Follow us on Twitter!
One mans freedom fighter, another's terrorist.
Thursday, April 17, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 18
Guests Online: 18
Members Online: 0

Registered Members: 82813
Newest Member: VesuviusSentinel
Latest Articles
View Thread

HellBound Hackers | Challenges | Application Cracking

Author

App 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 28-07-06 02:49
So i thought i had thought of a really EASY way of doing this. A straight up memory search. At somepoint the number has to be loaded to memory so why can't i just find a double between 1 and 10?

So i started with Quick Memory Search, mostly because it is more flexiblilty than alot of other tools. But i've switched back over to Tsearch because it doesn't limit my results. So i sift through memory with Tsearch looking for doubles and floats between 1 and 10. I did find some, about 140 (this is a very low number for Tsearch...i usually get like 50-60 thousand). But here's the rub, i can't know which is the password.

Also, when i enter the password into the cmd screen it behaves very strangely. Like my syntax is wrong.

If i enter a whole number 1-10 it gives me the error message saying goodbye.

If i enter a word, it just terminates.

And if i enter a decimal X.XXXXX it terminates.

Am i doing something syntactically wrong with this app?
Author

RE: App 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 28-07-06 03:12
>>If i enter a word, it just terminates.
>>And if i enter a decimal X.XXXXX it terminates.

The input variable is probably an int(no floats or chars). There are two ways I did it. First you can write something to go through all the options and output the answer for each number you enter. Also, you can look and see what its actually looking for in the asm.
Author

RE: App 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 28-07-06 21:43
I'd write a write a program whether it be in C or JAVA but i'm not sure how to interface with the program. I.e how do i provide arguments to the program and pull output from the console. If this was a UNIX program i could probably interface with it, but i'm not sure with Win32.
Author

RE: App 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 30-07-06 04:23
If C, try CreateProcess() and WaitForSingleObject() to make sure the process ends before doing the next. You could also make a batch file and pipe the input and put the results and the corredsponding input numbers in a file.
Author

RE: App 12


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-11-06 03:28
he means one to ten chars, not number 1 - 10


Author

RE: app cracking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-02-07 07:24
If you want crack this app, you need just olly debugger and hex decoder. CMP is used to check if are two variables the same. Look, which variables are checked near the string, which is saying "congratz", one variable is that where did you write your answer and second one is with the right answer (I am sorry, if my post has any spoilers, if it has, just erase it)
Author

RE: App 12

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 06-02-07 16:03
Exactly ^^. And remember the value isn't between 1 and 10 (then it would be far to easy to bruteforce) but the password is a number with 1-10 digits Wink


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/