Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-10-2019, 01:27
barmaley barmaley is offline
Friend
 
Join Date: Jan 2019
Posts: 4
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 1
Thanks Rcvd at 3 Times in 3 Posts
barmaley Reputation: 0
ESETCrackme2015

Hi all!

I have a question about some data from this task. When I reversed this crackme, I found in the module that is injected data block that is not referenced.
these blocks consist of printable characters.
example:
Code:
)}aL~POo%ruP(M$2OjCv+php5MU4wL#7_%hb6Y&=J:.:|sOBA]48(mZa;6C6S,fyK
Hef$ar9B,U(NJ$%EFd+6C)9jQKE}hjwFon8+gM(2D/OEKeoHf?|?t8731|%~9UYMs
d4ZhOtRu<js[RNbND86W)H(,wT@bhZOKpZ+4@8-Kh=2~4V<<1x!IfepLHa0OeBH?H
H8lF?_WxH.@7Wd*WV0oN!J_6lev[U==;[mEKI!ol!UKOUV1.1>n4|bU:C}T+O/>N&
]ntQueq0Vf.7k,!pD%-^<cbH]PsCt_}i*g-/=>K.qSnl/LL42&!:CG/Yx+K0kn<{k
z!+kv<}<dfyK1/TJVkgTzEf*&-eUF*dN1FZ7IQgu.nYn`k%>,G9@ffSPp~y;Sd!|I
~XZvIku}6{i7ti#jGisn6uv$kT1/jsE%Kybot2m%-7d2WJ|G$6D)RUR[e;2#X1y5Z
B{7YOA>%N}:rdPh#kZkJ##P(y|NaYN0Da,Q5Qx@?Dh<Ml$>^SF!kcic?!~~1Y[pmD
pm(cZ,[/>;|jWbCjlg5R1pVa$,4S1|TfR%<|YhiDS2v.?K]v.8]EH(k~C8x=1{[)r
q@o$pPiP,By-Gpor^FwY2HhL|`Ll8i<]PP!qP!kPsSq(eP#27`3{1TW4mcoWz,sD,
-fyd8SwfH$Li9nGulkf%|]kc3/qD3n@Wx8x3(bUzafxPFQN9Kk=ySbCZl!`cs$zO-
&:49U<6Y0(@htM0`
maybe someone knows what it is?) I suggested that this moded base91, but i think i was wrong.
Reply With Quote
The Following User Says Thank You to barmaley For This Useful Post:
Indigo (07-19-2019)
  #2  
Old 01-10-2019, 04:05
DARKER DARKER is offline
VIP
 
Join Date: Jul 2004
Location: Somewhere Over the Rainbow
Posts: 454
Rept. Given: 15
Rept. Rcvd 119 Times in 51 Posts
Thanks Given: 11
Thanks Rcvd at 731 Times in 194 Posts
DARKER Reputation: 100-199 DARKER Reputation: 100-199
Maybe here is something about this?
https://quequero.org/2016/01/eset-crackme-challenge-2015-walkthrough/
Reply With Quote
The Following User Says Thank You to DARKER For This Useful Post:
Indigo (07-19-2019)
  #3  
Old 01-10-2019, 17:39
barmaley barmaley is offline
Friend
 
Join Date: Jan 2019
Posts: 4
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 1
Thanks Rcvd at 3 Times in 3 Posts
barmaley Reputation: 0
There are many different solutions in the internet, but nowhere about this
Reply With Quote
The Following User Says Thank You to barmaley For This Useful Post:
Indigo (07-19-2019)
  #4  
Old 03-14-2019, 07:28
contactmebyhere contactmebyhere is offline
Friend
 
Join Date: Nov 2017
Posts: 5
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 3
Thanks Rcvd at 9 Times in 4 Posts
contactmebyhere Reputation: 1
The new eset crackme is amazing btw!
Reply With Quote
The Following User Says Thank You to contactmebyhere For This Useful Post:
Indigo (07-19-2019)
  #5  
Old 03-14-2019, 09:10
Apuromafo Apuromafo is offline
Family
 
Join Date: Nov 2010
Location: Chile
Posts: 112
Rept. Given: 28
Rept. Rcvd 26 Times in 12 Posts
Thanks Given: 210
Thanks Rcvd at 168 Times in 60 Posts
Apuromafo Reputation: 26
the origen is :

https://join.eset.com/en/open-positions/malware-analyst
https://join.eset.com/en/challenges/crack-me
->

here a complete solution:
http://www.nullsecurity.org/article/eset_malware_anlyst_challenge

