Reverse Engineering

Tryhackme - Reverse Engineering

crackme1

hint :- did you check the strings stored in the executable?

./crackme1.bin

chmod 777 crackme1.bin

Now I have the answer.

strings crackme1.bin

Let’s debug,

r2 -d ./crackme1.bin

and ..Analyze command - aaa then afl is list of functions and There’s a main function.

There’s password declaration and strcmp function.

pdf @main

Let’s look into variable’s value.

Set breakpoint at strcmp

db 0x56163a9737c7

dc

pdf @main

Now I have breakpoint.

px @ rsi

There’s a password.

#1 :- what is the correct password?

Answer :- hax0r

crackme2

Run the program

./crackme2.bin

strings ./crackme2.bin

Let’s debug,

r2 -d ./crackme2.bin

There’s a main function.

There’s comparison with value.

Convert from hexa to decimal

#2 :- What is the correct password?

Answer :- 4988

crackme3

Run the program

./crackme3.bin

Let’s debug

dc

pdf @main

Run another step.....

pdf @main

Let’s check the value

Variable “var28_h” is “rbp-0x28”.

px @ rbp-0x28

I just try to answer this and it’s correct.

#3 :- What are the first 3 letters of the correct password?

Answer :-azt

Comments

TryHackMe - Windows Fundamentals 2 Task 1 Introduction #1 :- Read above and start the virtual machine. Answer :- No Answer Needed Task 2 System Configuration #2.1 :- What is the name of the service that lists Systems Internals as the manufacturer? Answer :- PsShutdown #2.2 :- Whom is the Windows license registered to? Answer :- Windows User #2.3 :- What is the command for Windows Troubleshooting? Answer :- C:\Windows\System32\control.exe /name Microsoft.Troubleshooting #2.4 :- What command will open the Control Panel? (The answer is the name of .exe, not the full path) Answer :- control.exe Task 3 Change UAC Settings #3 :- What is the command to open User Account Control Settings? (The answer is the name of the .exe file, not the full path) Answer :- UserAccountControlSettings.exe Task 4 Computer Management #4.1 :- What is the command to open Computer Management? (The answer is the name of the .msc file, not the full

Windows Fundamentals 3

Tryhackme - Windows Fundamentals 3 Task-1 Introduction #1:- Read the above and start the virtual machine. Answer:- No Answer Needed Task-2 Windows Updates #2:- There were two definition updates installed in the attached VM. On what date were these updates installed? Answer:- 5/3/2021 Task-3 Windows Security #3:- In the above image, which area needs immediate attention? Answer:- virus & threat protection Task-4 Virus & threat protection #4:- Specifically, what is turned off that Windows is notifying you to turn on? Answer:- Real-time protection Task-5 Firewall & network protection #5:- If you were connected to airport Wi-Fi, what most likely will be the active firewall profile? Answer:- public network Task-6 App & browser control #6:- Read the above. Answer:- No Answer Needed Task-7 Device security #7:- What is the TPM? Answer:- Trusted Platform Module Task-8 BitLocker #8:- What must a user insert on computers that DO NOT have a TPM version 1.2 or la

Linux Fundamentals Part 1

TryHackMe - Linux FundamentalsPart 1 #1 :- Research: What year was the first release of a Linux operating system? Answer :-1991 #2 :- if we wanted to output the text "TryHackMe", what would our command be? Answer :-echo TryHackMe #3 :- What is the username of who you're logged in as on your deployed Linux machine? Answer :-tryhackme #4 :- On the Linux machine that you deploy, how many folders are there? Answer :-2 #5 :- Which directory contains a file? Answer :-folder4 #6 :- What is the contents of this file? Answer :-Hello World #7 :- Use the cd command to navigate to this file and find out the new current working directory. What is the path? An

Nehru

Search This Blog