Jump to content
Tuts 4 You
  • 0
Sign in to follow this  

CrackMe Native



Language : C++
Platform : Windows
OS Version : Windows 7,8,8.1,10
Packer / Protector : Own

Description :

Enter correct key and you willl see the flag, and this is result. Post flag to spoiler with wirite up how you decoded it.



Share this post

Link to post

3 answers to this question

Recommended Posts

  • 0

You don't need to know correct key to get the flag:



Is that what you're looking for?


1) Run and dump from memory;
2) (optional) Fix imports with Scylla;
3) Load dump in IDA;
4) Find WndProc and see how WM_COMMAND is handled;
5) The key check is very convoluted but it all ends up here:

  ... lots of horrible operations with entered key ..

  strncpy(buffer, encryptedFlag, 25);
  for ( n = 0; n < 25; ++n )
    v3 = buffer[n];
    v4 = HIDWORD(v3) ^ HIDWORD(v20) ^ HIDWORD(v21) ^ HIDWORD(v22) ^ HIDWORD(v23) ^ HIDWORD(v11);
    v8[2 * n] = v3 ^ v20 ^ v21 ^ v22 ^ v23 ^ v11;
    v8[2 * n + 1] = v4;
    decryptedFlag[n] = v8[2 * n];

  // check last 2 bytes of decrypted flag
  result = 24;
  if ( decryptedFlag[24] == 'Z' )
    result = 23;
    if ( decryptedFlag[23] == 'C' )

Xor key for all bytes is the same. :wacko: 

You know encrypted flag. You know last 2 bytes of decrypted flag. So, you can deduce XOR key and decrypt the flag.

  • Like 1
  • Thanks 1

Share this post

Link to post
  • 0

Hmm 😂 , Nice cold job kao! I know the XOR key is always the same. Next time there will be RSA for key checking. Very much appreciated that you described the procedure. See you next time 😎

Share this post

Link to post
  • 0
On 9/25/2019 at 5:09 AM, 0X7C9 said:

Bruh what the hell. First try I randomly entered "sad" into it just testing with random chars and it was the goddamn key.


Edited by Glock40 (see edit history)

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
  • Create New...