14, 2017 (edited) So you spam people to do the job for you and simultaneusly post the thing as a challenge? Ok. You know what? Whatever Login pass: 65412312345 Attached is the ripped algorithm of the generator, I'm throwing this one in for free for sh*t and giggles. src.7z Edited October 14, 2017 by SmilingWolf 1 Link to comment Share on other sites More sharing options...
ragdog Posted October 14, 2017 Share Posted October 14, 2017 Why VMProtected? is your algo to simply that you must protect it? Link to comment Share on other sites More sharing options...
north123 Posted October 14, 2017 Author Share Posted October 14, 2017 SmilingWolf Thank you very much) please forgive me Link to comment Share on other sites More sharing options...
SmilingWolf Posted October 15, 2017 Share Posted October 15, 2017 11 hours ago, ragdog said: Why VMProtected? is your algo to simply that you must protect it? Simple is quite the understatement. 11 lines in asm, and IDA sums it up nicely as: unsigned int __stdcall Generate(unsigned int inputNum) { return 234567891 * __ROL4__(123456791 * (inputNum ^ 0xABD13D59), 16) % 100000000u; } Also, it's neither his algorithm nor a challenge created by him. It came into my inbox as a crack request. 1 Link to comment Share on other sites More sharing options...
ragdog Posted October 15, 2017 Share Posted October 15, 2017 It was a Joke Link to comment Share on other sites More sharing options...
LiuXing Posted November 6, 2017 Share Posted November 6, 2017 Oh, wonderful. I thought VMProtect 3.x is perfect packer for Anti-Reversing. But SmilingWolf changed my concept. How did you unpacked VMProtec 3.x easily like this? I am a beginner of reversing. Please post good article about the VMProtect newest versions. Link to comment Share on other sites More sharing options...
JohnWho Posted November 10, 2017 Share Posted November 10, 2017 On 6/11/2017 at 2:59 PM, LiuXing said: Oh, wonderful. I thought VMProtect 3.x is perfect packer for Anti-Reversing. VMProtect can be powerful if used properly. 1 Link to comment Share on other sites More sharing options...
SmilingWolf Posted November 10, 2017 Share Posted November 10, 2017 (edited) Which implies using virtualized sections of code inside the application, something which this program's author blatantly failed to do. By the way, I didn't unpack the program. I only had to get around VMProtect's anti debugging (easy with ScyllaHide's preset) and debug it to retrieve both the password and the algorithm. As a pure packer it's meh IMO. Then again, that's not its main purpose, as the name suggests. It is a really interesting virtualizer. Edited November 10, 2017 by SmilingWolf 2 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now