Posted: Wed Sep 03, 2008 5:53 am Post subject: cracktis
4 letter password, figure it out.
Also, there is a chance it will stall instead of giving the failure message if the password is wrong. _________________
Mutilated lips give a kiss on the wrist of the worm-like tips of tentacles expanding in my mind
I'm fine accepting only fresh brine you can get another drop of this yeah you wish
xor 4010DC (DWORD Value: 0x2B49530D) with 0x6B696B65 to change the bytes to "push 402038", the good boy, notice the next instruction is call dword ptr ds:[402013], which is printf. (result would be "printf("ur winz!")")
At 4010BD there's an hidden opcode, if you NOP the first byte you'll notice that it's actually "MOV EAX,DWORD PTR DS:[402047]", you can also notice that the call to 401073 returns to 4010BE instead of 4010BD.
There's also an exception handler that prints "ur failz" (the bad boy message), so in case there's an exception (because of xor'ing the memory with the password) it prints ur fails.
The password is:
ekik
XOR 0x2B49530D (OR EAX,2B4953 at 4010DC) with 0x6B696B65 ("ekik") = 0x40203868. (PUSH 402038)
Mutilated lips give a kiss on the wrist of the worm-like tips of tentacles expanding in my mind
I'm fine accepting only fresh brine you can get another drop of this yeah you wish
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You cannot download files in this forum