EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-10-2019, 01:27
barmaley barmaley is offline
Friend
 
Join Date: Jan 2019
Posts: 2
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 1
Thanks Rcvd at 0 Times in 0 Posts
barmaley Reputation: 0
ESETCrackme2015

Hi all!

I have a question about some data from this task. When I reversed this crackme, I found in the module that is injected data block that is not referenced.
these blocks consist of printable characters.
example:
Code:
)}aL~POo%ruP(M$2OjCv+php5MU4wL#7_%hb6Y&=J:.:|sOBA]48(mZa;6C6S,fyK
Hef$ar9B,U(NJ$%EFd+6C)9jQKE}hjwFon8+gM(2D/OEKeoHf?|?t8731|%~9UYMs
d4ZhOtRu<js[RNbND86W)H(,[email protected][email protected]=2~4V<<1x!IfepLHa0OeBH?H
[email protected]*WV0oN!J_6lev[U==;[mEKI!ol!UKOUV1.1>n4|bU:C}T+O/>N&
]ntQueq0Vf.7k,!pD%-^<cbH]PsCt_}i*g-/=>K.qSnl/LL42&!:CG/Yx+K0kn<{k
z!+kv<}<dfyK1/TJVkgTzEf*&-eUF*dN1FZ7IQgu.nYn`k%>,[email protected]~y;Sd!|I
~XZvIku}6{i7ti#jGisn6uv$kT1/jsE%Kybot2m%-7d2WJ|G$6D)RUR[e;2#X1y5Z
B{7YOA>%N}:rdPh#kZkJ##P(y|NaYN0Da,[email protected]?Dh<Ml$>^SF!kcic?!~~1Y[pmD
pm(cZ,[/>;|jWbCjlg5R1pVa$,4S1|TfR%<|YhiDS2v.?K]v.8]EH(k~C8x=1{[)r
[email protected]$pPiP,By-Gpor^FwY2HhL|`Ll8i<]PP!qP!kPsSq(eP#27`3{1TW4mcoWz,sD,
-fyd8SwfH$Li9nGulkf%|]kc3/[email protected](bUzafxPFQN9Kk=ySbCZl!`cs$zO-
&:49U<6Y0(@htM0`
maybe someone knows what it is?) I suggested that this moded base91, but i think i was wrong.
Reply With Quote
  #2  
Old 01-10-2019, 04:05
DARKER DARKER is offline
VIP
 
Join Date: Jul 2004
Location: Côte d'Ivoire
Posts: 231
Rept. Given: 13
Rept. Rcvd 89 Times in 34 Posts
Thanks Given: 2
Thanks Rcvd at 62 Times in 24 Posts
DARKER Reputation: 89
Maybe here is something about this?
https://quequero.org/2016/01/eset-crackme-challenge-2015-walkthrough/
Reply With Quote
  #3  
Old 01-10-2019, 17:39
barmaley barmaley is offline
Friend
 
Join Date: Jan 2019
Posts: 2
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 1
Thanks Rcvd at 0 Times in 0 Posts
barmaley Reputation: 0
There are many different solutions in the internet, but nowhere about this
Reply With Quote
  #4  
Old 03-14-2019, 07:28
contactmebyhere contactmebyhere is offline
Friend
 
Join Date: Nov 2017
Posts: 4
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 3
Thanks Rcvd at 6 Times in 2 Posts
contactmebyhere Reputation: 1
The new eset crackme is amazing btw!
Reply With Quote
  #5  
Old 03-14-2019, 09:10
Apuromafo Apuromafo is offline
Family
 
Join Date: Nov 2010
Location: Chile
Posts: 81
Rept. Given: 10
Rept. Rcvd 17 Times in 9 Posts
Thanks Given: 88
Thanks Rcvd at 98 Times in 28 Posts
Apuromafo Reputation: 17
the origen is :

https://join.eset.com/en/open-positions/malware-analyst
https://join.eset.com/en/challenges/crack-me
->

here a complete solution:
http://www.nullsecurity.org/article/eset_malware_anlyst_challenge

Last edited by Apuromafo; 03-14-2019 at 09:16.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 04:06.


��ICP��05004977��
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX