Re: sat0ri RCE challenge/crackme – ten
Ok, So here is where I have hit a wall for now: the shl loads a value into the register that corresponds to a nearby mem location. That is obviously no coincidence. We then load 10h into a counter and...
View ArticleRe: sat0ri RCE challenge/crackme – ten
The routine is loading the bytes, xoring them with 0 and then putting them back just as they were. So as far as decryption goes, all I am getting is a secret pointer to some data? This is a very simple...
View ArticleRe: sat0ri RCE challenge/crackme – ten
ohhhh ok! Thanks! When i took a crack at this 2 months ago I planned to brute the entire thing. I dont think i would have ever of thought to brute this small embedded routine tho :<
View ArticleRe: sat0ri RCE challenge/crackme - eleven
Hey Borov, thanks for your solution, well done. Any comments? Enjoy the holidays! Regards, sharpe.
View ArticleRe: sat0ri RCE challenge/crackme – ten
Hello again, I wrote a really small bruteforce tool for the hidden decryption routine. I verified its outputs against cryptool and ran through all 255 possibilities but nothing stood out to me. I think...
View ArticleRe: sat0ri RCE challenge/crackme – ten
.data ciphertext db 000h,010h,0aeh, 010h,010h,010h, 010h,0a9h,010h, 012h,010h,010h, 09ah,014h,021h,024h .data? buffer db 16 DUP(?) hfile db 8 DUP(?) .code start: main: xor ebx,ebx inckey: mov esi,...
View ArticleFixing iOS Security with TrustR
The first iDevice security app, which keeps an eye out for vulnerable apps on your devices. The app is curently free but rumour has it, prices are going up soon. For more information, please read the...
View Articlewhere is sat0ri RCE challenge/crackme – three ?
Hi sat0ri, I can't find sat0ri RCE challenge/crackme – three challenge. Could you please to show me the link ? Thanks you very much P/S : Beside that, I want to thank you for re-uploaded challenge 4,...
View ArticleUTMessan talk on Social Engineering
I recently gave a talk about social engineering and conversational hypnosis at the UTMessan in Reykjavik. A couple hundred people came to listen. What a fascinating topic indeed. Here are a few...
View ArticleRe: where is sat0ri RCE challenge/crackme – three ?
VietNc, Great to see you here. I just uploaded sat0ri RCE challenge/crackme – three for you here:http://blog.sat0ri.com/wp-content/plugins/download-monitor/download.php?id=37 Again, thanks for letting...
View ArticleRe: sat0ri RCE challenge/crackme – ten
=) Thanks for the good fun. spoiler alert: http://pastebin.com/BzEysBeW (my python "solution")
View ArticleRe: sat0ri RCE challenge/crackme – ten
python solution, beautiful. Glad you had fun cybertek :)
View ArticleBlockmaster SafeXs Secure USB
Hi there, I have been toying with a SafeXs secure USB device. I found out lots about how it works, but I am still looking for ways to challenge the security of the device. If anyone has any insights or...
View ArticleRe: sat0ri RCE challenge/crackme – ten
Hi sharpe, The nerf darts should be a jpg image inside the resource sections 2001 and 2002. 2001 seems to be XOR crypted with the key 0x10101010. However, it appears there's more to it.. Any more...
View ArticleRe: sat0ri RCE challenge/crackme – ten
Hi JJ, There is indeed more. There is an image as you correctly pointed out, and there is something else as well. When you combine the Nerf darts with the something else, you'll be on the right track....
View ArticleRe: sat0ri RCE challenge/crackme – ten
Hi Sharpe, Heard the message :) but I can't figure out what the number is for. I don't really get what is meant by nerf darts. Is it the symbol representing 0x10? Happy new year to you too. JJ
View ArticleRe: sat0ri RCE challenge/crackme – ten
Hi JJ, Did you manage to decode the picture to the point where you can see it? If so, you'll be able to see some Nerf darts, how many? This combined with the hash that you heard must be hashed. When...
View ArticleRe: sat0ri RCE challenge/crackme – ten
Hey sharpe, Yay, managed to decode the picture. But why encrypt up to 0x208 bytes? I had a hard time to see when to stop XOR-ing the header. Anyway funny pic :) JJ
View ArticleRe: sat0ri RCE challenge/crackme – ten
Hi mate, I didn't want to completely obfuscate it, and 0x208 seemed like a good number at the time Now you know what I look like, although I rarely wear Nerf darts in public :) I wish you a good New...
View ArticleRe: sat0ri RCE challenge/crackme - eleven
Hi sharpe, I found a 57 bytes string inside the codes. Can I assume that when the string is decoded, it is an ASCII string? Dcoder's solution is 7361726964. As far as I know, the key should be a 128...
View Article