mattheig Posted April 13, 2019 Posted April 13, 2019 (edited) Language: C/C++ Platform: Windows x86 OS Version: Windows Packer / Protector: None Description: Simple obfuscation. Change "input a number" text. Gold: add +1 to sum factorial Screenshot: OBFTest.exe Edited April 13, 2019 by mattheig wrong exe
NOP Posted April 13, 2019 Posted April 13, 2019 Program cannot start because VMprotect dll is missing Quote Packer / Protector: None Are you sure this is using no packer or protector? 1
mattheig Posted April 13, 2019 Author Posted April 13, 2019 (edited) @NOP reupload Edited April 13, 2019 by mattheig
ForlaxPy Posted August 16, 2019 Posted August 16, 2019 (edited) [*] Changed the text How I did it? Spoiler Simply by breaking the runtime in this address: 00CA675B then you would be able to see the text in the edx register, so I changed that text from memory dump as you can see here [*] Added +1 to sum factorial How I didt it? Spoiler Same story go to 00CA5070 and edit the eax reg For now that the addresses are well know you can easily calculate the string value and change edit these reg values by patching the exe so it always return what ever you want. Edited August 16, 2019 by ForlaxPy More details 2
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now