Challenge Books for study

[leonardonhesi]

Good to help with some study material,I would available a personal collection of books in PDF, but i make a little challenge:

Annex I make available an executable called reverseBooks.exe MD5 = "bd6d1a45b53c0775a56ff10f80acbd7d" after winning the challenge of the executable will be available the links to download the files containing the books.
This executable was coded with C # (. NET) for the challenge then I recommend the following tools:

* GrayWolf - https://www.digitalbodyguard.com/graywolf.html
* dotPeek - http://www.jetbrains.com/decompiler/
* RedGate - http://www.red-gate.com/products/dotnet-development/reflector/
* Brain - http://en.wikipedia.org/wiki/Brain
* CFF Explorer - http://www.ntcore.com/exsuite.php

Description of the books separated by the files:

Name of the file estudoBook.rar:
*Reversing Secrets of Reverse Engineering
*No.Starch.IDA.Pro.Book.2nd.Edition.Jun.2011
*Practical_Malware_Analysis

Name of the file estudoBook1.rar
*PC_Assembler
*The Rootkit Arsenal Escape and Evasion in the Dark Corners of the System - Second Edition
*rootkits subverting the windows kernel

Name of the file MALWARE_SANS.rar
*(SANS 610.1,2,3,4,5)

Name of the file estudoBook2.rar
*Malware Analyst¡¯s Cookbook
*Gray Hat Python - Python Programming for Hackers and Reverse Engineers

Password to unzip the files is "reversing"

Good luck!

[LaDidi]

@leonardonhesi:
Thanks...
but The RAR file hasn't any password and the .NET exe file ReverseBooks.exe doesn't accept "reversing" as a password.

Code:

C:\...>reverseBooks
NOME(8 caracteres):
reversing
O nome deve ter 8 caracteres

[leonardonhesi]

Hello LaDidi

The rar file attached to the post really has no password.
".. the. ReverseBooks.exe NET exe file does not accept" reversing "the password."
In fact, the challenge is to discover passwords through reverse engineering, to get the links to download the PDF, the password I mentioned "reversing" will be used only after the breakdown of the challenge,this password is to unzip the pdf books..
As my native language is Portuguese of Brazil (pt/br) all strings in the executable are PT/BR.

Thank you and good luck

[piranime]

Can you post some other filesource for those who cant download from exetools?

Thanks for reading =)

[leonardonhesi]

Surely, here is the link
http://depositfiles.org/files/p934ukg4e

By the way
Someone got resolve?
If anyone has questions, just post.
Give the fish ever, but teach him to fish ....

thank you

[piranime]

edit [my fault there is a valid solution]

I got the links =)

i will not post them until the author of this fun challenge autorize me =)

Have fun with it

[leonardonhesi]

Hello piranime
You really found the passwords .....
I hope I have contributed to that you practice your skills.
If you want to release the passwords only ask that you do through a tutorial explaining as did so that others can study.

Thanks and until the next

[piranime]

Hope you like my tutorial

https://exetools.com/showthread.php?t=15421

[leonardonhesi]

Very nice tutorial.
thank you!

[zeuscane]

For ArquivoMALWARE_SANS.rar https://mega.co.nz/#!sFEjSIwR!Wi6i3ANvFXSDhY8tSyCOYEZ6d89w4CJN06QNLCKrf6g

password is not reversing


zeuscane

[leonardonhesi]

Sorry about that.
I'm already uploaded a new one,
here is the link.
https://mega.co.nz/#!4UEQ1SyJ!FVAAGW...VQRr0KDq_irBGM

[TQN]

Password: faceless
Nome: faceless
Serial: @@###RVERSINGcreamCRACK!

Tools used:
1. Reflector
2. 010 Editor with XorSelectionHex.1sc
3. deprotect

Tip: MZ = 5A 4D = "0101 1010 0100 1101", xor => password