App 7

Learn to reverse engineer through some common application security methods.
Forum rules
DO NOT POST ANSWERS OR SPOILERS! [IE: Mission Links, Mission File Names/Pages, Scripts/Code, etc.]

Posting these will result in warnings/bans!

Re: App 7

Post by haha01haha01 on Thu Jun 18, 2009 5:21 pm
([msg=25571]see Re: App 7[/msg])

It seems like the developers like adding useless code around things to make it harder to understand... both here and in mission 17 the encryption algorithm was extremely simple, but there were tons of useless loops and encryptions around it that do nothing.
There are 11 types of people in the world - those who understand binary, those who don't and those who already heard this joke.
User avatar
haha01haha01
Poster
Poster
 
Posts: 134
Joined: Tue Jan 13, 2009 10:08 am
Location: HackThisSite.org
Blog: View Blog (0)


Re: App 7

Post by OnlyHuman on Tue May 18, 2010 7:53 am
([msg=38759]see Re: App 7[/msg])

Sorry to bump such an old thread, but I wanted to clear something up for myself. I wound up writing a bruteforcer/keygen combo for this, externally in C, using the decompiled code as a guide. Unfortunately, the code I wrote didn't produce the exact result, and I sort of passed this mission solely on blind luck, a little ingenuity, and by modifying a single MOV instruction. I know that there's much more to be learned from doing this the right way, and I would really like to know where my code went wrong. If anybody has the time to look it over, and help me correct it, that would be great. Thanks in advance.
OnlyHuman
Poster
Poster
 
Posts: 191
Joined: Sat Aug 22, 2009 1:37 am
Blog: View Blog (0)


Re: App 7

Post by st0w on Sat Jun 19, 2010 7:15 pm
([msg=40480]see Re: App 7[/msg])

While this can be bruteforced, it's a lot more fun to actually figure it out. Not to mention meaningful - the point of these challenges is to work on reversing and code analysis, rather than just to whip up a script that finds the answer for you. While definitely a step above the first six in difficulty, I found this one to be a lot of fun to solve.

As someone has mentioned, one important part of this one is to start at the point where the password is displayed and work backwards. You'll see a conditional jump. Look at the condition which triggers the jump into the routine that displays the password. Think about how to make that condition work in a manner you want it to work. How can you do that? What determines it? How can you control the variables that go into that condition? Where do those variables come from? Trace them throughout the disassembly and it should help you to focus on which parts of the code are important, and which aren't. There's excess cruft in there, which is good - things you'll deal with in the real world won't be simple and straight-forward.

Binary math is a necessary skill to have in this field. This challenge helps you work on it.

If you have access to it, IDA is really helpful with this one...
st0w
New User
New User
 
Posts: 3
Joined: Sat Jun 19, 2010 7:04 pm
Blog: View Blog (0)


Re: App 7

Post by terranigma on Mon Jun 21, 2010 2:16 pm
([msg=40547]see Re: App 7[/msg])

sorry, this post was intended for prog 7..
terranigma
New User
New User
 
Posts: 4
Joined: Thu Jun 17, 2010 6:53 pm
Blog: View Blog (0)


Re: App 7

Post by vjsmoreira on Thu Aug 11, 2011 11:04 am
([msg=60790]see Re: App 7[/msg])

Yep. I finally finish it after 1 week. Only now I see the tip 0x2F1. I've created a little ruby script to achieve this value, after understand the algorithm, witch is very basic (now).
vjsmoreira
New User
New User
 
Posts: 2
Joined: Mon Feb 07, 2011 7:00 pm
Blog: View Blog (0)


Re: App 7

Post by mainhax on Mon Aug 15, 2011 2:40 am
([msg=60910]see Re: App 7[/msg])

haha01haha01 wrote:It seems like the developers like adding useless code around things to make it harder to understand... both here and in mission 17 the encryption algorithm was extremely simple, but there were tons of useless loops and encryptions around it that do nothing.


Wow. You obviously don't know how an optimizing compiler works. Are you sure it's "useless"? Most compilers are extremely good at optimizing.
mainhax
New User
New User
 
Posts: 3
Joined: Tue Aug 31, 2010 6:15 am
Blog: View Blog (0)


Re: App 7

Post by Senegra on Thu Feb 21, 2013 7:41 pm
([msg=73957]see Re: App 7[/msg])

Hi,

I see there have been no new posts for a while so i thought i would give a few pointers for those stuck in app7...

First off, what is this mission about... That's what i think is essential for new learners like me...

This is a decryption application that decrypts a file. There are many ways to get the password to pass this level but i think the objective is to understand how these decryption algorithms work.

I'm not sure if my explanation isn't a spoiler so... if moderators remove this post it is understandable.

First thing is to decrypt a file we need a key and i say key and not password. So What key is used??? If we need to enter a password probably the key comes from 'playing around' with that password and the result of that is our key... So see what happens to the password you enter....

Second thing is to decrypt the the file, the application will do that for you so no problem there.
But how to know if the decryption was successful? Well there's something called a check-sum. The check-sum takes some part of the file or some key codes or whatever... and transforms it to a code and it does this e few times around.... and with those codes and the key obtained from our password we get a new Key a check-sum key to compare to a fixed key and if they match it's because we entered the correct key...

I know it sounds complicated and confusing but i didn't want to give it away just wanted to help others pointing them in the right direction.

Just one more thing... i needed to do some binary calculations and the best way is to do them on paper!!!! if you try to use a calculator you might miss an important piece of the puzzle.

Good Luck and i hope i didn't give it away.
Senegra
New User
New User
 
Posts: 3
Joined: Thu Mar 22, 2012 1:22 pm
Blog: View Blog (0)


Re: App 7

Post by dibyasundarit on Mon Jun 24, 2013 5:58 am
([msg=76234]see Re: App 7[/msg])

hey i solve the problem by brute-forcing the app.

Can it be solved without by brute-forcing?


if yes show me some direction and what i should learn more to solve it without brute-force
dibyasundarit
New User
New User
 
Posts: 3
Joined: Mon Jun 10, 2013 12:44 am
Blog: View Blog (0)


Previous

Return to Application

Who is online

Users browsing this forum: No registered users and 0 guests