Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   ESETCrackme2015 (https://forum.exetools.com/showthread.php?t=19070)

barmaley 01-10-2019 01:27

ESETCrackme2015
 
Hi all!

I have a question about some data from this task. When I reversed this crackme, I found in the module that is injected data block that is not referenced.
these blocks consist of printable characters.
example:
Code:

)}aL~POo%ruP(M$2OjCv+php5MU4wL#7_%hb6Y&=J:.:|sOBA]48(mZa;6C6S,fyK
Hef$ar9B,U(NJ$%EFd+6C)9jQKE}hjwFon8+gM(2D/OEKeoHf?|?t8731|%~9UYMs
d4ZhOtRu<js[RNbND86W)H(,wT@bhZOKpZ+4@8-Kh=2~4V<<1x!IfepLHa0OeBH?H
H8lF?_WxH.@7Wd*WV0oN!J_6lev[U==;[mEKI!ol!UKOUV1.1>n4|bU:C}T+O/>N&
]ntQueq0Vf.7k,!pD%-^<cbH]PsCt_}i*g-/=>K.qSnl/LL42&!:CG/Yx+K0kn<{k
z!+kv<}<dfyK1/TJVkgTzEf*&-eUF*dN1FZ7IQgu.nYn`k%>,G9@ffSPp~y;Sd!|I
~XZvIku}6{i7ti#jGisn6uv$kT1/jsE%Kybot2m%-7d2WJ|G$6D)RUR[e;2#X1y5Z
B{7YOA>%N}:rdPh#kZkJ##P(y|NaYN0Da,Q5Qx@?Dh<Ml$>^SF!kcic?!~~1Y[pmD
pm(cZ,[/>;|jWbCjlg5R1pVa$,4S1|TfR%<|YhiDS2v.?K]v.8]EH(k~C8x=1{[)r
q@o$pPiP,By-Gpor^FwY2HhL|`Ll8i<]PP!qP!kPsSq(eP#27`3{1TW4mcoWz,sD,
-fyd8SwfH$Li9nGulkf%|]kc3/qD3n@Wx8x3(bUzafxPFQN9Kk=ySbCZl!`cs$zO-
&:49U<6Y0(@htM0`

maybe someone knows what it is?) I suggested that this moded base91, but i think i was wrong.

DARKER 01-10-2019 04:05

Maybe here is something about this?
https://quequero.org/2016/01/eset-crackme-challenge-2015-walkthrough/

barmaley 01-10-2019 17:39

There are many different solutions in the internet, but nowhere about this

contactmebyhere 03-14-2019 07:28

The new eset crackme is amazing btw!

Apuromafo 03-14-2019 09:10

the origen is :

https://join.eset.com/en/open-positions/malware-analyst
https://join.eset.com/en/challenges/crack-me
->

here a complete solution:
http://www.nullsecurity.org/article/eset_malware_anlyst_challenge

barmaley 03-29-2019 06:19

Quote:

Originally Posted by Apuromafo (Post 116649)
the origen is :

https://join.eset.com/en/open-positions/malware-analyst
https://join.eset.com/en/challenges/crack-me
->

here a complete solution:
http://www.nullsecurity.org/article/eset_malware_anlyst_challenge

There is no info about what i ask. There are many descriptions on the net, but nowhere, what interests me

Apuromafo 03-29-2019 11:31

Quote:

Originally Posted by barmaley (Post 116745)
There is no info about what i ask. There are many descriptions on the net, but nowhere, what interests me

but in complete solution...in what step are you?

1rst is prometeus, 2nd...is about unreferenced...etc..please be more specific ?

about remember there exist many cipher posible ror, xor, mod etc...
if not are in other solutions, is because not need decode that place :/

unn4m3D_BR 07-27-2019 22:40

I tried hard this crackme, but I figure out that I need to study more to solve it. I passed by the first part, downloaded the second file and I couldn't understand how it was injected on memory and how to start get the the passwords.

Although many sites has a solution explained I'm not feel well to only copy it and don't understand inside all tasks.

So, what do you thinks that I need focus on study to be able to understand and solve this crackme? My goal isn't only solve this, but feeling that I know what do and improve my skills with it.

Thanks in advance guys!

[]'s

NeOXOeN 08-20-2019 07:10

I wasnt able to solve a challenge.. i think tutorial will be posted soon.

bye N

unn4m3D_BR 08-28-2019 08:07

Quote:

Originally Posted by NeOXOeN (Post 118114)
I wasnt able to solve a challenge.. i think tutorial will be posted soon.

bye N

You can find it easily bro. Just search for "eset crackme write up". My point about this crackme is... I know that I need study more, but I would like to have some suggestions on what kind of study I need focus on.

Reversing is amazing and huge area. In special, for this challenge I figured out several points to study more. The flare challenge is my goal at this moment. Finish these challenge make me a better reverser haha (I hope so)

[]'s

PriSim 08-28-2019 11:30

Quote:

Originally Posted by NeOXOeN (Post 118114)
I wasnt able to solve a challenge.. i think tutorial will be posted soon.

bye N

A good link for detailed and solved tutorials
https://forum.exetools.com/showpost.php?p=116649&postcount=5


All times are GMT +8. The time now is 18:38.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX