Author:
raxer

Language:
C/C++

Upload:
2:04 AM 06/02/2020

Download

Platform
Windows

Difficulty:
1.5

Quality:
4.0

Arch:
x86-64

Description

Beginner friendly, no bytepatching. CRT was disabled for the most part so that it's easier to follow the code during static analysis.

• Comments
• Solutions

korsader on 3:23 PM 06/07/2020: Please enter the valid password: BXXGYYYBGIBXX Good job on decrypting the password! thx,bro!

korsader on 3:54 PM 06/07/2020: how can I decrypt my password???

ItzzMeGrrr on 3:23 AM 06/10/2020: How do you decrypt this "BGOTHXIY"? Can anyone help?

jeffli6789 on 8:45 AM 06/10/2020: code starting at 0x400418 is both executed as code and later used as the index into the string "BGOTHXIY". Nice one, thx!

flatdietsoda on 1:06 PM 06/10/2020: whats the password?

struggle on 3:36 AM 06/15/2020: BXXGYYYBGIBXX

Parad0x13 on 11:43 AM 06/15/2020: Password: BXXGYYYBGIBXX Interesting approach to obfuscate indexing of the key BGOTHXIY with direct bytecode from the compiled binary

juansacco on 9:40 AM 07/06/2020: VAL: BXXGYYYBGIBXX RCX: 0551777016055

Senken on 5:49 PM 07/08/2020: SPOILER ALERT! Im pretty close, i know that the password consists of 13 letters from the following set: {B,G,O,T,H,X,I,Y} and that the password is made from getting the N th letter of the string bgothxiy (if b is letter 0) where n = *((_BYTE *)&loc_C00418 + v0) & 7 (

ghsi10 on 7:28 PM 08/08/2020: great one! thanks :)

ghsi10 on 7:29 PM 08/08/2020: @Senken, loc_C00418 is code but there is value for each opcode :)

Slaktaren on 10:31 AM 09/27/2020: Sneaky, really fun! Password: BXXGYYYBGIBXX

Astronaut on 1:16 AM 11/15/2020: As a newbie, I haven't wasted my time on decryption. Only two NOPs worked for all passwords.

Onyx_Pl01t on 8:22 PM 12/28/2021: i'm pretty sure i am close to the answer but i am not getting the right answer. As i have understood, there is a data been called at 0x400418. I do not know what is it storing. I know the length of the password is 13 and it involves the use of these letters namely B,G,O,T,H,X,I,Y. The only thing i am not understanding is that 'decrypting' process. it is referring to the address of the unknown_var at 0x400418 which is of type BYTE and it is adding it to loop's counter.Then, it goes through a Bitwise AND with 7. The result is then used for indexing in the buffer ,holding "BGOTHYIX", so as to retrieve a specific letter from it and it compares it with the first letter of our password input and so on until reaching the 13th letter. For example, if *((_BYTE)&data_0x400418 + loop_counter) & 7) = 0 Then, the first letter of our input should be buffer[0] which is "B" and it goes on till finision. i would like to know how you decrypt the buffer since i am not understanding it well.

You must me logged to submit a solution