Last edited by Apuromafo; 03-14-2019 at 09:16.
Reply With Quote
The Following User Says Thank You to Apuromafo For This Useful Post:
Indigo (07-19-2019)
  #6  
Old 03-29-2019, 06:19
barmaley barmaley is offline
Friend
 
Join Date: Jan 2019
Posts: 4
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 1
Thanks Rcvd at 3 Times in 3 Posts
barmaley Reputation: 0
Quote:
Originally Posted by Apuromafo View Post
the origen is :

https://join.eset.com/en/open-positions/malware-analyst
https://join.eset.com/en/challenges/crack-me
->

here a complete solution:
http://www.nullsecurity.org/article/eset_malware_anlyst_challenge
There is no info about what i ask. There are many descriptions on the net, but nowhere, what interests me
Reply With Quote
The Following User Says Thank You to barmaley For This Useful Post:
Indigo (07-19-2019)
  #7  
Old 03-29-2019, 11:31
Apuromafo Apuromafo is offline
Family
 
Join Date: Nov 2010
Location: Chile
Posts: 112
Rept. Given: 28
Rept. Rcvd 26 Times in 12 Posts
Thanks Given: 210
Thanks Rcvd at 168 Times in 60 Posts
Apuromafo Reputation: 26
Quote:
Originally Posted by barmaley View Post
There is no info about what i ask. There are many descriptions on the net, but nowhere, what interests me
but in complete solution...in what step are you?

1rst is prometeus, 2nd...is about unreferenced...etc..please be more specific ?

about remember there exist many cipher posible ror, xor, mod etc...
if not are in other solutions, is because not need decode that place :/
Reply With Quote
The Following User Says Thank You to Apuromafo For This Useful Post:
Indigo (07-19-2019)
  #8  
Old 07-27-2019, 22:40
unn4m3D_BR unn4m3D_BR is offline
Friend
 
Join Date: Mar 2012
Location: Inside any debugger
Posts: 12
Rept. Given: 27
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 33
Thanks Rcvd at 6 Times in 4 Posts
unn4m3D_BR Reputation: 0
I tried hard this crackme, but I figure out that I need to study more to solve it. I passed by the first part, downloaded the second file and I couldn't understand how it was injected on memory and how to start get the the passwords.

Although many sites has a solution explained I'm not feel well to only copy it and don't understand inside all tasks.

So, what do you thinks that I need focus on study to be able to understand and solve this crackme? My goal isn't only solve this, but feeling that I know what do and improve my skills with it.

Thanks in advance guys!

[]'s
Reply With Quote
  #9  
Old 08-20-2019, 07:10
NeOXOeN NeOXOeN is offline
Friend
 
Join Date: Jan 2005
Posts: 273
Rept. Given: 2
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 2
Thanks Rcvd at 18 Times in 18 Posts
NeOXOeN Reputation: 3
I wasnt able to solve a challenge.. i think tutorial will be posted soon.

bye N
Reply With Quote
  #10  
Old 08-28-2019, 08:07
unn4m3D_BR unn4m3D_BR is offline
Friend
 
Join Date: Mar 2012
Location: Inside any debugger
Posts: 12
Rept. Given: 27
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 33
Thanks Rcvd at 6 Times in 4 Posts
unn4m3D_BR Reputation: 0
Angry

Quote:
Originally Posted by NeOXOeN View Post
I wasnt able to solve a challenge.. i think tutorial will be posted soon.

bye N
You can find it easily bro. Just search for "eset crackme write up". My point about this crackme is... I know that I need study more, but I would like to have some suggestions on what kind of study I need focus on.

Reversing is amazing and huge area. In special, for this challenge I figured out several points to study more. The flare challenge is my goal at this moment. Finish these challenge make me a better reverser haha (I hope so)

[]'s
Reply With Quote
  #11  
Old 08-28-2019, 11:30
PriSim PriSim is offline
Friend
 
Join Date: Aug 2019
Location: system32
Posts: 15
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 2
Thanks Rcvd at 2 Times in 2 Posts
PriSim Reputation: 0
Quote:
Originally Posted by NeOXOeN View Post
I wasnt able to solve a challenge.. i think tutorial will be posted soon.

bye N
A good link for detailed and solved tutorials
https://forum.exetools.com/showpost.php?p=116649&postcount=5
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 16:57.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )