Question:
Reverse me and find a valid serial number!
flag : [A valid serial number]
Solution:
The given file is ASPacked which is pretty easy to unpack via Immunity Debugger:
- Step Into (F7) the first instruction pushad
- In the dump, below the disassembler, right-click and select Go to -> Expression (Ctrl+G)
- type esp and hit enter
- Select the first four bytes, right-click and select Breakpoint -> Hardware, on access -> Dword
- Select Debug -> Run (F9)
bottom status bar says “Hardware breakpoint 1″ - Step Into (F7) until retn to the OEP address
- right-click in the disassembler and select Analysis -> Analyse code (Ctrl+A)
Now we need to find the address of the function which works on the serial number. (00401199)
Then you should trace each character one from first and one from last in the serial number and make calculations to find the right serial number.
happy hunting!
No comments:
Post a Comment