App 10
HI all
I have managed to patch app 10 :evil:
but the password it shows on the alert box seems to be wrong..
The password for HBH is TmljZSBUcnk=
54 68 61 74 20 69 73 20 6e 6f 74 20 74 68 65 20 70 61 73 73 77 6f 72 64 20 61 62 6f 76 65
I have checked the patched app in olly and it all seems ok..
any ideas..
the application shows an incorrect password because patching the program alters the original flow of itself… I think you must go through another way… in ollydbg just watch what the program do from 0040111A to 0040131F (I think it's not a spoiler) with a known password and see what is supposed to be in output…
I'll try and keep the spoilers to a minimum.
Assuming you're using Olly, you'll have a few things on hand. One of which is the hex string you're supposed to match… If you're like me, you used your hex editor and patched that string to make it match whatever garbage you typed into the app and cross-referenced with Olly. While the results weren't the password, they did clue us in on something just as useful. The encryption applied to our input is reversible – it can encrypt AND decrypt.
Now, armed with that knowledge, we can discover what kind of algorithm is being used to encrypt/decrypt our input. Don't overcomplicate this one, as it's really very basic.
Once you've got that last piece of information, it's simply a matter of taking the information we DO know, and using it to find what we don't.
I wrote myself a little C program to do the work for me, as I'm not all that speedy with binary math :)