Guru's Blog

Download nhạc từ các trang nhạc lớn của Việt Nam

« All hellboundhackers JavaScript challeng... | Trang chủ | hellboundhackers Realistic Missions 1,2 »

19 Tháng Sáu 2007

@ 03:04

All hellboundhackers Application Missions

(Được đăng bởi: Phạm Đức Hải)

Application :

app1:
OllyDbg
0012F3E8   00403F22 RETURN to app1.00403F22 from MSVBVM60.__vbaStrCmp
0012F3EC   0040380C UNICODE "g7*2+'&1,3"
0012F3F0   0015578C UNICODE "1234567"
-->g7*2+'&1,3 -->frozenIce

app2 : ASCDEMO
pass word is suffix

app3:
Replace : ihavnolife -->icrackedit
PASS : 88PARROT24

app4:OllyDbg
0012F3E8   0040BCE2 RETURN to password.0040BCE2 from MSVBVM60.__vbaStrCmp
0012F3EC   00407514 UNICODE "livebox"
0012F3F0   001556BC UNICODE "1234567"
livebox --> Atmosphere

app5:OllyDbg
004020FB   . BA A01C4000    MOV EDX,app5.00401CA0                    ; UNICODE "ASDTY-"
00402135   . BA B41C4000    MOV EDX,app5.00401CB4                    ; UNICODE "XYXEW-"
0040213F   . BA C81C4000    MOV EDX,app5.00401CC8                    ; UNICODE "NUPCY"
XVI32:
Replace : XXXXX-XXXXX-XXXXX
ASDTY-XYXEW-NUPCY
google : Visual Basic ampersand
Replace button label :Enter -->E&ter
Alt+t -- >1013283

app6:
0012F96C   0040AA23 RETURN to app6.0040AA23 from MSVBVM60.__vbaStrCmp
0012F970   00409354 UNICODE "bah"
0012F974   00155E34 UNICODE "1234567"
bah -->regedit32

app7:
0012F418   00408787 RETURN to app7.00408787 from MSVBVM60.__vbaStrCmp
0012F41C   004034D0 UNICODE "jonn4y"
0012F420   0015B9FC UNICODE "12345"
--> user : jonn4y

C2 : Search for text:
0040877C   . 68 D0344000    PUSH app7.004034D0                       ; UNICODE "jonn4y"
004087EC   . 68 E4344000    PUSH app7.004034E4                       ; UNICODE "vb6"
00408A6A   . 68 54364000    PUSH app7.00403654                       ; UNICODE "Password: screwdriver"

app8:

Replace time : 1000 to 9999
Replace Enter to E&ter
OllyDbg :
0012FB24   001557D4 UNICODE "19gas482"
Replace:
Password
19gas482
change : Box --> 00 00 00 (in HEX)
--> pass : 1337Crack8055

app9:
input : test/123456
00401306 |. BF 16314000    MOV EDI,crackme1.00403116                ; ASCII "F71B995B"
00401306 |. BF 16314000    MOV EDI,crackme1.00403116                ; ASCII "FD7CE950"
--> pass : Alias

app10:
00401475 |. BE 7E304000    MOV ESI,crackme2.0040307E                ; ASCII "6032F9CE9BA8D6E1"
Input : 123456
00401155 |. BF 4A314000    MOV EDI,crackme2.0040314A                ; ASCII "2265A988CBEABA98"
==> 123456 <-> 2265A988CBEABA98
6032F9CE9BA8D6E1 --> pass encoded
Set break point :
00401475 |. BE 7E304000    MOV ESI,crackme2.0040307E                ; ASCII "6032F9CE9BA8D6E1"
--> F7
00401484 |. F3:A6          REPE CMPS BYTE PTR ES:[EDI],BYTE PTR DS:>
ECX=00000010 (decimal 16.)
DS:[ESI]=[0040307E]=36 ('6')
ES:[EDI]=[0040314A]=32 ('2')
--------
6032F9CE9BA8D6E1
60 :
32 :
F9 : c
CE :
9B : e
9B :
A8 :
D6 :
E1 :
abcdefgh
0040147A |. BF 4A314000    MOV EDI,crackme2.0040314A                ; ASCII "7235F9D89BBADDF0"
ijklmnop
0040147A |. BF 4A314000    MOV EDI,crackme2.0040314A                ; ASCII "7A3DF1D093B2D5E8"
qrstxyzw
0040147A |. BF 4A314000    MOV EDI,crackme2.0040314A                ; ASCII "6225E9C886A5C0EF"

app11:
PEiD.exe --> check
--> C# code
Reflector.exe
--> decode
   text29   "To Dead To Hide"   string
   text27   "Strong Witted"   string
Pass : Strong Witted

« All hellboundhackers JavaScript challeng... | Trang chủ | hellboundhackers Realistic Missions 1,2 »

Ý kiến [5] - Chuyên mục: Giải trí | Hack | war game

Bài viết liên quan:
ASPXspy 2.0 by Bin (rootkit.net.vn)
Flood file, text ... vấn đề nguy hiểm chưa được quan tâm
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass
Simple Python remote command
Tấn công File Inclusion (File Inclusion Attacks)
Nội dung hội thảo "Ngày an toàn thông tin 26/11/2008"