Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-10-2019, 01:27
barmaley barmaley is offline
Friend
 
Join Date: Jan 2019
Posts: 3
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 1
Thanks Rcvd at 3 Times in 3 Posts
barmaley Reputation: 0
ESETCrackme2015

Hi all!

I have a question about some data from this task. When I reversed this crackme, I found in the module that is injected data block that is not referenced.
these blocks consist of printable characters.
example:
Code:
)}aL~POo%ruP(M$2OjCv+php5MU4wL#7_%hb6Y&=J:.:|sOBA]48(mZa;6C6S,fyK
Hef$ar9B,U(NJ$%EFd+6C)9jQKE}hjwFon8+gM(2D/OEKeoHf?|?t8731|%~9UYMs
d4ZhOtRu<js[RNbND86W)H(,[email protected][email protected]=2~4V<<1x!IfepLHa0OeBH?H
[email protected]*WV0oN!J_6lev[U==;[mEKI!ol!UKOUV1.1>n4|bU:C}T+O/>N&
]ntQueq0Vf.7k,!pD%-^<cbH]PsCt_}i*g-/=>K.qSnl/LL42&!:CG/Yx+K0kn<{k
z!+kv<}<dfyK1/TJVkgTzEf*&-eUF*dN1FZ7IQgu.nYn`k%>,[email protected]~y;Sd!|I
~XZvIku}6{i7ti#jGisn6uv$kT1/jsE%Kybot2m%-7d2WJ|G$6D)RUR[e;2#X1y5Z
B{7YOA>%N}:rdPh#kZkJ##P(y|NaYN0Da,[email protected]?Dh<Ml$>^SF!kcic?!~~1Y[pmD
pm(cZ,[/>;|jWbCjlg5R1pVa$,4S1|TfR%<|YhiDS2v.?K]v.8]EH(k~C8x=1{[)r
[email protected]$pPiP,By-Gpor^FwY2HhL|`Ll8i<]PP!qP!kPsSq(eP#27`3{1TW4mcoWz,sD,
-fyd8SwfH$Li9nGulkf%|]kc3/[email protected](bUzafxPFQN9Kk=ySbCZl!`cs$zO-
&:49U<6Y0(@htM0`
maybe someone knows what it is?) I suggested that this moded base91, but i think i was wrong.
Reply With Quote
The Following User Says Thank You to barmaley For This Useful Post:
Indigo (07-19-2019)
  #2  
Old 01-10-2019, 04:05
DARKER DARKER is offline
VIP
 
Join Date: Jul 2004
Location: Côte d'Ivoire
Posts: 236
Rept. Given: 13
Rept. Rcvd 90 Times in 35 Posts
Thanks Given: 2
Thanks Rcvd at 90 Times in 34 Posts
DARKER Reputation: 90
Maybe here is something about this?
https://quequero.org/2016/01/eset-crackme-challenge-2015-walkthrough/
Reply With Quote
The Following User Says Thank You to DARKER For This Useful Post:
Indigo (07-19-2019)
  #3  
Old 01-10-2019, 17:39
barmaley barmaley is offline
Friend
 
Join Date: Jan 2019
Posts: 3
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 1
Thanks Rcvd at 3 Times in 3 Posts
barmaley Reputation: 0
There are many different solutions in the internet, but nowhere about this
Reply With Quote
The Following User Says Thank You to barmaley For This Useful Post:
Indigo (07-19-2019)
  #4  
Old 03-14-2019, 07:28
contactmebyhere contactmebyhere is offline
Friend
 
Join Date: Nov 2017
Posts: 4
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 3
Thanks Rcvd at 9 Times in 4 Posts
contactmebyhere Reputation: 1
The new eset crackme is amazing btw!
Reply With Quote
The Following User Says Thank You to contactmebyhere For This Useful Post:
Indigo (07-19-2019)
  #5  
Old 03-14-2019, 09:10
Apuromafo Apuromafo is offline
Family
 
Join Date: Nov 2010
Location: Chile
Posts: 92
Rept. Given: 11
Rept. Rcvd 19 Times in 11 Posts
Thanks Given: 114
Thanks Rcvd at 137 Times in 52 Posts
Apuromafo Reputation: 19
the origen is :

https://join.eset.com/en/open-positions/malware-analyst
https://join.eset.com/en/challenges/crack-me
->

here a complete solution:
http://www.nullsecurity.org/article/eset_malware_anlyst_challenge

Last edited by Apuromafo; 03-14-2019 at 09:16.
Reply With Quote
The Following User Says Thank You to Apuromafo For This Useful Post:
Indigo (07-19-2019)
  #6  
Old 03-29-2019, 06:19
barmaley barmaley is offline
Friend
 
Join Date: Jan 2019
Posts: 3
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 1
Thanks Rcvd at 3 Times in 3 Posts
barmaley Reputation: 0
Quote:
Originally Posted by Apuromafo View Post
the origen is :

https://join.eset.com/en/open-positions/malware-analyst
https://join.eset.com/en/challenges/crack-me
->

here a complete solution:
http://www.nullsecurity.org/article/eset_malware_anlyst_challenge
There is no info about what i ask. There are many descriptions on the net, but nowhere, what interests me
Reply With Quote
The Following User Says Thank You to barmaley For This Useful Post:
Indigo (07-19-2019)
  #7  
Old 03-29-2019, 11:31
Apuromafo Apuromafo is offline
Family
 
Join Date: Nov 2010
Location: Chile
Posts: 92
Rept. Given: 11
Rept. Rcvd 19 Times in 11 Posts
Thanks Given: 114
Thanks Rcvd at 137 Times in 52 Posts
Apuromafo Reputation: 19
Quote:
Originally Posted by barmaley View Post
There is no info about what i ask. There are many descriptions on the net, but nowhere, what interests me
but in complete solution...in what step are you?

1rst is prometeus, 2nd...is about unreferenced...etc..please be more specific ?

about remember there exist many cipher posible ror, xor, mod etc...
if not are in other solutions, is because not need decode that place :/
Reply With Quote
The Following User Says Thank You to Apuromafo For This Useful Post:
Indigo (07-19-2019)
  #8  
Old 07-27-2019, 22:40
unn4m3D_BR unn4m3D_BR is online now
Friend
 
Join Date: Mar 2012
Location: Inside any debugger
Posts: 10
Rept. Given: 26
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 19
Thanks Rcvd at 3 Times in 3 Posts
unn4m3D_BR Reputation: 0
I tried hard this crackme, but I figure out that I need to study more to solve it. I passed by the first part, downloaded the second file and I couldn't understand how it was injected on memory and how to start get the the passwords.

Although many sites has a solution explained I'm not feel well to only copy it and don't understand inside all tasks.

So, what do you thinks that I need focus on study to be able to understand and solve this crackme? My goal isn't only solve this, but feeling that I know what do and improve my skills with it.

Thanks in advance guys!

[]'s
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 12:30.


��ICP��05004977��
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX