You must be logged in to post a comment
korsader on 3:23 PM 06/07/2020:
Please enter the valid password: BXXGYYYBGIBXX
Good job on decrypting the password!
thx,bro!
korsader on 3:54 PM 06/07/2020: how can I decrypt my password???
ItzzMeGrrr on 3:23 AM 06/10/2020: How do you decrypt this "BGOTHXIY"? Can anyone help?
jeffli6789 on 8:45 AM 06/10/2020: code starting at 0x400418 is both executed as code and later used as the index into the string "BGOTHXIY". Nice one, thx!
flatdietsoda on 1:06 PM 06/10/2020: whats the password?
struggle on 3:36 AM 06/15/2020: BXXGYYYBGIBXX
Parad0x13 on 11:43 AM 06/15/2020: Password: BXXGYYYBGIBXX
Interesting approach to obfuscate indexing of the key BGOTHXIY with direct bytecode from the compiled binary
juansacco on 9:40 AM 07/06/2020: VAL: BXXGYYYBGIBXX
RCX: 0551777016055
Senken on 5:49 PM 07/08/2020: SPOILER ALERT!
Im pretty close, i know that the password consists of 13 letters from the following set: {B,G,O,T,H,X,I,Y} and that the password is made from getting the N th letter of the string bgothxiy (if b is letter 0) where n = *((_BYTE *)&loc_C00418 + v0) & 7
(
ghsi10 on 7:28 PM 08/08/2020: great one! thanks :)
ghsi10 on 7:29 PM 08/08/2020: @Senken, loc_C00418 is code but there is value for each opcode :)
Slaktaren on 10:31 AM 09/27/2020: Sneaky, really fun!
Password: BXXGYYYBGIBXX
Astronaut on 1:16 AM 11/15/2020: As a newbie, I haven't wasted my time on decryption. Only two NOPs worked for all passwords.
Onyx_Pl01t on 8:22 PM 12/28/2021: i'm pretty sure i am close to the answer but i am not getting the right answer. As i have understood, there is a data been called at 0x400418. I do not know what is it storing.
I know the length of the password is 13 and it involves the use of these letters namely B,G,O,T,H,X,I,Y.
The only thing i am not understanding is that 'decrypting' process. it is referring to the address of the unknown_var at 0x400418 which is of type BYTE and it is adding it to loop's counter.Then, it goes through a Bitwise AND with 7. The result is then used for indexing in the buffer ,holding "BGOTHYIX", so as to retrieve a specific letter from it and it compares it with the first letter of our password input and so on until reaching the 13th letter.
For example,
if *((_BYTE)&data_0x400418 + loop_counter) & 7) = 0 Then, the first letter of our input should be buffer[0] which is "B" and it goes on till finision.
i would like to know how you decrypt the buffer since i am not understanding it well.
lookkattme on 12:10 PM 01/30/2023: Nice RE for begginers (like me)
The answer:
There are values, starts in RSI. for each one of them do AND 7, the result is an index of the string BGOTHXIY
the indexes are 0,5,5,1,7,7,7,0,7,6,0,5,5 (13 total)
which result the string: BXXGYYYBYIBXX which is the password