masta Posted September 26, 2018 Share Posted September 26, 2018 If you've already decrypted the communication between the sample and the C&C, it should be trivial. The communication between the sample and JJ-pc is encrypted using the same scheme, but with another session key. Link to comment Share on other sites More sharing options...
bandit Posted October 1, 2018 Share Posted October 1, 2018 Yup. Figured out both communications. Was able to get past it. Any hints for #12? I'm able to get to the VM image but need some help figuring out how the passwd is being validated. Link to comment Share on other sites More sharing options...
Extreme Coders Posted October 1, 2018 Share Posted October 1, 2018 @bandit You try tracing the execution, which memory cells are accessed and modified in what way. Quite time taking to say the least. Link to comment Share on other sites More sharing options...
bandit Posted October 2, 2018 Share Posted October 2, 2018 Is that the last stage of the challenge (the l_e_q)? Or am i in another assembly hell after solving that? Link to comment Share on other sites More sharing options...
Extreme Coders Posted October 2, 2018 Share Posted October 2, 2018 Of course not! Welcome to the matrix. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now