Reverse Engineering

Tryhackme - Reverse Engineering

crackme1

hint :- did you check the strings stored in the executable?

./crackme1.bin

chmod 777 crackme1.bin

Now I have the answer.

strings crackme1.bin

Let’s debug,

r2 -d ./crackme1.bin

and ..Analyze command - aaa then afl is list of functions and There’s a main function.

There’s password declaration and strcmp function.

pdf @main

Let’s look into variable’s value.

Set breakpoint at strcmp

db 0x56163a9737c7

dc

pdf @main

Now I have breakpoint.

px @ rsi

There’s a password.

#1 :- what is the correct password?

Answer :- hax0r

crackme2

Run the program

./crackme2.bin

strings ./crackme2.bin

Let’s debug,

r2 -d ./crackme2.bin

There’s a main function.

There’s comparison with value.

Convert from hexa to decimal

#2 :- What is the correct password?

Answer :- 4988

crackme3

Run the program

./crackme3.bin

Let’s debug

dc

pdf @main

Run another step.....

pdf @main

Let’s check the value

Variable “var28_h” is “rbp-0x28”.

px @ rbp-0x28

I just try to answer this and it’s correct.

#3 :- What are the first 3 letters of the correct password?

Answer :-azt

Comments

TryHackMe - Windows Fundamentals 2 Task 1 Introduction #1 :- Read above and start the virtual machine. Answer :- No Answer Needed Task 2 System Configuration #2.1 :- What is the name of the service that lists Systems Internals as the manufacturer? Answer :- PsShutdown #2.2 :- Whom is the Windows license registered to? Answer :- Windows User #2.3 :- What is the command for Windows Troubleshooting? Answer :- C:\Windows\System32\control.exe /name Microsoft.Troubleshooting #2.4 :- What command will open the Control Panel? (The answer is the name of .exe, not the full path) Answer :- control.exe Task 3 Change UAC Settings #3 :- What is the command to open User Account Control Settings? (The answer is the name of the .exe file, not the full path) Answer :- UserAccountControlSettings.exe Task 4 Computer Management #4.1 :- What is the command to open Computer Management? (The a...

Windows Fundamentals 3

Tryhackme - Windows Fundamentals 3 Task-1 Introduction #1:- Read the above and start the virtual machine. Answer:- No Answer Needed Task-2 Windows Updates #2:- There were two definition updates installed in the attached VM. On what date were these updates installed? Answer:- 5/3/2021 Task-3 Windows Security #3:- In the above image, which area needs immediate attention? Answer:- virus & threat protection Task-4 Virus & threat protection #4:- Specifically, what is turned off that Windows is notifying you to turn on? Answer:- Real-time protection Task-5 Firewall & network protection #5:- If you were connected to airport Wi-Fi, what most likely will be the active firewall profile? Answer:- public network Task-6 App & browser control #6:- Read the above. Answer:- No Answer Needed Task-7 Device security #7:- What is the TPM? Answer:- Trusted Platform Module Task-8 BitLocker #8:-...

Windows Fundamentals 1

TryhackMe - Windows Fundamentals 1 Task 1 - Introduction to Windows #1 :- Read above and start the virtual machine. Answer :- No Answer Needed Task 2 Windows Editions #2 :- What encryption can you enable on Pro that you can't enable in Home? Answer :- BitLocker Task 3 The Desktop (GUI) #3 :- Which selection will hide/disable the Search box? Answer :- Hidden #3.2 :- Which selection will hide/disable the Task View button? Answer :- Show Task View button #3.3 :- Besides Clock, Volume, and Network, what other icon is visible in the Notification Area? Answer :- Action Center Task 4 The File System #4 :- What is the meaning of NTFS? Answer :- New Technology File System Task 5 The Windows\System32 Folders #5 :- What is the system variable for the Windows folder? Answer :- %windir% Task 6 User Accounts, Profiles, and Permissions #6.1 :- What is the name of the other use...

Nehru

Search This Blog