Jump to content
Tuts 4 You

Edit History

wabafit

wabafit

On 4/1/2019 at 2:56 AM, XenocodeRCE said:

I am not able to debug it, however I found a flag. I do not understand it, its not proper english.

  Reveal hidden contents

 

Hint: It is the same high ryukyu

 

Also, your anti debug by process name / window tittle does not work :

0x34e3748 (11): Fiddler.exe
0x34e3758 (13): Wireshark.exe
0x34e376c (14): MegaDumper.exe
0x34e3780 (11): OllyDBG.exe
0x34e3790 (10): de4dot.exe
0x34e37a0 (17): de4dotmodded.exe
0x34e37b4 (13): exeinfope.exe
0x34e37c8 (31): Improve .NET - Deobfuscator.exe
0x34e37ec (26): SimpleAssemblyExplorer.exe
0x34e380c (19): StringDecryptor.exe
0x34e3824 (19): Universal_Fixer.exe
0x34e383c (29): .NET Tookit Rebirth v 0.1.exe
0x34e3860 (7): SAE.exe
0x34e386c (15): CFFExplorer.exe
0x34e3880 (19): Process Monitor.exe
0x34e3898 (18): Process Hacker.exe
0x34e38b0 (9): DNSpy.exe
0x34e38c0 (9): ILSpy.exe
0x34e38d0 (10): x64dbg.exe
0x34e38e0 (11): dotPeek.exe
0x34e38f0 (30): RDG Packer Detector v0.7.6.exe

I think you use RSA / AES

Yes, I know this code is non-working. I developed the crackme quite a while ago and the purpose of me publishing this was purely to check how impermeable my obfuscation is to the individuals visiting this site. Also, that flag serves no purpose. You may ignore it. Also, I do not use RSA/AES.

wabafit

wabafit

On 4/1/2019 at 2:56 AM, XenocodeRCE said:

I am not able to debug it, however I found a flag. I do not understand it, its not proper english.

  Reveal hidden contents

 

Hint: It is the same high ryukyu

 

Also, your anti debug by process name / window tittle does not work :

0x34e3748 (11): Fiddler.exe
0x34e3758 (13): Wireshark.exe
0x34e376c (14): MegaDumper.exe
0x34e3780 (11): OllyDBG.exe
0x34e3790 (10): de4dot.exe
0x34e37a0 (17): de4dotmodded.exe
0x34e37b4 (13): exeinfope.exe
0x34e37c8 (31): Improve .NET - Deobfuscator.exe
0x34e37ec (26): SimpleAssemblyExplorer.exe
0x34e380c (19): StringDecryptor.exe
0x34e3824 (19): Universal_Fixer.exe
0x34e383c (29): .NET Tookit Rebirth v 0.1.exe
0x34e3860 (7): SAE.exe
0x34e386c (15): CFFExplorer.exe
0x34e3880 (19): Process Monitor.exe
0x34e3898 (18): Process Hacker.exe
0x34e38b0 (9): DNSpy.exe
0x34e38c0 (9): ILSpy.exe
0x34e38d0 (10): x64dbg.exe
0x34e38e0 (11): dotPeek.exe
0x34e38f0 (30): RDG Packer Detector v0.7.6.exe

I think you use RSA / AES

Yes, I know this code is non-working. I developed the crackme quite a while ago and the purpose of me publishing this was purely to check how impermeable my obfuscation is to the individuals visiting this site. Also, that flag serves no purpose. You may ignore it.

×
×
  • Create New...