Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

App 12

  1. Home
  2. Forum
  3. Application Cracking
  4. App 12

ghost's Avatar

ghost

0 0

So i thought i had thought of a really EASY way of doing this. A straight up memory search. At somepoint the number has to be loaded to memory so why can't i just find a double between 1 and 10?

So i started with Quick Memory Search, mostly because it is more flexiblilty than alot of other tools. But i've switched back over to Tsearch because it doesn't limit my results. So i sift through memory with Tsearch looking for doubles and floats between 1 and 10. I did find some, about 140 (this is a very low number for Tsearch…i usually get like 50-60 thousand). But here's the rub, i can't know which is the password.

Also, when i enter the password into the cmd screen it behaves very strangely. Like my syntax is wrong.

If i enter a whole number 1-10 it gives me the error message saying goodbye.

If i enter a word, it just terminates.

And if i enter a decimal X.XXXXX it terminates.

Am i doing something syntactically wrong with this app?


ghost's Avatar

ghost

0 0

>>If i enter a word, it just terminates. >>And if i enter a decimal X.XXXXX it terminates.

The input variable is probably an int(no floats or chars). There are two ways I did it. First you can write something to go through all the options and output the answer for each number you enter. Also, you can look and see what its actually looking for in the asm.


ghost's Avatar

ghost

0 0

I'd write a write a program whether it be in C or JAVA but i'm not sure how to interface with the program. I.e how do i provide arguments to the program and pull output from the console. If this was a UNIX program i could probably interface with it, but i'm not sure with Win32.


ghost's Avatar

ghost

0 0

If C, try CreateProcess() and WaitForSingleObject() to make sure the process ends before doing the next. You could also make a batch file and pipe the input and put the results and the corredsponding input numbers in a file.


ghost's Avatar

ghost

0 0

he means one to ten chars, not number 1 - 10


ghost's Avatar

ghost

0 0

If you want crack this app, you need just olly debugger and hex decoder. CMP is used to check if are two variables the same. Look, which variables are checked near the string, which is saying "congratz", one variable is that where did you write your answer and second one is with the right answer (I am sorry, if my post has any spoilers, if it has, just erase it)


Uber0n's Avatar

Uber0n

Member
0 0

Exactly ^^. And remember the value isn't between 1 and 10 (then it would be far to easy to bruteforce) but the password is a number with 1-10 digits ;)