Jump to content
Tuts 4 You
  • 0
Sign in to follow this  
mattheig

First Crackme

Question

mattheig
Posted (edited)

Language: C/C++
Platform: Windows x86
OS Version: Windows
Packer / Protector: None

Description:

Simple obfuscation. Change "input a number" text. 

Gold: add +1 to sum factorial

Screenshot:

Screenshot_7.png.110bf4a09232b5532bb49c661a8cb14b.png

 

OBFTest.exe

Edited by mattheig
wrong exe (see edit history)

Share this post


Link to post

3 answers to this question

Recommended Posts

  • 0
NOP

Program cannot start because VMprotect dll is missing

Quote

Packer / Protector: None

Are you sure this is using no packer or protector?

  • Like 1

Share this post


Link to post
  • 0
mattheig
Posted (edited)

@NOP reupload

 

Edited by mattheig (see edit history)

Share this post


Link to post
  • -1
ForlaxPy
Posted (edited)

[*] Changed the textsb40XYS.png

 

How I did it?
 

Spoiler

 

Simply by breaking the runtime in this address: 00CA675B then you would be able to see the text in the edx register, so I changed that text from memory dump as you can see here KKPnhzF.png

 

 

 

[*] Added +1 to sum factorial

DibeePs.png

How I didt it?

Spoiler

Same story go to 00CA5070 and edit the eax reg

 

For now that the addresses are well know you can easily calculate the string value and change edit these reg values by patching the exe so it always return what ever you want.

Edited by ForlaxPy
More details (see edit history)
  • Like 1

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×
×
  • Create New...