Jump to content

Can You Crack It?


isitafox

Recommended Posts

Solving the code just takes you to that page, which then suggests going to the website to apply. As far as I know the code is just marketing, it doesn't benefit your application. I was hoping you get flashy lights and stuff.

I didnt solve the code, I am trying though.

Link to comment
Share on other sites

Isn't that some message written in a hexadecimal system? Or is there more to it?

Doesn't convert from a hex convertor I found on Google, which is when I realised I couldn't be bothered to try others. Does look very similar though.

EDIT: Ignore the crap out of me. It's quite clearly hex. I was trying to convert straight to ASCii and that doesn't work. You can convert to decimal, but then you're left with a big load of numbers from 0-255 which is hardly more helpful!

Edited by JDâ„¢
Link to comment
Share on other sites

//

#include <stdio.h>

#include <stdint.h>

#include <malloc.h>

#include <stdlib.h>

#include <errno.h>

#include <string.h>

#include <time.h>

#include <sys/types.h>

#include <sys/mman.h>

#include <sys/utsname.h>

static char part1[] = {

0xeb, 0x04, 0xaf, 0xc2, 0xbf, 0xa3, 0x81, 0xec, 0x00, 0x01, 0x00, 0x00, 0x31, 0xc9, 0x88, 0x0c,

0x0c, 0xfe, 0xc1, 0x75, 0xf9, 0x31, 0xc0, 0xba, 0xef, 0xbe, 0xad, 0xde, 0x02, 0x04, 0x0c, 0x00,

0xd0, 0xc1, 0xca, 0x08, 0x8a, 0x1c, 0x0c, 0x8a, 0x3c, 0x04, 0x88, 0x1c, 0x04, 0x88, 0x3c, 0x0c,

0xfe, 0xc1, 0x75, 0xe8, 0xe9, 0x5c, 0x00, 0x00, 0x00, 0x89, 0xe3, 0x81, 0xc3, 0x04, 0x00, 0x00,

0x00, 0x5c, 0x58, 0x3d, 0x41, 0x41, 0x41, 0x41, 0x75, 0x43, 0x58, 0x3d, 0x42, 0x42, 0x42, 0x42,

0x75, 0x3b, 0x5a, 0x89, 0xd1, 0x89, 0xe6, 0x89, 0xdf, 0x29, 0xcf, 0xf3, 0xa4, 0x89, 0xde, 0x89,

0xd1, 0x89, 0xdf, 0x29, 0xcf, 0x31, 0xc0, 0x31, 0xdb, 0x31, 0xd2, 0xfe, 0xc0, 0x02, 0x1c, 0x06,

0x8a, 0x14, 0x06, 0x8a, 0x34, 0x1e, 0x88, 0x34, 0x06, 0x88, 0x14, 0x1e, 0x00, 0xf2, 0x30, 0xf6,

0x8a, 0x1c, 0x16, 0x8a, 0x17, 0x30, 0xda, 0x88, 0x17, 0x47, 0x49, 0x75, 0xde, 0x31, 0xdb, 0x89,

0xd8, 0xfe, 0xc0, 0xcd, 0x80, 0x90, 0x90, 0xe8, 0x9d, 0xff, 0xff, 0xff, 0x41, 0x41, 0x41, 0x41,

};

// code to dump the decrypted memory:

static const char dump_mem[] = {

0xba, 0x31, 0x00, 0x00, 0x00, // mov edx, 0x40

0x8d, 0x4f, 0xce, // lea ecx, [edi-0x32]

0x31, 0xdb, // xor ebx, ebx

0x43, // inc ebx (stdout)

0x31, 0xc0, // xor eax, eax

0xb0, 0x04, // add al, 0x4 - sys_write

0xcd, 0x80, // int 0x80

0x31, 0xdb, // xor ebx,ebx

0x43, // inc ebx

0x31, 0xd2, // xor edx,edx

0x42, // inc edx

0x68, 0x0a, 0x00,0x00, 0x00, // push 0xa

0x8d, 0x0c, 0x24, // lea ecx,[esp]

0xb8, 0x04, 0x00,0x00, 0x00, // mov eax, 0x4

0xcd, 0x80, // int 0x80 - sys_write

0x31, 0xdb, // xor ebx,ebx

0x31, 0xc0, // xor eax,eax

0x40, // inc eax

0xcd, 0x80, // int 0x80 - sys_exit

};

uint32_t patch_mem(char *ptr, size_t size)

{

uint32_t i;

for (i = 0; i < size; i++) {

if (*(uint16_t *)&ptr == 0x80cd) {

*(uint16_t *)&ptr = 0x45eb;

return 0;

}

}

return 1;

}

uint32_t check_arch(void)

{

struct utsname kernel_info;

uname(&kernel_info);

return strcmp(kernel_info.machine, "i686") ? 1 : 0;

}

int main(int argc, char **argv)

{

void *mem;

if (check_arch()) {

printf("[-] this program must run on a 32-bit architecture\n");

return 1;

}

printf("[*] allocating page aligned memory\n");

mem = memalign(4096, 4096);

if (!mem) {

printf("[-] error: %s\n", strerror(errno));

return 1;

}

memset(mem, 0, 4096);

printf("[*] setting page permissions\n");

if (mprotect(mem, 4096, PROT_READ | PROT_WRITE | PROT_EXEC)) {

printf("[-] error: %s\n", strerror(errno));

return 1;

}

printf("[*] copying payload\n");

memcpy(mem, part1, sizeof(part1));

memcpy(mem + sizeof(part1), part2, sizeof(part2));

memcpy(mem + sizeof(part1) + sizeof(part2), dump_mem, sizeof(dump_mem));

printf("[*] adding dump_mem payload\n");

if (patch_mem(mem, sizeof(part1))) {

printf("[-] failed to patch memory\n");

return 0;

}

printf("[*] executing payload..\n\n");

((int(*)(void))mem)();

return 0;

}

giving you the answer

Pr0t3ct!on#cyber_security@12*12.2011+

Jai Ashwell Resident coder at w...

  • Like 2
Link to comment
Share on other sites

  • 9 months later...

Yeah me too! I think I had one extra semi-colon in the code but close enough rolleyes.gif

yes i see that , i think your solution is a little better than mine ........thank you

I got the same answer as JAI so we must be right?

High five clearly ......maybe i should have multi posted but im new let me off 1 time

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...