jameswoods Posted June 27, 2019 Posted June 27, 2019 Language : Golang Platform : Windows x86 OS Version : Tested on Windows 10 / Windows 7 Packer / Protector : UPX Description : This is a very simple crack me coded in Go. It is packed with UPX (unmodified) only to shrink the size of the binary. Screenshot : Scan Results : Packed: https://www.virustotal.com/gui/file/d2194772a522b19fdd08d78fb5aaf7a9d1cd856978445e163429819ef273452b/detection Unpacked: https://www.virustotal.com/gui/file/79e746354ad7bf267e9d03660c24eeed49df79d801a453c67c7416b069a3fc6d/detection CrackMe.exe 1
Sh4DoVV Posted May 29, 2020 Posted May 29, 2020 (edited) Hi Password : @flag{} inline patched file attached CrackMe_inlined.rar Edited May 29, 2020 by Sh4DoVV 1
GioTiN Posted August 7, 2020 Posted August 7, 2020 On 5/29/2020 at 3:35 PM, Sh4DoVV said: Hi Password : @flag{} inline patched file attached CrackMe_inlined.rar 504.41 kB · 6 downloads nice
pendos1111111 Posted March 22, 2023 Posted March 22, 2023 flag is @flag{} if ( v2 == 7 && (LOBYTE(v7[1]) = runtime_memequal(v1, (__int64)"@flag{}", 7LL)) != 0 ) { v14[0] = (__int64)&RTYPE_string; v14[1] = (__int64)&off_4E19D0; *((_QWORD *)&v8 + 1) = fmt_Fprintln( (__int64)&go_itab__ptr_os_File_comma__ptr_io_Writer, qword_572238, (__int64)v14, 1LL, 1LL); } else { v13[0] = (__int64)&RTYPE_string; v13[1] = (__int64)&off_4E19E0; *((_QWORD *)&v8 + 1) = fmt_Fprintln( (__int64)&go_itab__ptr_os_File_comma__ptr_io_Writer, qword_572238, (__int64)v13, 1LL, 1LL); }
jackyjask Posted March 23, 2023 Posted March 23, 2023 are there any means in IDA to understand go strings like v14[0] = (__int64)&RTYPE_string; v14[1] = (__int64)&off_4E19D0; and print real string bytes instead of this struct?
REFAIM Posted April 5, 2023 Posted April 5, 2023 Full solution including manual unpacking of UPX: https://refaim.medium.com/a-simple-go-crackme-manual-upx-unpacking-e27d83bb8741 1
agentjones Posted April 6, 2023 Posted April 6, 2023 On 4/5/2023 at 12:23 PM, REFAIM said: Full solution including manual unpacking of UPX: https://refaim.medium.com/a-simple-go-crackme-manual-upx-unpacking-e27d83bb8741 Nice article, well laid out. One small correction: the PUSHAD instruction and similar were gutted from the 64bit instruction set, this is why you see multiple individual push instructions in new binaries. 1
REFAIM Posted April 14, 2023 Posted April 14, 2023 On 4/6/2023 at 5:47 PM, agentjones said: Nice article, well laid out. One small correction: the PUSHAD instruction and similar were gutted from the 64bit instruction set, this is why you see multiple individual push instructions in new binaries. Thanks!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now