App 10 dead or its me!
It's been a while since I did these but, in some of them, there's a concern with placing your jumps. If your jumps skip any of the data manipulation, you'll get to the part that says "Your HBH pass is", but it will be with a "partial" value. Also, make sure you're changing the right jumps, not just the first one you notice.
Zephyr_Pure wrote: It's been a while since I did these but, in some of them, there's a concern with placing your jumps. If your jumps skip any of the data manipulation, you'll get to the part that says "Your HBH pass is", but it will be with a "partial" value. Also, make sure you're changing the right jumps, not just the first one you notice. I didn't make any modification with the jumps.. I just did obtain the text I should enter in the box in order to get the password for hbh. the comparison was being made with some value.. & i did obtain right values I should put for that comparison to be true.. I mean, for 60 I put s & likewise. But that didn't work.
xplizion wrote: well I didn't really changed any jumps, I just kind of "bruteforced" (if you can call it like that) the password. And when I enter this password the program gives me the following message: "The password for HBH is s*******" so I fill this in in HBH and it doesn't work. Did u try ok & go click again and again in the app after entering the first pass.. I got another pass but that too didn't work in hbh..
Zephyr_Pure wrote: [quote]xplizion wrote: well I didn't really changed any jumps, I just kind of "bruteforced" (if you can call it like that) the password.
How did you "bruteforce" the password?[/quote] Probably I did like him.. But it was obvious. It is not really bruteforcing.. I mean it was so easy to get the password by guessing.. By just looking what was happening to the input we are giving & with what value was our value being compared, I got the password within few minutes of trying.
xplizion wrote: hence the "'s around my Bruteforce :)
And that's not how you explained it… hence the question. Fancy terms are handy for show but, when you're providing details, be accurate or it will be hard for people to help.
If all you did to the application was set breakpoints / watches, then it should give you the correct password… if you didn't modify the application in any way. To be sure, try downloading the app again and, without even opening it in OllyDbg or your prog of choice, use the same password you used to solve it. If that still yields the same answer for the HBH password, then it's possible that the challenge is just broken.
I was not "showing off" with nice terms, since I put the quotes and the ()… I just didn't know how else to call it. We can go on about this, but I don't think this changes anything to the fact that I said that I didn't change any jumps.
About downloading it again, I tried this already before posting here to be really sure. But this gives the same result.
Thanks for taking the time to answer here.
xplizion wrote: I just didn't know how else to call it. We can go on about this, but I don't think this changes anything to the fact that I said that I didn't change any jumps.
You don't have to "call it" anything. It doesn't change the fact that you said that you didn't change any jumps. My point is that you didn't explain what you did to solve it, either. It's not necessary for you to have a retort to this concept every time I try to make you aware of it… When people are trying to help you, don't cut corners; it just makes it more difficult for them to help you. I'm not nitpicking without reason, and it's advice… treat it as such.
About downloading it again, I tried this already before posting here to be really sure. But this gives the same result.
Another example of how time could've been saved if all of the info was available upfront.
Thanks for taking the time to answer here.
No problem.