13 replies to this topic

[joakim]

Here's a custom compiled program that was supposed to decrypt a message and write the decrypted key to a file in current directory. But someone changed the program so it does not work the way it should. Can you modify the program to make it write the decrypted key?

Note:
The size of the executable is so big because it is a compiled AutoIt script. But hey that is the whole fun in this task. It is not a very difficult challenge and by solving this you will get a better understanding of how compiled AutoIt scripts work (at least I did when creating the challenge). The correct key will be of 10 alpha characters.

Try it here.

Attached Files

•  challenge_18.zip   525.48KB   18 downloads

[joakim]

Just beware that I made custom pe-header, and it turns out some anti-virus (Symantec in this case) don't like it. How stupid is anti-virus really?

Do you want me to reupload the file with a more anti-virus friendly pe-header?


Edit: It turn out I need to rewrite most of the challenge (so it's no challenge any longer), so I hope you can live with this or trust me. Sorry.

[Holmes.Sherlock]

Edit: It turn out I need to rewrite most of the challenge (so it's no challenge any longer), so I hope you can live with this or trust me. Sorry.

Sure, we trust you.

[Holmes.Sherlock]

Original post updated with a a link to try out the challenge.

[Icecube]

I get this warning:

I have my doubts that the output file is decrypted.. Please change strategy.

Does this mean that the first step I did, shouldn't be done or does it just mean that additional modifications are necessary?

[joakim]

I get this warning:

Does this mean that the first step I did, shouldn't be done or does it just mean that additional modifications are necessary?

By first step, I suppose you mean decompress. That's a must. Then that messagebox was just meant as an indication that something more or different must be done in order to activate the decryption of.... Think of this executable as somewhat similar to the one you had in your first challenge, but don't forget this is AutoIt. Do not (yet) try disassembling. Try other tools instead.

[Icecube]

Is the way to activate the decryption inside the binary? At what I currently have, there is not much code.

[joakim]

Is the way to activate the decryption inside the binary? At what I currently have, there is not much code.

Good question. If by binary you mean the exe itself, then yes. If you complain about little code, then maybe something is not initialized..

[Icecube]

I didn't understand the program I was using. Now I get more than 2 lines of code .

[joakim]

When properly decrypting, it certainly is more than 2 lines of code..

[Icecube]

When properly decrypting, it certainly is more than 2 lines of code..

Yeah. But the program with which you can retrieve it, was not very intuitive, IMHO.

BTW, I found the solution. I could have solved it yesterday if I stayed awake a few minutes longer. It took only five minutes today to solve it.

P.S.: Nice challenge

[joakim]

Very good!

[Icecube]

Was nobody else able to solve it? Should I post the solving steps?

[Holmes.Sherlock]

Was nobody else able to solve it?

Answer to these type of queries will be made available in the challenge portal by few days.