Hello - 100
You can easily find that there has variable call flag
Go to hex view
Hidden password - 100
After type whatever password you like, you can use cheat engine to search the process
Answer is? - 100
Same with previous question
Shield - 150
HelloRevenge - 200
Just a simple memory search skills.
Input Please give me the flag , and search 1 in cheat engine.
keep increase the solved times, and search the value in cheat engine.
Finally, we got HelloRevenge.vmp.exe+1F2E0 save the solved times. We can change the value to 13333337, and input Please give me the flag one more times, and you will get the flag.
Unbreakable shell - 225
We can see that the program are protected by UPX.
But it is such a weak protection. You can download the tools to unpack : https://mega.nz/#F!OAx0wL7K!gLPZh7pkMv7d8as5serOmg!XdphxZiS
After unpack, you can see the real entry point is in 0x00401280, so, we can set a break point in that address, and run the program. After that, we can unpack the shell.
And you are able to search strings now.
After have some analysis, i think that 0x40138e is the main comparison point.
So, i decide to try patch jnz to jz. And set a break point here to see the effect.
Be First to Comment