Hi there,

I've been working on a site that has hacking challenges and in one challenge there is a small application where you need to determine the password, in order for it to spit out the actual password you need to pass the level.

I've used OllyDBG to manipulate the code, and this is what I have so far:  (I am new so maybe this is all wrong)



-Red is my break point after typing something in
-Grey line I am pretty sure what I typed in (test) is being moved to EAX  (A pointer to what I typed in maybe?)
-Highlighted line, I believe that pointer (I don't even know if that's what that is) is what contains the actual needed password, because if you mismatch them it doesn't jump and continues on to say invalid password.


I tried changing the MOV to move in that data that I suspect, and it DOES then take the jump then, but I get lost after that because it goes through a bit more code before returning back to tell me invalid password...


I hope this makes sense...I can provide the EXE if anyone wants, I didn't post it because I suspect people don't want strange EXE files lol.

Thanks.
Posted on 2008-03-04 12:50:38 by dopamine
I'm sorry but reversing is not so in our rules even if it's legitimate reversing as your crackme is.

For reversing matters please visit the Newbie forum at Woodmann's or the Reverse Enginering Community.

Topic Locked.
Posted on 2008-03-04 13:18:42 by JimmyClif